Computer Security Incident Response Team ****************************************************************************************** * ****************************************************************************************** Leader: Ing. Vladimír Horák [ URL "https://is.cuni.cz/webapps/UKSESSION1E50D16D349C8B790BA whois2/osoba/1776199006713689/?back_id=16"] CSIRT [ URL "https://csirt.cuni.cz/cs/about/"] (the name came from using the first letters Security Incident Response Team) is an operational team focused on responding to security CU Computer Network. The department closely cooperates with the Cyber Security Department Office of the CU. Main competencies and responsibilities: • detection and analysis of cyber incidents, • rapid response to attacks and system breaches, • coordination of recovery after incidents, • incident reporting and documentation management, • communication with external CSIRT teams and law enforcement authorities, • penetration testing and simulation of attacks, • technical support in solving security problems, • monitoring and operation of security tools (SIEM, IDS/IPS), • malware analysis and forensic investigation, • support in crisis management in the field of IT security. The CSIRT department in cooperation with the Department of CS and the CS Committee partici • implementation of preventive measures to increase the level of IT cyber security at the • fulfilment of legal obligations of the CU in the field of cyber security, • solving security incidents including coordinated response to cyber attacks, phishing, ma unauthorized access, etc. • monitoring and detection of threats in active monitoring of university network and syste identification of vulnerabilities and risky activities