If you fear for your or someone else’s safety, call 911.
Report incidents or other urgent cybersecurity events by sending an email to email@example.com.
Provide as many relevant details as possible. A member of the Cybersecurity Operations Center (CSOC) will respond and provide additional next steps.
Cybersecurity Operations Center – Critical Event Response
The CSOC, or Cybersecurity Operations Center, handles urgent and critical cybersecurity event response.
- Incident intake, triage, validation, and response
- Vulnerability/exposure intake, triage, validation, and response
- Threat intake, triage, validation, and response (response can include situation containment, mitigation, and critical consultation)
- As-needed emergent engagement with leadership enacted when administrative process is required due to standing requirements, commitments, laws, policies, or procedures.
- Continual monitoring, scanning, intelligence gathering, and network interrogation techniques to be employed for the purpose of detecting cybersecurity vulnerabilities, threats, exposures, breaches, anomalous activity, risks borne from noncompliance, cybersecurity incidents, misconfigurations, or other activities and conditions which may contribute to risk.
- Notification provided to owners of record after mitigation actions are taken, as soon as is practical. A best-effort process will be employed to contact security liaisons and/or stewards. Process assumes contacts are registered and findable in the CDB, Security Liaisons registry, or otherwise immediately identifiable using established university enterprise constructs.
How do I engage, and who should I contact?
- Report incidents or other urgent security events by emailing firstname.lastname@example.org. Critical events can be reported by calling the 24×7 on-call responder at 217-265-0000, option 3.
Event triage will take place within 24 hours of notice or detection.
- Critical severity events will be addressed no more than 1 hour from the time of triage.
- High severity events: work to begin no more than 4 hours from the time of triage.
- Medium severity events: work to begin no more than 48 hours from the time of triage.
- Low severity events: work to begin no more than 96 hours from the time of triage.
Cybersecurity Support, also known as Security Support, provides consultation, advisement, resources, and outreach on non-emergency matters related to cybersecurity.
How do I engage, and who should I contact?
What services are available?
- Non-emergency consultation requests, cybersecurity planning, security policy support, compliance guidance, security engineering requests, feedback gathering, tools maintenance, cybersecurity resource support, and other non-emergency cybersecurity-related requests.
Who can request assistance?
- University Administration, Urbana campus, and Springfield campus customers (faculty, researchers, staff, students) can request cybersecurity consulting.
- Technical cybersecurity support is available for Administration staff, Urbana staff, and Springfield staff, as well as specialized support groups (Technology Services Help Desk, Privacy & Security Liaisons, etc).
- Project security resource, assessment, engineering and planning support are available for Technology Services and AITS customers.
- Maintenance of security tools and services provided at-will for designated cybersecurity liaisons/staff members at University Administration, Urbana campus, and Springfield campus.
- Requests sent to email@example.com will be assigned within 3 business days of arrival. Most replies will be sent within 10 business days.
- Work requests, extended consultation requests, escalations, project resource requests, risk/contract consulting, and nonstandard requests require longer.
The Privacy Office supports the university community through enabling data by virtue of privacy principles and capabilities.
The Privacy Office provides consultation, advisement, resources, and support for:
- Customer Service Requests/ General Inquiries
- Requesting a new privacy service, project, or capability
- Privacy Consultations
- New purchase / third party product or service reviews
- Compliance-related questions
- Privacy Impact Assessments
- Reporting a possible data incident
- Other privacy concerns