The future of your cyber security incident response team

Author: David Batho, Head of Incident Response

Formerly known as Janet CSIRT, exciting new changes are underway. The cyber landscape is changing, and so has our purpose as an incident response team. Ransomware and phishing attacks are significant threats to education. Therefore, we need to be proactive, partner with our members and provide accurate and timely threat intelligence. These ongoing developments make way for our new and improved service, Jisc CSIRT.

What’s new?

It is no longer just about the Janet Network. We need to focus on supporting members from their internal networks to cloud services to ensure they are protected and secure for threat actors.

We have a new professional and highly skilled team delivering our mission and supporting our members. The team have a dynamic approach to assisting organisations to improve their security posture. Our strategy will be proactive, open and adaptable to the ever-changing landscape. In addition, we are developing outreach and awareness training to ensure organisations are prepared for a cyber incident. It’s about changing the mindset; prevention is better than a cure.

Why is it changing?

Our members are vital to us, and our services must reflect their needs entirely. We aim to provide a world-class incident response service, and we can’t do that without adapting to the cyber threat landscape. So, we will be enhancing our monitoring, forensic investigations, and recovery services.

We appreciate your feedback or comments on delivering this transformation. Please get in contact irt@jisc.ac.uk; we would love to hear your thoughts about the new service or ideas you would like to see within our cyber security services.

As a member, what can I do?

There are common errors that organisations make which can lead to compromise. Validate and test your backups so you can recover from significant attacks and know what and where your critical assets are within the organisation. In addition, you should consider testing your disaster recovery program and ensure it meets the organisation’s needs and not just the IT department.

Train your staff and raise awareness as human error is often a cause of attacks, we’d love to help you with this as part of refocusing the service. Make sure you have a rigid patch management process to ensure your servers, networks, and physical objects are secure and protected from exploits.

Most importantly, we are here to support you as a member, so get in touch if you need any assistance or advice.

David and the CSIRT team deliver a ‘business continuity workshop’ at the Jisc security conference, 9 – 11 November 2021. Book your free ticket.

Leave a Reply

Your email address will not be published. Required fields are marked *