Emergency Alert Procedures
Security incidents shall be reported to the DIR within twenty-four hours if there is a substantial likelihood that such incidents could be propagated to other systems beyond the control of the agency. TAC 202.26 and TAC 202.76.
DIR requests that you report all incidents of a serious nature as soon as possible. For example, if someone gains unauthorized access to your web sites or one of your web sites is or defaced, please let us know. This will allow a “heads up” to be sent to other agencies and institutions of higher education to be on the lookout for similar attempts on their sites. When an alert is sent the information is cleansed of any names that would point to a particular entity.
Please call the emergency cell phone at 512-350-3282. The phone is answered 24 hours a day, 7 days a week. An IT Security Analyst will take the pertinent information that is needed. The following information will be requested:
- Name of agency
- Name/title of person who called
- Phone number of person who called
- How you were contacted for incident (cell phone, phone call or email)
- Date and time of call
- Details of incident
- Action taken
It is possible that he/she will follow-up to determine how the incident was resolved.
Most Recent Incidents
Updates to this page will be made only if there is a need to disseminate information to agencies and universities during a major negative event. This page includes the most recent alerts.
For Emergency Alerts posted earlier, see the Emergency Alerts Archive page.
MS-ISAC Cyber Security Alerts
The Multi-State Information Sharing & Analysis Center (MS-ISAC) disseminates Cyber Security Advisories and bulletins to member states through the state offices of the Chief Information Security Officer (CISO). MS-ISAC's Cyber Security Advisories also has an archive of previous alerts.
US-CERT Cyber Security Alerts
The United States Computer Emergency Readiness Team (US-CERT) publishes Cyber Security Alerts that provide timely information about current security issues, vulnerabilities, and exploits. They outline the steps and actions that non-technical home and corporate computer users can take to protect themselves from attack.
US-CERT also publishes Cyber Security Bulletins that provide weekly summaries of new vulnerabilities, and patch information when available. The US-CERT Current Activity webpage is a regularly updated summary of the most frequent, high-impact types of security incidents being reported to US-CERT.
Microsoft Security Bulletins
Microsoft publishes “Bulletins”, or announcements, that a new update has been issued. A bulletin might cover one or more updates and discusses the vulnerability fixed by the updates. Typically, a bulletin announces updates for several products within the same product family. For example, a typical Windows security bulletin might include updates for Windows 2000, Windows XP, Windows Server 2003, and any other Windows products as appropriate. Each update is product-specific and might replace other updates issued earlier for that product in another bulletin.
Bulletins use a severity rating system that provides a single rating for a vulnerability in a software product. The definitions of the ratings are:
- Critical
- A vulnerability whose exploitation could allow the propagation of an Internet worm without user action.
- Important
- A vulnerability whose exploitation could result in compromise of the confidentiality, integrity, or availability of users’ data, or of the integrity or availability of processing resources.
- Moderate
- Exploitability is mitigated to a significant degree by factors such as default configuration, auditing, or difficulty of exploitation.
- Low
- A vulnerability whose exploitation is extremely difficult, or whose impact is minimal.
|
