CSIRT

Woman staring at computer screen

Safeguard your computer security with ongoing support from our dedicated computer security incident response team.

The cyber threat landscape is always evolving. Threat actors are continuing to target educational institutions, causing extensive damage and lengthy, expensive disruption. Jisc’s CSIRT team provides your first line of defence against cyber threats. Our world class incident response service works to create a secure environment for your organisation by monitoring and resolving any security incidents that occur on your network.

We work closely with other cyber security organisations and members of our cyber community to detect, report and investigate incidents that pose a threat to the security of our members' information systems. We also investigate other forms of network abuse such as spam and copyright infringement.

“When faced with a complex and time-critical incident, Jisc provided the highest level of professionalism, responsiveness and technical expertise. The information was shared and presented in such a way that even non-ICT experts were able to engage with the work being done."
Vice-principal, Northampton College

Information security threats are not limited to particular networks or national boundaries, so we assist national and international law enforcement agencies in their investigations, connecting them to our trusted contacts within the community. We work with other computer security incident response teams across the UK, Europe and the rest of the world to manage and resolve incidents. Through our work, we have built strong relationships with other security researchers and sources of security reports to ensure we provide you with a fast and effective response.

Groups and organisations we work with:

  • The National Cyber Security Centre
    Jisc works closely with the NCSC, which provides us with actionable threat intelligence that we use to continuously improve the ability of our security services to address the dynamic threat landscape.
  • GÉANT Security Services
    GÉANT Security Services is a task force that promotes collaboration between CSIRTs at the European level, and liaises with similar groups in other regions.
  • FIRST
    FIRST brings together a variety of computer security incident response teams from government, commercial, and educational organisations.
  • Trusted Introducer
    Trusted Introducer is the backbone of the security and incident response team community in Europe.

CREST-accredited

CREST logo

Jisc is assured for Cyber Incident Response (CIR) Level 2.

CREST membership is an internationally-recognised badge of excellence in information security.

Key features

As part of your membership, the service provides the following benefits:

  • Centralised coordination of reported security incidents
  • Monitoring and mitigation of denial of service (DoS) attacks
  • Improved technical awareness and engagement with peers and experts in security discussions via our cyber community, webinars and events
  • Security activity statistics made available online
  • One-to-one advice on security systems and recovery from compromise
  • Incident management
  • Unlimited access to a knowledge base of security information
  • Access to a number of channels of communication for the latest security news, trends and technical information
  • Regular, synthesised vulnerability alerts

Get support

Data usage

Netflow and data protection

We process data that has been collected on various routers on the Janet Network. This information is considered valuable for the following tasks: research, security incident response, network operations and planning. Read more information about how the data is collected and processed.

Keeping logs of network activity

It's essential to monitor usage of the Janet connection to ensure we're on top of potential security incidents. Find out more about logging network activity and and how you can get involved.

Service level description

Service description

CSIRT is a service to safeguard the current and future Janet Network security (steering the security policies for all Janet Network connections) and Jisc members.

The primary function is to monitor, co-ordinate and resolve any security incidents that occur on the Janet Network.

Hours of service

The full service is available during 08:00 and 18:00, Mondays to Fridays.

Outside of the above service period, an on-call service is available from 18:00 to midnight, Mondays to Fridays and from 09:00 to 17:00, Saturday and Sundays.

Service is available on Christmas and New Year’s Day via the call-out process.

PGP/GPG: 0x41A8A66E4EC70D66
Key fingerprint: 5B79 575F 400D AA85 0BC4 89CE 41A8 A66E 4EC7 0D66

Security

Organisations must ensure they understand and adhere to the security policy.

Your responsibilities

You are responsible on an ongoing basis for ensuring the contact details, notified to Janet Network CSIRT or Jisc service desk, of a suitable representative from within your organisation are kept up to date and any changes in responsibility promptly notified.

You must ensure that emails from CSIRT are acknowledged within a time frame commensurate with the importance of the issue.

For guidance:

  • Urgent issues should be responded to within one hour
  • Non-urgent, but otherwise important issues, within two business days
  • Less urgent issues, within five business days, as defined in SLD definitions

Charges

This service is centrally-funded.

Request for service

Request this service by contacting CSIRT directly on tel: 0300 999 2340 or via email: irt@jisc.ac.uk, or via the service desk on tel: 0300 300 2212 or via email: help@jisc.ac.uk.

Service delivery time

During the service period, an initial response will be given within four hours.

Terms and conditions

Please ensure your organisation understands and adheres to our terms and conditions.

Escalation

If you are experiencing an issue with the service and wish to escalate the issue within Janet, please contact us via the service desk on tel: 0300 300 2212 or via email: help@jisc.ac.uk.

ISO certification

This service is included within the scope of our ISO9001 and ISO27001 certificates.

Read more about International Organisation for Standardisation (ISO) standards and view Jisc certificates.

ISO 9001-2015 UKAS logo

ISO/IEC 27001 UKAS logo

Get involved

Join our defend as one campaign and help us unite higher and further education in a common cause - to build robust defences across the sector. As a member, you can sign up to receive personalised instructions on how to improve your cyber security posture across your organisation.