RFC 2350.txt
—
Plain Text,
5 KB (5698 bytes)
File contents
RFC 2350 (BCP 21) Description of University of Cambridge Computer Security Incident Response Team (CSIRT) 1: Introduction This is the RFC 2350 for the University of Cambridge Computer Security Incident Response Team (CSIRT). 2: Scope <section intentionally blank> 3: Information, Policies and Procedures 3.1: Obtaining the Document Date of last update: 2019-04-09 Locations where this Document May Be Found: https://help.uis.cam.ac.uk/service/security/csirt/CSIRT-RFC2350 3.2: Contact Information Full Name: University of Cambridge Computer Security Incident Response (UIS) Team Short Name: CSIRT Mailing address: CSIRT University Information Services Roger Needham Building Cambridge United Kingdom CB3 0RH Timezone: GMT/UTC (GMT/UTC+0100 in Summer Time) Telephone Number: +44 1223 767077 (CSIRT) (Primary Contact) +44 1223 762999 (UIS Service Desk) (Secondary Contact) Electronic Mail Address: csirt [AT] uis . cam . ac . uk Public keys and encryption: Emails or files sent to CSIRT can be encrypted, but it is not required. PGP public key as follows: -----BEGIN PGP PUBLIC KEY BLOCK----- mQGNBFy0V8EBDADLXmS1lvvIbUrAWMBsdzsMmSV1g4tlMjlsqKGZ+KhtNz3j+pe2 H487kf4JSHia2dcQP82ZbHsXKH/1Bs4WK57R1S2fK/BDZ1I7UaSocTnN4rfHBFH2 pG+JCBf72imAeMTKl57MO54Xx2UTwC2Qoydc/G+VvXYRqMeJGB7pHTt6ojKBODpY B9xZWLHPlGHnlYL36mXohhykgsmX/XCVVRZO1+NaThLGBNutiipENiIBUj675QDV u92R9Ci49vPT+y8vzoe5kzKIKU6KHL7dxuu++nMV1CYX+vV6Uo/HmZ0sHb9jx1b4 RGIkpNox0rQ1xDumIt/+0aM7rciTNhw9vN1MbBxUoohnGOHQpN5DTX77KMoapvRA z4uw2ueg7NH6FJI3yJafH+WCGEaYU5DEBemWXZQIfFPnCSH/eAJVs3Ve4vOwwP+Y 31LCx5K3taLtLVaPGGuu/cq7jz+U+rOPD3/JvhYbRkNOHAEqvsSw1v9AnnRlP7ST LW6hwFkYCg6xtG0AEQEAAbQbQ1NJUlQgPENTSVJUQHVpcy5jYW0uYWMudWs+iQHU BBMBCgA+FiEEpC3RJAbSmIUf8sfwhDswVNbsUvIFAly0V8ECGwMFCQPCZwAFCwkI BwIGFQoJCAsCBBYCAwECHgECF4AACgkQhDswVNbsUvJHMQv/RKdLVI2uU+jZNogN ekjihuhcnERXLQKuAVRCVG+xzNPQiXa2Y4fisWJiIOQdlD0hT/dIEeyUSw/O+Gwo CEUldHboTD0tcfdcQqeqbexw7YSzdagcp5L0JIA7iUM9PzkZqG1wcQ83Mnl3DCB0 A6USgXjYh692cvuaHH0xlzHSUo5N3KmbmUbx5gEJF6C/KKz5SwSTK7JiQP24hbBP cZW8TeBCFeg7GmyRYaWSSGyVkNii2nU7c8VMGNQ8+K/wvBEOW8eQ9rEwVmC+7Vww wMMSoqw622BYwky9jv9Su2+MciXYInIjjjldTl87cotyAEGek5mwbn46MvRyst94 lSHnWCG4yg041fynhINdZPyfogWTt2Mo1d+C20sm3oKqdVVHWaBR0tdwOeFisbc6 OyW1fd+5kvPs5g7MGJmlnxLbHqsN4SN4buuD+ALjN6kfv+ncPP3LM/4y1XIcZWEe y69jKojK8LN//sGL/hLD6M1jiZN9kVwxVeN+GTTo5Ck82JwFuQGNBFy0V8EBDADb s/OT2xsL7bWqljxWd6UfStxQ+vFM8p/yNKtMKihcqPx3Ca2vghRdq/W3efQVlkdq W/syJF0QPQscCOEYVFAAnGVyUALtmzymttF8+oDvs3vdW09LDqAX3j+y/Eq2H/hL JV8RuSXsPxnSHPZGAMUQYUWP+0/qpxHNL3JomXXl5yaDkPSSTxEERsFOI+SziVHd rc1zJoPqjC7j8A7Xvj72b93em8QROXqwJBtBG716jOL/RnTEZjoFYLN7Q0jJSd4+ HzF/2/68Ytia6KaMQx8bMjXoJT2/Ro+tAOGSnEPbiqL+k3v+M35/qElzmI8yDFBd 21EF35ODeHlkcKBhmCAvq4eoZRj8BEhFh6lrkfb0j5KV18EB+2dgRdBsi6xbWdkX TQO95oT+sccsK3JOeg5l3Tp0lrvq4qM/E50VZGStv5SiJieicdFZYk3CFoTABmis x2/1cLPKu2t3S1xxwVjjxWZ90DiA84gh0QgQBltALNUbFtp+PmkEeiVvJqXE6D0A EQEAAYkBvAQYAQoAJhYhBKQt0SQG0piFH/LH8IQ7MFTW7FLyBQJctFfBAhsMBQkD wmcAAAoJEIQ7MFTW7FLyKO0MAMmUcJEAgd2nA9LJqQDWkzVVrDmgF489OkVJsD3R NM86wc9BNCfcSBWHWL3qvEHWefsELInNRijp4UosZRPfu7xSn3WdlQW1kUG2UbwY CqR2ovA+dpfDpioXTy9JLncxk7wrtqcCP+P0cPds7NVECaGQdFRrueCFCa3/1XpX XLEl4rpMXRWxkuBohSb5PNXEUx9fD2nqy87txtHsyQlGPnrCyWLzcvgWr9kKVRBv VdKzShsDI5pvAYq+PTKqdhSaBkfrXosCRPP2VxyCiwvOo5N+NBXcBMm54DbBaFau EUWnMnc4yvvjSgOacnRO0a4uEbC9OvWKVSc0xHqDti/3kkliZdtCjmQ4sIx9lSWd x7bGbQVctsbvUiJimhO3umFs5aJ2Dbv/W0sWlcXKUVHb1tUPPo8hjEIAvFUQ0XAG xZOwOtA6/6O3WAEjxai/OWHiraECkU8/OQ9gd6iyA2LEw03mU/rwGy19uBe9UIoE sju3Uuu6bLTEFzUYoxb5mmpyjw== =iZEP -----END PGP PUBLIC KEY BLOCK----- Operating Hours: Emails are monitored Monday to Friday, 9.00 to 17.00 3.3: Charter 3.3.1: Mission Statement The main areas of responsibility of CSIRT are: Dealing with Information Security incidents that are within the CUDN (Cambridge University Data Network). Serving as a single point of contact for national and foreign CERTs/CSIRTs. Co-ordinating the response in case of incident escalation. 3.3.2: Constituency IT infrastructure and services located on the Cambridge University data Network (CUDN). 3.3.3: Sponsoring Organization / Affiliation CSIRT is a service within the University of Cambridge Information Services department. We are endorsed by the Information Services Committee of the University of Cambridge. We act as the SPOC for JISC CSIRT for matters relating to the University of Cambridge and we work with other Legal Enforcement Agencies. 3.3.4: Authority CSIRT has the authority to act on all incidents that cause, or could cause, detriment to the confidentiality, integrity and availability of Cambridge University IT assets. 3.4: Policies All incidents are considered normal priority unless they are labelled EMERGENCY. CSIRT works closely with UK and EU institutions & law enforcement agencies. All relevant UK Data Protection Laws apply. In the case of criminal action, these will be reported to the appropriate authorities. 3.5: Services Incident Response Incident Triage Incident Co-ordination 3.6: Incident Reporting Forms Incident reporting forms are not used. 3.7: Disclaimers This document is provided on an "as is" basis and does not imply any kind of guarantee of service provided by the University of Cambridge. While every precaution will be taken in preparation & dissemination of information and security alerts, CSIRT assumes no responsibility to external (Non-University of Cambridge organisations and users) for errors, omissions, or for damages resulting from the use of the information provided within this document or our security communications.