CSP - AHoU - Incident Preparedness

 

Incident Preparedness

 
 

4. Incident Reporting

Are you and your team aware of your responsibility to report all information security incidents to security@ubc.ca?


Control or Process Description​

I report all occurrences that have and could potentially jeopardize the confidentiality, integrity and/or availability of an information system/processes to "security@ubc.ca" and have communicated this responsibility to all users and IT Support Staff in my unit.


Why is this Essential?

Reporting potential security incidents in a timely manner allow the incident to be assessed and contained promptly. Further, visibility of incidents support the cybersecurity team in adjusting the response to a greater threat across UBC.


Reference Links​
Policy SC14 - Acceptable Use and Security of UBC Electronic Information and Systems
Information Security Standards – U4 - Reporting Information Security Incidents
Privacy Matters @UBC – Report an Incident
Creating quick steps to report phishing and remove it in one click

Instructions​

All users in the unit must be aware of the requirement to report potential information security incidents to security@ubc.ca. For example, a suspicious email that a staff receives or a pop up on their computer screen that wants the user to contact a 1800 number or a pop-up that asks for ransom, etc. should all be reported to security@ubc.ca for analysis.


What is Acceptable?

I am aware, and periodic reminders are communicated e.g. when minor incidents happen, or there are broader incidents at UBC/the world.