| Abstract: | Over the past several years we have seen a rise in computer intrusions, malicious code, and other security incidents on our network. With approximately 25,000 computers attached to our network, it was no longer feasible for one individual to handle all of the incidents that were occurring. In 1999, we began a focused effort to improve our ability to detect problems, determine their causes, minimize the damage they cause, preserve related evidence, resolve the problems, and take appropriate disciplinary or legal action. Part of this initiative involved the formation of an incident response team made up of three Department of Information Technology (DoIT) Security staff members and 10 volunteers from various departments at University of Wisconsin-Madison. The Badger Incident Response Team (BadgIRT), which operates as an integral part of the DoIT Security department, was formed as a central collection point for tracking incidents, analyzing information security trends, and working with other incident response teams worldwide. |
