incident response

System Administrators Charter

Andrew Cormack
Thursday, June 28, 2012 - 14:55
System Administration
incident response
Janet's suggested Charter for System Administrators shows how administrators can adopt good practice and make it more likely that they will comply with the law. The charter also contains links to codes of practice published by various professional organisations.
Read more

2012 - Ministry of Justice call for evidence on EU Data Protection Proposals

Andrew Cormack
Thursday, June 28, 2012 - 13:39
Data Protection Regulation
Privacy
incident response
Cloud computing
Breach Notification
This is Janet’s response to the Ministry of Justice call for evidence on the European Commission’s data protection proposals. The JNT Association, trading as Janet, is the non-profit company limited by guarantee that operates the Janet network connecting education and research organisations in the UK to each other and to the Internet.
Read more

2010 - House of Lords enquiry into EU Internal Security Strategy

Andrew Cormack
Thursday, June 28, 2012 - 13:23
CSIRT
Cybercrime
incident response
This is JANET(UK)’s submission to the inquiry into the EU Internal Security Strategy by the Home Affairs Sub-Committee of the House of Lords Select Committee on the European Union.
Read more
4 May 2012 at 9:48am

IETF on Botnet Detection

Andrew Cormack
Cybercrime
incident response
malware
Role of ISPs
A bot is a program, maliciously installed on a computer, that allows that computer and thousands of others to be controlled by attackers. Bots are one of the major problems on the Internet, involved in many spam campaigns and distributed denial of service attacks, as well as allowing attackers to read private information from the computer’s disk and keyboard. Some bots even allow cameras and microphones to be monitored by the attacker. Detecting and removing bots is therefore in the interests of both individuals and internet providers.
Read more
4 May 2012 at 8:55am

European Cybercrime Centre feasibility study

Andrew Cormack
Cybercrime
incident response
A feasibility study by RAND of the proposal for a European Cybercrime Centre (ECC) suggests that the result risks becoming a bit lopsided.
Read more
4 July 2012 at 5:02pm

MoJ Evidence on EC Data Protection proposal

Andrew Cormack
Access Management
Breach Notification
Cloud computing
Data Protection Regulation
Privacy
incident response
I've just sent in a Janet submission to the Ministry of Justice's Call for Evidence on the EU Data Protection proposals. Our response mentions the good and bad things about the proposal, as discussed here previously, for
Read more
6 June 2012 at 11:18am

Dealing with Terrorist Material On-line

Andrew Cormack
Terrorism Act
incident response
Having been involved, a long time ago, in discussions of the Bill that became the Terrorism Act 2006, I was surprised to see a headline that “MPs urge internet providers to tackle on-line extremism”.
Read more
6 June 2012 at 11:16am

Government CERTs and Information Sharing

Andrew Cormack
CSIRT
Data Protection Regulation
Privacy
incident response
I've had three discussions in two days about whether Government CERTs are different from others, which makes it a FAQ! It seems to me that legislation may be heading that way, and that that could create a potential problem for sharing information.
Read more

References

Anonymous
Friday, February 17, 2012 - 10:18
security
incident response
technical guide
references
Janet Policies All sites connecting to Janet are required to abide by three policies that set out the rules for access to, use and protection of the network. These policies are set by JISC, who fund the network. The latest versions of these policies can be found through the Janet web site. Janet Acceptable Use Policy: http://community.ja.net/library/acceptable-use-policy
Read more

Incident response and policy

Anonymous
Friday, February 17, 2012 - 10:18
security
technical guide
incident response
policy
Organisational Policy Incident response is a fundamental part of the organisation’s operation, playing a part in protecting both its services and reputation, so it must be included in the organisation’s policies and procedures.
Read more
Subscribe to incident response