CIRT Charge/Mission
Background
Brown University's Computing and Information Services organization,
as well as many others at Brown, have been adversely affected by the
increase in number and the severity of malicious threats that have
impacted the global computing community. These threats are delivered in
many forms: malicious code (viruses, worms, trojans) and exploitation of
undiscovered and unpatched software vulnerabilities (hacking), and
improperly configured software or servers. In addition to loss or
slowing of services and loss or theft of data, Brown University may be
liable for damage to organizations that results from negligence in
administrating Brown's networked devices.
Further, abuse of services for the distribution of unauthorized
commercial email (improperly but commonly referred to as "spam") and
unauthorized use and distribution of copyrighted material continues to
expose Brown University to potential penalties as well.
CIS is working with the Brown community to implement reasonable IT
policies and procedures to secure computing and information services and
to adequately protect the data security, confidentiality, and
accessibility of our networked information without significantly
compromising intellectual freedom.
Responsibilities of CIRT
- Identify categories of malicious activity that threaten Brown
University's computing infrastructure. These categories are constantly
evolving. They include, but are not limited to, the following:
- Denial of Service attacks
- Rapidly spreading or highly virulent malicious code (viruses, worms, trojans)
- Unauthorized utilization of services by Brown community members or others
- Unauthorized access to protected computing and information services by Brown community members or others
- Technical support for investigations approved by authorized Brown representatives, on behalf of the University
- Ongoing threats not yet defined
- Coordinate appropriate responses to counter malicious threats
- Develop group-level response procedures so that there is archival
documentation and clear understanding of roles across CIS and non-CIS
groups
- Periodically review processes utilized for Incident Response and make recommendations for improvements to the CIRT Director, as appropriate
- Be aware of developing security issues affecting computing and information services
Membership
The CIRT is composed of representatives (and their alternates) from several major groups within CIS
:
| CIS Group |
CIRT Members |
| CIRT Director |
David Sherry (Chief Information Security Officer) |
| Systems/Technical Director |
John Spadaro |
| Network Technology |
Paul Rondina, Elvis Seth, Tim Wells |
| Systems & Services |
Steven McKay, Peter Tirrell |
| Help Desk |
Michele Blanchette, Christine Brown, Kathy Dorion, Chris Grossi |
| Windows Systems |
Adam Chiodini |
| Unix Systems |
Thomas DuVally, Nancy Magers, Robert Morse |
| Operations/Admin |
David Rollins, Linnea Wolfe |
| Admin Systems |
Paulo Baptista, John Dick, Michael Rosendale, Lea Snyder |
| IT Security |
Robert Fletcher, Steve Hasson |
| Communications |
Pat Falcon |
| Type of Incident |
Incident Coordinators |
| Email-Bourne Malware |
John Spadaro |
| Malware other than Email-Bourne |
Peter Tirrell |
| Network Issues |
Tim Wells |
| Power Issues |
David Rollins |
|