skip to primary navigationskip to content

IT Help and Support

University Information Services

Studying at Cambridge

 

Computer Security Incident Response Team (CSIRT)

CSIRT is a specialist IT security team. It co-ordinates the response to IT security incidents and threats with University IT staff.

What is CSIRT?

The Computer Security Incident Response Team (CSIRT) is a team of IT security staff that co-ordinates the response to IT security incidents. It works directly with IT staff around the University.

It operates during normal UIS working hours, 09:00 to 17:00, Monday to Friday (excluding Public Holidays).

What does CSIRT do?

CSIRT is a second-line IT support team that co-ordinates the response to IT security incidents with college and departmental IT staff. CSIRT is able to draw upon the expertise of other UIS teams such as Server Infrastructure, Networks and the Service Desk. It liaises with recognised IT contacts in every University institution.

CSIRT is not an IT Service Desk and it does not provide direct support to general staff or students. General staff or students contacting CSIRT will be referred to their local departmental\college IT staff, or the UIS Service Desk if appropriate.

CSIRT activities include:

  • Co-ordinating the response to IT security incidents, where required, at the University of Cambridge.
  • Monitoring IT security infrastucture to detect computer security incidents or problems.
  • Providing technical IT security advice and assistance.
  • Advising on, applying or where necessary, enforcing, University policy in IT security.
  • Providing IT security alerts.
  • Promoting IT security best practices.
  • Co-ordinating with JANET-CSIRT, CISP and other external organisations.

How to contact CSIRT

IT security incidents occur every day at the University. CSIRT is always interested in receiving information, reports or providing assistance.

In the event of an incident:

If you are a Computer Officer please contact CSIRT (or the UIS Service Desk).

Email:

Common incidents we can help with include:

  • To ask for technical advice regarding a virus\malware infection.
  • To check the authenticity of an usual email received by your staff/students – is it spam or is it real?
  • To request an exemption from a University security policy.
  • To request information (such as traffic logs) to assist with a security incident.

PLEASE NOTE: If you're not a Computer Officer (IT staff), you should contact your local college or departmental IT staff for assistance. Your local IT staff will contact CSIRT if required.


Emergency actions

Where a major IT security incident threatens IT infrastructure, IT services or data across the collegiate University, CSIRT can take emergency actions to protect the majority of the University community, and minimise the risk or impact of the threat – for example, a malware outbreak, DDoS attack or critically vulnerable system.

This can include the temporary blocking or disconnection of IT services, infrastructure or institutional networks, such that a threat is contained within a local institution.

Areas not covered by CSIRT

CSIRT is there to assist IT staff with computer security incidents. It does not provide assistance with other types of of incident, such as:

  • General IT incidents or problems.
  • Physical security threats, such as bomb alerts, theft or suspicious activity.
  • Human resource incidents, such as (cyber) bullying or disputes.
  • Financial fraud.
  • Criminal activities.
  • Prevent strategy.
  • IT service interruptions or downtime.
  • GDPR breaches.

The University has dedicated departments or teams that are responsible for these  types of incident. These should be contacted if assistance is required.

Getting help


UIS Service Desk
General support queries

  Phone padded  (01223 7) 62999

UAS Service Desk
Administrative staff queries

  Phone padded  (01223 3) 32999

UIS bITe-size bulletin


A regular newsletter aimed at the University's IT community, highlighting service and project news from UIS.

Sign up >  |  Back issues

UIS Service Status

Phone padded  Service status line: (01223) 463085
Website padded  Sign up for SMS/email status alerts

RSS Feed Latest news

All University members now have access to Google G Suite@Cambridge

May 07, 2019

UIS enrolled all members of the University in our Google G Suite account, known as G Suite@Cambridge, on 2 May.

Upgrade Windows 7 machines before the operating system reaches end of life on 14 January 2020

Apr 30, 2019

Microsoft will stop supporting Windows 7 on 14 January 2020. The good news is that you may be entitled to a free upgrade to Windows 10, if your institution is participating in the University's EES agreement.

View all news