To continue to protect the university network from cyber criminals, OIT recently issued a new procedure that details the actions required to respond effectively to an impending or active cybersecurity incident at NC State.  

Rule 08.00.17 – Cybersecurity Incident Response Procedure requires and advises all campus system users, data trustees, data stewards, and data custodians and their delegates to protect university information systems and resources, in particular, those that could potentially impact sensitive data (purple or red data).

RUL 08.00.17 is modeled after the NIST Computer Security Incident Handling Guide (NIST 800-61), which explains how to prevent cybersecurity incidents as well as how to plan and prepare for a cybersecurity incident response.

To assist responsible parties who would normally handle cybersecurity incidents, RUL 08.00.17 provides details about:

• Roles and responsibilities
• Preparation for a cybersecurity incident
• Event reporting
• Investigative analysis—including containment, eradication and recovery, and post-incident activity
  

In addition, RUL 08.00.17 offers a:

• Planning tool to create an incident response plan.
• Flowchart, which depicts the typical response phases when a cybersecurity incident is discovered, as well as roles and responsibilities for those involved in responding to the incident.

If you have any questions or concerns regarding the application of this procedure to your environment, please contact OIT Security & Compliance at oit_security@ncsu.edu.