Reporting a Cybersecurity Incident

March 21, 2019
What to do when you have a security incident

Cybersecurity threats are relentless and there are no signs of attacks slowing down across this billion dollar enterprise.  Time is of the essence when it comes to responding to a security incident. The quicker the response time, the less damage or loss may occur.  The University is accountable for the data it processes even if it is via a third party contracted service.  If you know or suspect a system or data breach, please report it immediately by calling Information Security at 289-8655. 

  1. Disconnect the system from the network; do not power down
  2. Call the Director of Information Security immediately at 289-8655
  3. Note any actions taken or activity preceding the incident

What is a cybersecurity incident?  An event that disrupts the normal operations of IT resources; violation or imminent threat of violation of Information Technology policies, Information Security Policy, other University policies, standards, and code of conducts; or threatens the confidentiality, integrity, or availability of University information systems or data. 

  1. Computer system intrusion
  2. Ransomware infection that is spreading to other systems or data storage
  3. Unauthorized access to, or use of, systems, software, or data
  4. Unauthorized changes to systems or data
  5. Denial-of-service attack
  6. Interference with the intended use of IT resources

Not sure if it’s a cyber incident?  When in doubt, ask!