CIRT Charge


Brown University's Computing and Information Services organization, as well as many others at Brown, have been adversely affected by the increase in number and the severity of malicious threats that have impacted the global computing community. These threats are delivered in many forms: malicious code (viruses, worms, trojans) and exploitation of undiscovered and unpatched software vulnerabilities (hacking), phishing, and improperly configured software or servers. In addition to loss or slowing of services and loss or theft of data, Brown University may be liable for damage to organizations that results from negligence in administrating Brown's networked devices.

Further, abuse of services for the distribution of unauthorized commercial email (improperly but commonly referred to as "spam") and unauthorized use and distribution of copyrighted material continues to expose Brown University to potential penalties as well.

CIS is working with the Brown community to implement reasonable IT policies and procedures to secure computing and information services and to adequately protect the data security, confidentiality, and accessibility of our networked information without significantly compromising intellectual freedom.

Responsibilities of CIRT

  1. Identify categories of malicious activity that threaten Brown University's computing infrastructure. These categories are constantly evolving. They include, but are not limited to, the following:
    • Denial of Service attacks
    • Rapidly spreading or highly virulent malicious code (viruses, worms, trojans)
    • Unauthorized utilization of services by Brown community members or others
    • Unauthorized access to protected computing and information services by Brown community members or others
    • Technical support for investigations approved by authorized Brown representatives, on behalf of the University
    • Mitigation of unauthorized wireless access points
    • Spam outbreaks
    • Compromised accounts
    • Researchers responding to incidents related to credit card data
    • Ongoing threats not yet defined
  2. Coordinate appropriate responses to counter malicious threats.
  3. Develop group-level response procedures so that there is archival documentation and clear understanding of roles across CIS and non-CIS groups.
  4. Periodically review processes utilized for Incident Response and make recommendations for improvements to the CIRT Director, as appropriate.
  5. Be aware of developing security issues affecting computing and information services.


The CIRT is composed of representatives (and their alternates) from several major groups within CIS:

CIS Group/Function

CIRT Members

CIRT Director Chief Information Security Officer
Director of Infrastructure Services Linnea Wolfe
Network Technology Kevin DaSilva, Elvis Seth, Tim Wells, Doug Wilkinson
Endpoint Engineering Steven McKay, Peter Tirrell
IT Service Center Michele Blanchette, Gena Burke, Jeff Clark, Kathy Dorion
Windows Systems Adam Chiodini, Tony Jaworski, Robert Mattei, Michael Rosendale
Unix Systems David Andrade, Paulo Baptista, Thomas DuVally, John Larsen, Robert Morse
Operations/Admin Paul Kelleher, David Rollins
Admin Systems Dave Clark, John Dick
Network Security Robert Fletcher, Toolika Ghose
Information Security Communications Pat Falcon

Type of Incident

Incident Coordinators

Email-Borne Malware Robert Morse
Malware other than Email-Borne Peter Tirrell
Network Issues Tim Wells
Power Issues David Rollins

Questions or comments to:

Effective Date: August 30, 2004
Last Reviewed: March, 2016
Next Scheduled Review: March, 2018