skip to content

IT Help and Support

University Information Services
 

CSIRT is a specialist IT security team. It co-ordinates the response to IT security incidents and threats with University IT staff.

What is CSIRT?

The Computer Security Incident Response Team (CSIRT) is a team of IT security staff that co-ordinates the response to IT security incidents. It works directly with IT staff around the University.

It operates during normal UIS working hours, 09:00 to 17:00, Monday to Friday (excluding Public Holidays).

 

What does CSIRT do?

CSIRT is a second-line IT support team that co-ordinates the response to IT security incidents with college and departmental IT staff. CSIRT is able to draw upon the expertise of other UIS teams such as Server Infrastructure, Networks and the Service Desk. It liaises with recognised IT contacts in every University institution.

CSIRT is not an IT Service Desk and it does not provide direct support to general staff or students. General staff or students contacting CSIRT will be referred to their local departmental\college IT staff, or the UIS Service Desk if appropriate.

CSIRT activities include:

  • Co-ordinating the response to IT security incidents, where required, at the University of Cambridge.
  • Monitoring IT security infrastucture to detect computer security incidents or problems.
  • Providing technical IT security advice and assistance.
  • Advising on, applying or where necessary, enforcing, University policy in IT security.
  • Providing IT security alerts.
  • Promoting IT security best practices.
  • Co-ordinating with JANET-CSIRT, CISP and other external organisations.

 

What is the process for contacting CSIRT about an incident?

  • If you are a Computer Officer (or similar), and you have identified a potential security incident, then please contact CSIRT.
  • If you are a general member of staff, or a student, then please contact your designated IT Service Desk first.

This process is summarised in this diagram:


How to contact CSIRT

IT security incidents occur every day at the University. CSIRT is always interested in receiving information, reports or providing assistance.

Email:

Common incidents we can help with include:

  • To ask for technical advice regarding a virus\malware infection.
  • To check the authenticity of an usual email received by your staff/students – is it spam or is it real?
  • To request an exemption from a University security policy.
  • To request information (such as traffic logs) to assist with a security incident.

PLEASE NOTE: If you're not a Computer Officer (IT staff), you should contact your local college or departmental IT staff for assistance. Your local IT staff will contact CSIRT if required.

 

Emergency actions

Where a major IT security incident threatens IT infrastructure, IT services or data across the collegiate University, CSIRT can take emergency actions to protect the majority of the University community, and minimise the risk or impact of the threat – for example, a malware outbreak, DDoS attack or critically vulnerable system.

This can include the temporary blocking or disconnection of IT services, infrastructure or institutional networks, such that a threat is contained within a local institution.
 

Areas not covered by CSIRT

CSIRT is there to assist IT staff with computer security incidents. It does not provide assistance with other types of of incident, such as:

  • General IT incidents or problems.
  • Physical security threats, such as bomb alerts, theft or suspicious activity.
  • Human resource incidents, such as (cyber) bullying or disputes.
  • Financial fraud.
  • Criminal activities.
  • Prevent strategy.
  • IT service interruptions or downtime.
  • GDPR breaches.

The University has dedicated departments or teams that are responsible for these  types of incident. These should be contacted if assistance is required.

UIS Service Desk

Phone padded  Service status line: (01223 7)67999
Website  Sign up for SMS/email status alerts
Website  Read major IT incident reports

UIS bITe-size bulletin

A regular newsletter aimed at the University's IT community, highlighting service and project news from UIS.

Sign up >

Latest news

DS-Print: Common Balance temporarily enabled with £20 overdraft

3 October 2022

On 28 September, we withdrew eCredit for DS-Print whilst we investigated reports of users being unable to access the eCredit web portal to purchase Common Balance print credit. As a temporary measure, while a fix is implemented for eCredit in order to resolve these issues, we have enabled all users with a £20 overdraft on...

macOS Ventura release

30 September 2022

Apple will soon be releasing macOS Ventura. Following its release, they will drop support for macOS Catalina (10.15). All users running macOS Catalina are encouraged to upgrade to one of the following supported operating systems: macOS Ventura (when released) macOS 12 Monterey (compatible computers: https://support.apple...

Change to display names in Lookup from 06 October 

30 September 2022

What is happening From 06 October, UIS will be updating the Display name records in Lookup to use people’s Preferred first name initials. This supports a user-friendly move toward using everyone’s preferred names, rather than their Registered name. If you have personally set your own Display name in Lookup, you will not be...