The Texas A&M University System Security Operations Center (SOC) and Cyber Response Team (CRT) are operating and managing the technical aspects of the recent cyber incident within the framework and authority of the Texas Division of Emergency Management (TDEM).
The TAMUS SOC team works with affected entities to determine and assess the scale, scope and impact of the cyber incident and then assist with remediation. The SOC also provides technical assistance to personnel in the field as well as local affected entity personnel and helps to determine prioritization of deployed assets at affected entities. All technical communications are managed by this group. The SOC is responsible for declaring an impacted site “clear” along with local personnel.
The TAMUS CRT conducts the primary incident investigation, performs threat containment on victim networks, and analyzes forensic evidence. The CRT coordinates law enforcement and military cyber teams to collect evidence in the field and perform threat assessments.
Both teams interface directly with law enforcement, state agency and military departments, protective services and intelligence agencies including FBI, DHS, DPS, DIR, TMD and TDEM.