Prevent, detect and contain. These are the key strategies for combating cyberattacks and the ISPO Security Operations Center serves as the hub for coordinating these goals across the university. The ISPO Operations and Incident Management team manages many of the security tools used to monitor, detect, prevent and respond to security events at FSU, tools such as intrusion prevention, vulnerability scanning and penetration testing.
Additionally, this team serves as the primary computer security incident response team (CSIRT) for security and privacy incidents and works closely with partners who provide 24/7 monitoring of the network and other on-demand response services. When monitoring uncovers suspected malware activities, the Security Operations Center notifies affected units and follows up to ensure corrective actions are completed.
Through effective incident management, ISPO facilitates response efforts when cyber events occur. The following activities help minimize potential damage in the event of a security threat:
Computer Security Incident Response Team (CSIRT)
- This team of trained professionals establishes the roles, responsibilities and communications procedures for responding to computer security incidents.
- Thorough tracking and analysis uncovers trends in security threats and contributes to security strategic planning.
Florida State Information Technology Security and Privacy Incident Response and reporting procedures can be found at FSU Incident Response and Reporting Procedures.