Educause Security Discussion mailing list archives
Re: SOP for Managing Phishing/Ransomware Attempts
From: Frank Barton <bartonf () HUSSON EDU>
Date: Wed, 10 Aug 2016 22:18:48 -0400
Add me to the list of folks that would be interested in knowing what others have set up. We work on this on an ad-hoc basis, looking at a how many times we see a specific message. I will note that when I do see a phishing email from a compromised account at another educational institution, I do make a point of calling to let them know. Frank On Wed, Aug 10, 2016 at 6:50 PM, David D Grisham <DGrisham () salud unm edu> wrote:
As we are just setting up phishing campaigns and reporting buttons, I
would like to communicate with anyone who has set up standards, procedures,
etc. for a large campus environment with multiple units.
Cheers.-grish
*David Grisham*
David Grisham, PhD, CISM, CRISC, CHS III
Manager, ITSecurity, UNM Hospitals, UNM Health Science Center
505.272.5657
Dgrisham () salud UNM edu
*From:* The EDUCAUSE Security Constituent Group Listserv [mailto:
SECURITY () LISTSERV EDUCAUSE EDU] *On Behalf Of *Rob Cherveny
*Sent:* Wednesday, August 10, 2016 4:12 PM
*To:* SECURITY () LISTSERV EDUCAUSE EDU
*Subject:* Re: [SECURITY] SOP for Managing Phishing/Ransomware Attempts
I'd be interested in your document as you progress. Unfortunately, we're
ad hoc.
Thanks.
Rob
--
Rob Cherveny, PMP
Director, Information Security
University of North Georgia
On Aug 10, 2016, at 17:57, Christopher Jones <Christopher.Jones () UFV CA
<Christopher.Jones () ufv ca>> wrote:
We are looking at revamping our current procedures for managing phishing
and ransomware attempts. What we have in place now is fairly informal, but
are looking to develop a more formal plan. If anyone has gone through this
process and would be willing to share, that would be most appreciated.
Specifically, we could use information such as:
1. Thresholds for when to generate general university-wide alerts
2. Number of phishing messages received before a “search and destroy”
operation is implemented to remove malicious messages from inboxes
Thanks.
Christopher Jones
IT Security Analyst
University of the Fraser Valley
Christopher.Jones () ufv ca
-- Frank Barton ACMT IT Systems Administrator Husson University
Current thread:
- SOP for Managing Phishing/Ransomware Attempts Christopher Jones (Aug 10)
- Re: SOP for Managing Phishing/Ransomware Attempts Rob Cherveny (Aug 10)
- Re: SOP for Managing Phishing/Ransomware Attempts David D Grisham (Aug 10)
- Re: SOP for Managing Phishing/Ransomware Attempts Frank Barton (Aug 10)
- Re: SOP for Managing Phishing/Ransomware Attempts James Valente (Aug 10)
- Re: SOP for Managing Phishing/Ransomware Attempts David D Grisham (Aug 10)
- Re: SOP for Managing Phishing/Ransomware Attempts Rob Cherveny (Aug 10)
- Re: SOP for Managing Phishing/Ransomware Attempts James Valente (Aug 10)
- Re: SOP for Managing Phishing/Ransomware Attempts Steven Alexander (Aug 10)
- Re: SOP for Managing Phishing/Ransomware Attempts Frank Barton (Aug 11)
- Re: SOP for Managing Phishing/Ransomware Attempts Keith Hartranft (Aug 11)
- Re: SOP for Managing Phishing/Ransomware Attempts Joel Anderson (Aug 13)
- Re: SOP for Managing Phishing/Ransomware Attempts Keith Hartranft (Aug 16)
- Re: SOP for Managing Phishing/Ransomware Attempts Wall Wofford (Aug 16)
- Re: SOP for Managing Phishing/Ransomware Attempts Sue Rivera (Aug 16)
- Re: SOP for Managing Phishing/Ransomware Attempts Keith Hartranft (Aug 16)
- Re: SOP for Managing Phishing/Ransomware Attempts Steven Alexander (Aug 10)