Overview

Framework overview

The University’s Cybersecurity Strategy Framework describes the following broad phases. The organisation can be in multiple phases at a given point in time. For example it is engaged in activities to pro-actively prevent new threats alongside acting on a recently reported event.

• Detect
• Act
• Report
• Prevent
• Enhance

This Cyber Incident Response Plan (CIRP) focusses on the Act and Report phases. By doing so, we learn to better Prevent and Enhance our posture and responsiveness.

Why do I need to concern myself with this?

Cyber-security related threats and events are already taking place across the business and higher education sectors and at the University. Cyber incidents affect many aspects of society with effects that ripple out to staff, students, stakeholders and others.

The two key questions are:

• are we prepared for as many different types of incident as we may face? and
• do we know what we need to do when they occur?

Status

• What is here?: This site has an overall Cyber Incident Response Plan, Data Breach Response Plan and a set of Playbooks for common scenrios.
• What is not here?: This site does not cover particular software items, security settings, coding practices, etc
• What is it not yet here?: Additional playbooks and reporting are intended to supplement the current set.