Educause Security Discussion mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Examples of Incident Response Policies for the InfoSec Guide

From: Matthew Coons <coonsm () UMICH EDU>
Date: Tue, 26 Feb 2019 13:33:20 -0500
Here's a few public facing incident response related resources that we have
available.

Incident Response policy:

   - https://spg.umich.edu/policy/601.25

Guidance describing what do do when you believe there may be an IT security
incident:

   - https://www.safecomputing.umich.edu/report-it-security-incident

Guidance for U-M IT staff - What to expect when you work with information
assurance during the IT security incident response process:

   -
   https://www.safecomputing.umich.edu/report-it-security-incident/responding-it-security-incident

Incident response quick reference guide:

   - https://drive.google.com/file/d/0B7N7285AKQPudGstNjltRUxhTlE/view


Thanks!

Matt Coons
Incident Responder and Threat Analyst
Information & Infrastructure Assurance (IIA)
University of Michigan

734-764-4105
coonsm () umich edu


On Thu, Feb 21, 2019 at 3:02 PM Williams, Matthew (wilmh) <
wilmh () ucmail uc edu> wrote:


Univ. of Cincinnati’s IR Policy, Procedure, and Escalation Guideline are
available at https://www.uc.edu/infosec/policies.html.



*—*

*Matthew Williams*

*CISSP, CISM, GSLC, GSTRT, ITIL V3*

Director

Office of Information Security | University of Cincinnati

Direct - 513-556-3708 | Dept - 513-558-ISEC (4732)

matthew.williams () uc edu | www.uc.edu/infosec

*Secure the Present, Protect the Future.*





*From: *The EDUCAUSE Security Community Group Listserv <
SECURITY () LISTSERV EDUCAUSE EDU> on behalf of "Boyce-Werner, Rori" <
Rori.Boyce-Werner () UNH EDU>
*Reply-To: *The EDUCAUSE Security Community Group Listserv <
SECURITY () LISTSERV EDUCAUSE EDU>
*Date: *Thursday, February 21, 2019 at 10:31 AM
*To: *"SECURITY () LISTSERV EDUCAUSE EDU" <SECURITY () LISTSERV EDUCAUSE EDU>
*Subject: *Re: [SECURITY] Examples of Incident Response Policies for the
InfoSec Guide



Our Incident Response Plan is publicly available here:




https://www.unh.edu/it/sites/www.unh.edu.it/files/unh_information_security_incident_response_plan_v5.pdf





*Rori Boyce-Werner*

*Information Security Compliance Program Manager*

University of New Hampshire <http://www.unh.edu/>

Information Security Services (ISS)
<http://www.unh.edu/it/information-security-services>

d.  (603) 862-2377

m. (603) 731-9071



[image: ISS UNH logo]







*From:* The EDUCAUSE Security Community Group Listserv <
SECURITY () LISTSERV EDUCAUSE EDU> *On Behalf Of *randy
*Sent:* Wednesday, February 20, 2019 2:37 PM
*To:* SECURITY () LISTSERV EDUCAUSE EDU
*Subject:* Re: [SECURITY] Examples of Incident Response Policies for the
InfoSec Guide



*Caution - External Email*
------------------------------

Our sanitized IR guidelines doc is publicly available. That and some other
info is at https://security.vt.edu/incident.html
<https://urldefense.proofpoint.com/v2/url?u=https-3A__security.vt.edu_incident.html&d=DwMFaQ&c=c6MrceVCY5m5A_KAUkrdoA&r=4eyhFgFmnQGIGTNrMQLkE-2RuqqnJ9DeKpK8A0XqnNg&m=czp0MHiCvsqikt9S8zLVJvp7TaY6Ya_A7vPGDtxeiBI&s=n06elwlbRvd2V_wkIRcSasi9lLarr2YAHefs5QmgaH4&e=>
.



-Randy Marchany

VA Tech IT Security Office and Lab



On Wed, Feb 20, 2019 at 2:30 PM Valerie Vogel <vvogel () educause edu> wrote:

Good afternoon,



Does your campus have publicly facing Incident Response policies and/or
procedures that you’d be willing to share?



We are looking for current links to include as examples in the Information
Security Guide’s Incident Management and Response chapter (
https://www.educause.edu/focus-areas-and-initiatives/policy-and-security/cybersecurity-program/resources/information-security-guide/incident-management-and-response
<https://urldefense.proofpoint.com/v2/url?u=https-3A__www.educause.edu_focus-2Dareas-2Dand-2Dinitiatives_policy-2Dand-2Dsecurity_cybersecurity-2Dprogram_resources_information-2Dsecurity-2Dguide_incident-2Dmanagement-2Dand-2Dresponse&d=DwMFaQ&c=c6MrceVCY5m5A_KAUkrdoA&r=4eyhFgFmnQGIGTNrMQLkE-2RuqqnJ9DeKpK8A0XqnNg&m=czp0MHiCvsqikt9S8zLVJvp7TaY6Ya_A7vPGDtxeiBI&s=HaDiNPGkPeoYSgdwyVgK4Oo2_ukw5fAb82gPoRay_Qo&e=>).




These links may also be added to the Guide’s Information Security Policy
Examples page (
https://www.educause.edu/focus-areas-and-initiatives/policy-and-security/cybersecurity-program/resources/information-security-guide/security-policies/information-security-policy-examples
<https://urldefense.proofpoint.com/v2/url?u=https-3A__www.educause.edu_focus-2Dareas-2Dand-2Dinitiatives_policy-2Dand-2Dsecurity_cybersecurity-2Dprogram_resources_information-2Dsecurity-2Dguide_security-2Dpolicies_information-2Dsecurity-2Dpolicy-2Dexamples&d=DwMFaQ&c=c6MrceVCY5m5A_KAUkrdoA&r=4eyhFgFmnQGIGTNrMQLkE-2RuqqnJ9DeKpK8A0XqnNg&m=czp0MHiCvsqikt9S8zLVJvp7TaY6Ya_A7vPGDtxeiBI&s=8ZL3MzzK0LUrRyy0seSkVEqXK_wXKg-hxY8b2dLrA5s&e=>)
under the Incident Management and Response section.



Thank you!

Valerie



*Valerie Vogel *

Interim Director, Cybersecurity Program


*EDUCAUSE **Uncommon Thinking for the Common Good*

direct: 202.331.5374 | Follow HEISC on LinkedIn
<https://urldefense.proofpoint.com/v2/url?u=https-3A__www.linkedin.com_showcase_higher-2Deducation-2Dinformation-2Dsecurity-2Dcouncil-2Dheisc-2D_&d=DwMFaQ&c=c6MrceVCY5m5A_KAUkrdoA&r=4eyhFgFmnQGIGTNrMQLkE-2RuqqnJ9DeKpK8A0XqnNg&m=czp0MHiCvsqikt9S8zLVJvp7TaY6Ya_A7vPGDtxeiBI&s=UfZtY1aePaNINxauyOpOhoZ-e21d25imnL7LHoVEprY&e=>
| twitter: @HEISCouncil | vvogel () educause edu

Previous By Date Next
Previous By Thread Next

Current thread: