What is a Security Incident?
A security incident is any attempted or actual unauthorized access, use, disclosure, modification, or destruction of information. This includes interference with information technology operation and violation of corporate policy, or regional laws or regulations.
Examples of security incidents include:
It is important that actual or suspected security incidents are reported as early as possible so that campus can limit the damage and cost of recovery. Include specific details regarding the system breach, vulnerability, or compromise of your computer and we will respond with a plan for further containment and mitigation.
How to report a security incident
Important: If the incident poses any immediate danger, contact firstname.lastname@example.org
Information to include in the report:
What should I do if I suspect a serious Security Incident?
A security incident is considered serious if the campus is impacted by one or more of the following:
If you know or suspect that the compromised system contains sensitive data, please take these steps:
In the case of a serious incident, please be aware that continued interaction with a compromised machine can severely affect later forensic analysis
How do I report Computer or Network Misuse?
A security incident may also refer to the inappropriate use of CruxOCM products. Common violations and examples of misuse include:
Vendor and Risk Management