Dear One IT and Micronet Colleagues,
Recent incidents targeting higher education and research institutions have prompted us to update our Procedures for Blocking Network Access. These changes will allow us to properly block vulnerable systems while remaining flexible to various risk levels.
What's Changing:
- Faster response to publicly accessible vulnerabilities: Systems exposed to the internet with critical vulnerabilities will receive more urgent attention.
- Enhanced incident response authority: CISO has authority to make rapid blocking decisions during declared Significant Incidents (including ransomware).
- New risk category: "Non-Urgent Out-of-Compliance" issues that require policy exceptions but won't result in blocking.
- Clearer timelines and criteria: Using industry-standard vulnerability scoring (such as CVE) to ensure consistent, fair responses.
Remember, central campus network and security personnel can take action to mitigate serious threats to campus information systems or the Internet. If a threat is severe, the affected computer(s) will be blocked from network access following the new procedures.
What You Can Do:
-
Ensure your Security Contact(s) are up to date so the right people receive our notices.
-
Support timely security updates. Particularly for internet-facing systems.
Questions? Contact us at security-policy@berkeley.edu