UMCERT is UM’ Computer Emergency Response Team. Officially established in July 2011.UMCERT is responsible for activities related to awareness, prevention and handling of on campus ICT Security incidents.

Given that cyber attacks have the potential to have security implications for ICT assets and delivery systems at the University of Malaya, the effort to overcome them should be wisely implemented to ensure that the ICT system can operate smoothly and without interruption. The establishment of the UMCERT team is proposed as a step towards streamlining the management of ICT security incident management at the University of Malaya and complying with the government's recommendations in line with the General Circular Letter No. 4 Year 2006: Public Sector Information and Communication Technology Incident Management Handling Management (ICT) (Surat Pekeliling Am Bil. 4 Tahun 2006: Pengurusan Pengendalian Insiden Keselamatan Teknologi Maklumat dan Komunikasi (ICT) Sektor Awam.). This team will act as the first level support for handling ICT security incidents, monitoring and advising on ICT security.

Vision ::

• To reduce the possibility of a successful attack & minimize the risk of damage from an attack.

Mission :: 

• To overcome the problem of ICT users of campus network security.

1. Enhanced PTM's responsibility for ICT security incidents at University of Malaya.
2. Developing expertise and human capital in handling ICT security incidents.
3. Strengthen the management of ICT security incidents through the establishment of UMCERT as First Level Support.

1. More trained and experienced ICT personnel in the management of ICT security incident handling at the University of Malaya.
2. ICT security incidents are effectively managed and systematized with UMCERT as the first level support.
3. Efforts to overcome ICT security incidents at the University of Malaya are enhanced and streamlined.

1. Receives and tracks ICT security complaints and assessing the incidence and the type of incident;
2. Records and conducts an initial investigation of the reported incident;
3. Take an action on the reported ICT security incidents;
4. Addresses the ICT security incident response and taking action;
5. Advises PTj to take remedial action and consolidation if incidents involve ICT assets that are under the responsibility of PTj;
6. Contacts and reports the incident to GCERT MAMPU;
7. Prepares an ICT security incident report to the ICT Security Committee;
8. Provides advisory services to users in tracking, identifying and addressing ICT security incidents;
9. Disseminates information to assist the enhancement of ICT security at UM from time to time;
10. Conducts assessments to ensure the level of ICT security and takes corrective action or consolidation to improve the security of ICT infrastructure so that new incidents can be avoided;
11. Enhances ICT awareness and awareness through ICT security awareness programs. Each user should be given ICT awareness and training programs in carrying out their duties and responsibilities.

1. CERT Director   :   Madam Asiah Abu Samah (Chief Technology Officer)
2. CERT Manager   :   Madam Nor Azliza Abd Wahab (ICT Security Officer)

1. Information Technology Officer at ICT Security and Research Computing Division.
2. Assistant Information Technology Officer at ICT Security and Research Computing Division.
3. Data Center Management Representative.
4. Network Division Representative.
5. Administrative Application Division Representative.
6. Collaborative and Communication Application Representative Division.
7. Customer Service Division Representative.

• Director of CERT

1. Enhances the responsibilities of all PTj Heads on the ICT security incident at UM;
2. Improves compliance with the requirements of ICT security, deeds, rules and procedures; and
3. Develops expertise and human capital in the handling of ICT security incidents.

• Manager of CERT

1. Determines the stage and type of incident;
2. Provides a complete report of the incident;
3. Informing detected incidents of internal monitoring and external sources;
4. Provides incident information to GCERT MAMPU.
5. Receives GCERT MAMPU assistance, if necessary.
6. Conducts an assessment of ICT security level and taking action on recovery; and
7. Manages the overall UM ICT security program.

• Members of CERT

1. Receives and track incidents through internal monitoring and external sources;
2. Conduct investigations / investigations on incidents;
3. Take appropriate remedial action and prevention measures; and
4. Report incidents to ICTSO / CIO.

The establishment of this team is expected to further strengthen the process of handling ICT security incidents to ensure that recovery and prevention measures are implemented as soon as possible to minimize the impact of the incident. More importantly, the number of ICT security incidents is expected to be mitigated with greater collaboration between all divisions.

1. Reported Incidents Statistic 2017 (PDF)
2. Reported Incidents Statistic 2016 (PDF)