Cybersecurity Operations Center (CSOC)
The Cybersecurity Operations Center (CSOC) manages incident, threat, or vulnerability intake, triage, validation, and response through situation containment, mitigation, and critical consultation.
If you fear for your or someone else’s safety, call 911.
Report incidents or other urgent cybersecurity events at UIUC by sending an email to email@example.com.
Members of the UIS community should report to firstname.lastname@example.org.
Provide as many relevant details as possible. A member of the Cybersecurity Operations Center (CSOC) will respond and provide additional next steps.
Team members provide incident response for many different cybersecurity scenarios such as compromised accounts, business email compromise, phishing, system or data breach, unauthorized data disclosure or malware infection. Depending on the requirements of the incident, the CSOC will engage to monitor suspected anomalous activity, conduct forensic analysis on log or system data, contain accounts or systems impacted and consult on appropriate steps for mitigation.
Using enterprise and open-source solutions, the CSOC also conducts network traffic analysis, threat hunting, and network monitoring of suspected adversarial sources.
We work collaboratively with law enforcement agencies, research integrity, human resources, and other administrative bodies under the guidance of University Legal Counsel, supporting legal response, e-discovery, and data preservation services.
Event triage takes place within 24 hours of notice or detection.
Critical severity events
- begin investigation within 1 hour of triage and mitigation of critical events is enacted on a prioritized “ASAP” premise.
High severity events
- begin investigation within 4 hours of triage
Medium severity events
- begin investigation within 48 hours of triage
Low severity events
- begin investigation within 96 hours of triage
Reach Our Team
Report incidents or other urgent cybersecurity events by sending an email to email@example.com or phone 217-265-0000, option 3.
Non-urgent inquiries can be sent to firstname.lastname@example.org.
- Taylor Judd, Acting Associate Director Information Security
- Prabha Manda, Manager, Cybersecurity Operations Center
- Bob Heren, Senior Cybersecurity Analyst
- Carl Stephens, IT Security Analyst
- Steve Fletcher, Cybersecurity Analyst
- Spencer Sharp, Cybersecurity Analyst