CSIRT
Safeguarding your current and future computer security, with a primary function to monitor and resolve any security incidents.
Our mission is to create a secure environment to conduct your online activities. Our primary function is to monitor and resolve any security incidents that occur on the network, with specialists tracking a range of platforms, including Unix, Linux and Windows.
We work closely with our community to detect, report and investigate incidents that pose a threat to the security of our members' information systems. We also investigate other forms of network abuse such as spam and copyright infringement.
“When faced with a complex and time-critical incident, Jisc provided the highest level of professionalism, responsiveness and technical expertise. The information was shared and presented in such a way that even non-ICT experts were able to engage with the work being done. "
Vice-principal, Northampton College
Due to the geographical scope of incidents, we assist national and international law enforcement agencies in their investigations, connecting them to our trusted contacts within the community.
Information security threats are not limited to particular networks or national boundaries, and we work with other CSIRTs (computer security incident response teams) across the UK, Europe and the rest of the world to manage and resolve incidents. We have built strong relationships with other security researchers and sources of security reports to ensure we provide you with a fast and effective response.
Features
Our service includes:
- Centralised coordination of reported security incidents
- Monitoring and mitigation of denial of service (DoS) attacks
- Improve technical awareness and engage in security discussions via Twitter, webinars and events
- Security activity statistics available online
- One-to-one advice on security systems and recovery from compromise
- Incident management
- Unlimited access to a knowledge base of security information
- Access to a number of channels of communication for the latest security news, trends and technical information
- Regular, synthesised vulnerability alerts
Eligibility
This service is freely available to all Janet-connected institutions.
Use of this service is subject to adherence to the:
Ransomware incident response workshop
Test your infrastructure, policies and procedures with a realistic simulated incident.
Support
Related info
Netflow and data protection
We process data that has been collected on various routers on the Janet Network. This information is considered valuable for the following tasks: research, security incident response, network operations and planning. Read more information about how the data is collected and processed.
Keeping logs of network activity
It's essential to monitor usage of the Janet connection to ensure we're on top of potential security incidents. Find out more about logging network activity and and how you can get involved.
Groups and organisations we work with:
- TF-CSIRT
TF-CSIRT is a task force that promotes collaboration between CSIRTs at the European level, and liaises with similar groups in other regions. - FIRST
FIRST brings together a variety of computer security incident response teams from government, commercial, and educational organisations. - Trusted Introducer
Trusted Introducer is the backbone of the security and incident response team community in Europe.
Service level description
Service description
A service to safeguard the current and future Janet Network security (steering the security policies for all Janet Network connections) and Jisc members.
The primary function is to monitor, co-ordinate and resolve any security incidents that occur on the Janet Network.
Hours of service
The full service is available during 08:00 and 18:00, Mondays to Fridays.
Outside of the above service period, an on-call service is available from 18:00 to midnight, Mondays to Fridays and from 09:00 to 17:00, Saturday and Sundays.
Service is available on Christmas and New Year’s Day via the call-out process.
PGP/GPG: 0x41A8A66E4EC70D66
Key fingerprint: 5B79 575F 400D AA85 0BC4 89CE 41A8 A66E 4EC7 0D66
Security
Organisations must ensure they understand and adhere to the security policy.
Your responsibilities
You are responsible on an ongoing basis for ensuring the contact details, notified to Janet Network CSIRT or Jisc service desk of a suitable representative from within your organisation, are kept up to date and any changes in responsibility promptly notified.
You must ensure that emails from CSIRT are acknowledged within a time frame commensurate with the importance of the issue.
For guidance:
- Urgent issues should be responded to within one hour
- Non-urgent, but otherwise important issues, within two business days
- Less urgent issues, within five business days, as defined in SLD definitions
Charges
This service is centrally-funded.
Request for service
Request this service by contacting CSIRT directly on tel: 0300 999 2340 or via email: irt@jisc.ac.uk, or via the service desk on tel: 0300 300 2212 or via email: help@jisc.ac.uk.
Service delivery time
During the full service period, an initial response will be given within one hour.
During the on-call service period, an initial response will be given within two hours.
Terms and conditions
Please ensure your organisation understands and adheres to our terms and conditions.
Escalation
If you are experiencing an issue with the service and wish to escalate the issue within Janet, please contact us via the service desk on tel: 0300 300 2212 or via email: help@jisc.ac.uk.
ISO certification
This service is included within the scope of our ISO9001 and ISO27001 certificates.

