Home > Services > Security > CSIRT

CSIRT

UCT CSIRT

UCT has created a Computer Security Incident Response Team, which will respond to, control and manage computer security incidents. Should the UCT network be compromised, they will resolve issues to ensure a return to normal operating conditions as soon as possible. They will also investigate the origin of incidents in order to prevent recurrences. CSIRT will also provide cyber security awareness on campus and will announce potential vulnerabilities and threats to hardware and software.

 

 

How to report a computer security incident

Send an email csirt@uct.ac.za and provide full details of the incident.


What is a computer security incident?

A computer security incident is the attempted or successful unauthorized access, disclosure, or misuse of computing systems, data or networks (including hacking and theft).
Security incidents could involve, but are not limited to, any of the following:

  • attempted or successful breaches of facilities or systems that store confidential information (either paper-based or in electronic format)
  • any violation of the UCT computer security policies and standards
  • unauthorized computer access of any kind
  • compromised user accounts or login details (e.g. sharing or hacking of passwords or access details)
  • the theft of a computing device (e.g. PC, laptop, tablet or mobile device) or any device containing UCT information (e.g. DVDs, flash drives or hard drives)
  • the loss, corruption or compromise of any UCT data
  • physical damage to computer systems
  • the presence of a virus, spyware, ransomware or any other malicious program
  • posting restricted or confidential data to publicly-accessible websites
  • sending restricted or confidential  data to unauthorised recipients

 

We are here to help

The CSIRT will

  • respond to, control and manage computer security incidents and facilitate a speedy and safe resolution,
  • ensure the timely investigation and assessment of security incidents
  • ensure a return to normal operating conditions on the UCT network should it in any way be affected by a security incident
  • speedily notify the UCT senior leadership on campus of serious security incidents
  • manage potential risks on campus and prevent the recurrence of incidents on campus,
  • provide education and advice on reporting and avoiding risks, and
  • announce potential vulnerabilities and threats to hardware and software on campus.