黑料网大事记
MyIT

Cyber security operations

Personalise
Cyber security and data protection. Businessman using laptop computer protecting business and financial data with virtual network connection. Innovation technology develop smart solution.

黑料网大事记 IT Cyber Security help protect our University community as well as inform, educate, and support your understanding of safe online behaviour, practices, and obligations around information security.

Cyber Security Operations

Our team

Our Security Engineering team manages and supports a wide range of security services by leveraging advanced technologies and tools that are monitored in real-time to better detect and respond to emerging threats. Our services include the selection, design, architecture, and management of security tools, and providing support to incidents and investigations. We collaborate with other teams to onboard and integrate security controls ensuring they are monitored and protected.听

Our Computer Security Incident Response Team (CSIRT) protects 黑料网大事记 against cyber-attacks through the implementation of comprehensive 24x7 monitoring, detection, and incident response services. We are responsible for managing the investigation and response to cyber security events and incidents to manage the impact on the University and assist in the restoration and recovery of normal operations.听听We also provide digital forensics services to investigate and analyse digital evidence and threat intelligence services to proactively track and monitor threat actors targeting our people and infrastructure.

Our services

The following Cyber Security Operations services can be requested via the IT Service Centre unless other direction is provided below.听
听 听Cloud security services
听 听Data loss prevention
听 听DDoS protection
听 听Digital forensics
听 听Email authentication services (DMARC, SPF, DKIM)

  • In July 2025, we introduced a new feature that puts you in control of managing suspicious emails. This new AI powered capability adds an additional layer of protection by quarantining malicious/suspicious email with warning banners for you to review and release if deemed safe.

    It starts with a smart notification!

    When a suspicious email is detected, you'll receive a notification email from our 黑料网大事记 Email Protection that explains why the email might be dangerous and includes a safe preview of the original email where any links or attachments are disabled.听It also allows you to take action by selecting one of two options:

    1. Report and Delete.听 Marks the email as malicious and deletes the email.
    2. Release. Releases the original email to your inbox.

    Refer ot the and for more assistance with the notification and actions to take.

  • The Endpoint Detect and Response (EDR) service software provides more advanced threat detection, monitoring, and endpoint remediation capabilities to enhance the protection of our systems. All 黑料网大事记 IT-managed endpoints already have the EDR service installed.

    The following conditions apply:

    1. EDR is not a service for personal devices (BYOD) or 黑料网大事记 students.
    2. EDR can only be installed on 黑料网大事记-owned information resources.
    3. EDR can only be activated on supported operating systems.
    4. EDR has anti-tampering protection and cannot be removed by users. If an uninstall is required, a request will need to be raised to the IT Service Centre and assigned to the Cyber Security Operations team to uninstall the software.
    5. Once installed, 黑料网大事记 IT can apply countermeasures against cyber security threats as required to protect your system and data.
    6. 黑料网大事记 IT Cyber Security has the authority to take any necessary action to contain and remediate a compromised endpoint during a security incident.听 E.g., Network will contain the endpoint, restart the endpoint, or stop the process.听听Note: An exemption request can be made again at this point.

    Once a request is submitted, a Cyber Security representative will be in touch to progress your request. Requests for the EDR service will be assessed for suitability by 黑料网大事记 IT Cyber Security.听

    Once installed, if a potential threat is detected by the EDR service, staff may be presented with a pop-up Falcon Notification, indicating that your device is protected and generally there is no further action rquired.

    The EDR service is available for installation on your 黑料网大事记-owned endpoints such as servers, desktops, and laptops which are not managed by 黑料网大事记 IT.
听 听Incident response
听 听Intrusion detection and prevention system
听 听Perimeter firewall
听 听Privileged access management
听 听Secure email gateway
听 听Secure remote access
听 听Secure web gateway

  • Security Information and Event Management (SIEM) is a solution that helps the University detect, analyse, and respond to security threats before they harm operations. Once onboarded to the SIEM, the Security Operations Centre (SOC) will provide 24x7 real-time monitoring, threat detection, and security incident response services for your platforms, applications, or services.

    Once a request is submitted a 黑料网大事记 IT Cyber Security representative will be in touch to progress your request. Requests for the SIEM service will be assessed for suitability by 黑料网大事记 IT Cyber Security.

    The SIEM service is available for your 黑料网大事记-owned platforms, applications, or services.
听 听Threat intelligence management

  • Vulnerability Management is a solution that provides the University with visibility of our assets and vulnerabilities, allowing us to quickly and accurately understand our cyber security risk.听

    Once onboarded, it will provide an assessment of vulnerabilities on the system, helping us prioritise and report on our risks.

    Once a request is submitted a Cyber Security representative will be in touch to progress your request. Requests for the Vulnerability Management service will be assessed for suitability by 黑料网大事记 IT Cyber Security.

    The Vulnerability Management service is for your 黑料网大事记-owned platforms, applications, or services.

  • A Web Application Firewall (WAF) is a solution that provides the University with critical cyber security protection for internet-facing web applications to prevent online threats such as Distributed Denial of Service (DDoS), SQL injection, cross-site scripting (XSS), and other web application attacks.

    Once a request is submitted, a 黑料网大事记 IT Cyber Security representative will be in touch to progress your request. Requests to onboard a web application to the WAF service will be assessed for suitability by 黑料网大事记 IT Cyber Security.听

Reporting cyber incidents

It is important to report any cyber security incidents as quickly as possible so that the 黑料网大事记 IT Cyber Security team can address any issues and mitigate risk exposure.

Incidents that staff and students should report:

  • Suspecting your computer or account has been compromised.
  • Having evidence on how technology or University data may be vulnerable.
  • Noticing a colleague inappropriately sharing Highly Sensitive or Sensitive data.
  • Losing a University asset containing sensitive information.
Contact the听IT Service Centre听for urgent matters or use the button above to report an incident.

Cyber security is everyone鈥檚 responsibility and by learning a听few rules, simple steps, and following guidelines, we can protect our University from cyber security threats and keep data safe.

"Enhancing cyber security, including protecting information and privacy, is of paramount importance to our core functions of education and research. We all play a part in being cyber smart."听

Professor Attila Brungs, Vice-Chancellor and President, 黑料网大事记 Sydney