Security Incident Response Team (SIRT)
The K-State Security Incident Response Team is charged with providing services and support dedicated to preventing and responding to information/network security incidents. They are part of a larger departmental security contacts group.
- Reactive - respond to incidents in a coordinated manner by working with NSSG to develop the action plan. Serve as the primary communication channel and technical lead for the college/units they represent.
- Proactive - coordinate implementation of preventative measures in the college/units they represent. This includes communicating about threats, new vulnerabilities, and best practices, along with assisting IT support staff in implementing preventative measures.
- Advisory - as a regular part of NSSG, SIRT will participate in all aspects of NSSG's responsibilities, serving as the conduit of information and advice between central IT support and the colleges, departments, and units represented by SIRT.
Responsibilities to represented units
The SIRT has the following specific responsibilities in the colleges, departments, and units they represent as originally outlined in the IT Security SWAT report:
- Rapid response and recovery to active security incidents, working with NSSG to develop the response plan and assuring response and/or recovery efforts are coordinated across campus
- Investigate the nature of a vulnerability and the extent of an attack
- Preserve evidence for possible legal follow-up
- Provide early alerts to new vulnerabilities and related attacks
- Provide incident detection
- Implement and/or coordinate implementation of proactive, preventative security measures
- Provide security-awareness and best practice training and mentoring to systems administrators and users in their college/units
- Share successful strategies and efforts with others
- Provide security advice and services
- Advise system developers and IT infrastructure architects on secure design of applications, systems, and networks
- Assist NSSG with a confidential annual report to the Vice Provost for IT Services on IT security activities for the previous year
- Host an annual security workshop for the campus with NSSG and the Division of Information Technology