When a security incident takes place, there are specific steps to take when working with OxCERT.
This process is used for reporting significant security events, such as the following:
- Unauthorised access or data breaches
- Disclosure of access credentials
- Acceptable use policy breaches
- Malware or intrusions involving systems that process or store sensitive information
- Intrusions that involve more than one system (lateral movement)
- Incidents that represent a significant risk to a department or the campus
- Advanced malware such as ransomware, remote access trojans (RAT), information stealers, etc.
- Physical data compromise or loss, e.g. theft or loss of computer equipment including storage devices
If you are a member of IT Support Staff, or a senior college/departmental officer or administrator, then working with OxCERT will help you to:
- Manage security incidents at the University of Oxford
- Combat rising security and accountability risks
- Reduce associated costs
If you are not a system administrator and suspect a violation of your computer's security has occurred, please contact your department's or college's IT Support Staff immediately. In case you are unable to contact your local support team, please do not hesitate to contact OxCERT directly.