incident response

3 August 2018 at 9:51am

WHOIS access for CSIRTs

Andrew Cormack
Data Protection Regulation
WHOIS
Domain Names
incident response
Over recent months the GDPR has given extra weight to concerns - originally expressed by regulators fifteen years ago - about public access to information about individual registrants of DNS domains. This article considers the use of this WHOIS data by those handling information security incidents, and why this represents a benefit, rather than a risk, to the objectives of data protection law.
Read more
11 July 2018 at 10:59am

Incident Statistics for June 2018

James Cleeter
Janet CSIRT
incident response
incident statistics
These statistics only relate to information collated by Janet CSIRT and do not provide an accurate sample of security activity across the research and education sectors. The figures are frequently more closely correlated to the activity of CSIRT and our detection of events rather than their actual rates of incidence. For example: a successful investigation by researchers into a botnet will cause that month's malware figures to rise even though the malware may have been active in previous months.
Read more
11 July 2018 at 11:02am

Incident Statistics for May 2018

James Cleeter
Janet CSIRT
incident response
incident statistics
These statistics only relate to information collated by Janet CSIRT and do not provide an accurate sample of security activity across the research and education sectors. The figures are frequently more closely correlated to the activity of CSIRT and our detection of events rather than their actual rates of incidence. For example: a successful investigation by researchers into a botnet will cause that month's malware figures to rise even though the malware may have been active in previous months.
Read more
11 July 2018 at 11:00am

Incident Statistics for April 2018

James Cleeter
Janet CSIRT
incident response
incident statistics
These statistics only relate to information collated by Janet CSIRT and do not provide an accurate sample of security activity across the research and education sectors. The figures are frequently more closely correlated to the activity of CSIRT and our detection of events rather than their actual rates of incidence. For example: a successful investigation by researchers into a botnet will cause that month's malware figures to rise even though the malware may have been active in previous months.
Read more
25 June 2018 at 7:55am

Learning from Incidents

Andrew Cormack
incident response
#firstcon2018
It's only lunchtime on the first day of the FIRST Conference 2018, and already two talks have stressed the importance and value of reviewing incidents over both the short and long terms. In the very different contexts of an open science research lab (LBNL) and an online IPR-based business on IPR (Netflix), a common message applies: "don't have the same incident twice".
Read more
4 June 2018 at 2:29pm

Incident Statistics for May 2018

James Cleeter
Janet CSIRT
incident response
incident statistics
These statistics only relate to information collated by Janet CSIRT and do not provide an accurate sample of security activity across the research and education sectors. The figures are frequently more closely correlated to the activity of CSIRT and our detection of events rather than their actual rates of incidence. For example: a successful investigation by researchers into a botnet will cause that month's malware figures to rise even though the malware may have been active in previous months.
Read more
4 June 2018 at 2:21pm

Incident Statistics for April 2018

James Cleeter
Janet CSIRT
incident statistics
incident response
These statistics only relate to information collated by Janet CSIRT and do not provide an accurate sample of security activity across the research and education sectors. The figures are frequently more closely correlated to the activity of CSIRT and our detection of events rather than their actual rates of incidence. For example: a successful investigation by researchers into a botnet will cause that month's malware figures to rise even though the malware may have been active in previous months.
Read more
25 May 2018 at 9:19am

DPIA - Security Operations Centre

Andrew Cormack
Data Protection Regulation
incident response
Delighted to report that our first Data Protection Impact Assessment, for the Janet Security Operations Centre, is now publiushed at http://repository.jisc.ac.uk/6847/1/Jisc_security_operations_centre_-_data_protection_impact_assessment.pdf Thanks to the SOC and GDPR teams who made this happen!
Read more
1 May 2018 at 9:15am

Incident response, logfiles and the GDPR

Andrew Cormack
GDPRtopics
incident response
Data Protection Regulation
The Article 29 Working Party has recently highlighted the importance of detecting and mitigating information security breaches.
Read more
20 April 2018 at 9:34am

Incident Statistics for March 2018

James Cleeter
incident statistics
incident response
Janet CSIRT
  These statistics only relate to information collated by Janet CSIRT and do not provide an accurate sample of security activity across the research and education sectors. The figures are frequently more closely correlated to the activity of CSIRT and our detection of events rather than their actual rates of incidence. For example: a successful investigation by researchers into a botnet will cause that month's malware figures to rise even though the malware may have been active in previous months.
Read more
Subscribe to incident response