The Information Technology Security Computing Incident Response Team (CIRT) is the emergency response team for all IT security events at Brown University, and is critical to protecting Brown University's electronic communications infrastructure. With support from all areas of the University, the CIRT responds to a variety of incidents which could involve virus, spam, malicious software, phishing attacks, and social engineering.
It is critical that you immediately notify Brown when you become aware of an event that could result in a breach of personally identifiable information (PII).
- Any information or network security incident should be reported immediately to firstname.lastname@example.org.
- Lost or stolen electronic media or a computing device:
- Personal information: If you need to report lost or stolen electronic media or a computing device, please file a report with the Department of Public Safety (863-3103) and contact the Help Desk for assistance on possibly tracing its activity on Brown's network.
- Personally identifiable, restricted, regulated, or confidential information: If the lost of stolen electronic media or a computing device was used to store personally identifiable, restricted, regulated, or confidential information, please notify the Information Security Group immediately. ISG will work with you to determine the next steps, and whether the event requires notification.
- Computer/information intrusion:
If you suspect that someone has broken into your computer, please disconnect it from the network and contact the Information Security Group as soon as possible. We will investigate the incident and help you recover your system.
- Protected Health Information (PHI):
If any PHI might have been lost, stolen, compromised, misdirected, etc., please notify the Information Security Group at ISG@brown.edu, who will work with you to determine the next steps, and whether the event requires notification.
- File an Incident Ticket:
In the event of a serious incident, log onto the trouble tracking system, Remedy, and create a new CIRT ticket.
When reporting a possible intrusion, it is helpful if you can provide us with the following information:
- A description of the problem (what happened and when)
- The computers that were affected (names and IP addresses)
- The actions that have been taken to address this incident
- Any other information or log files that you have