MYREN – Computer Security Incident Response Team (CSIRT)

                 The internet has changed the way in which our world works. It has opened doors to information, people and communication but has unfortunately also opened doors to criminal elements. MYREN Computer Security Incident Response Team  includes detecting and responding to computer security incidents as well as protecting critical data, assets, and systems to prevent incidents from happening. Actions taken to prevent or mitigate ongoing and potential computer security events and incidents can involve tasks performed by a wide range of participants across the network. 

Mission

“MYREN provides information and assistance to its members in implementing proactive measures to reduce risks of computer security incidents as well as to responding to such incidents when they occurs.Providing situational awareness and reporting on cybersecurity status, incidents, and trends in adversary behaviour to appropriate organisations”

Vision

MYREN-CSIRT’s vision is to be a trusted global network in cybersecurity – collaborative, agile, and responsive in a complex environment.

 

Response to confirmed incidents, by coordinating resources and directing use of timely and appropriate countermeasures.

 

MYREN-CSIRT will work to help create a safe, clean and reliable cyber space in its network through global collaboration

What is a Security Incident?

Security incidents are classified as high risk, medium risk or low risk.

High risk   

  • Threatens to have a significant adverse impact on a large number of systems and/or people
  • Poses a potential large financial or reputational risk or legal liability to the university
  • Threatens confidential data (i.e. a server that contains staff and students’ personal information, financial data, learning management system, internet server or a major portion of the MYREN network)
  • Poses a significant and immediate threat to human safety (i.e. death threats)
  • High probability of propagating too many other systems on or off campus and causing significant image or disruption

Medium risk

  • Adversely impacts a moderate number of systems and or people (i.e. an individual department, unit or building)
  • Adversely impacts a non-critical enterprise or system or service
  • Adversely impacts a departmental system or service, such as a departmental file server
  • Disrupts a building or departmental network
  • Has a moderate probability of propagating to other systems on campus and/or off campus and or causing moderate damage or disruption

Low risk

  • Adversely impacts a very small number of systems or individuals
  • Disrupts a very small number of network devices or segments
  • Has little or no risk of propagation or causes only minimal disruption or damage

We are here to help

MYREN CSIRT  will

  • Respond, control and manage computer security incidents and facilitate a speedy and safe resolution.
  • Additional in depth review of all IT security plans and procedures.
  • Central communication point when incidents occur.
  • Promote IT security awareness and can manage audits and drills.
  • Assist in evaluation of new technologies and techniques prevention and containment.
  • Provide risk management analysis of IT implementations and how it affects the organisation.
  • Investigating new security vulnerabilities and threats and the most adequate response.
  • Perform the action of the emergency contact group for the organisation.
  • Perform the role of IT emergency system management for all remotely stored system critical information such as: passwords, IP lists, network configurations, firewall rule sets, escalation procedures, etc.
  • Ensure a return to normal operating conditions on the MYREN network should it in any way be affected by a security incident.

Benefits

  • Increased predictability and reduced uncertainty of business operations.
  • Plans contain information for dealing with protection and prevention
  • Part of disaster recovery and business continuity
  • Structure to optimise the allocation of resources.
  • Foundation for effective risk management.
  • A level of assurance that critical decisions are not based on faulty information.
  • Accountability for safeguarding information.