4.Incident Reporting
Are you and your team aware of your responsibility to report all information security incidents to security@ubc.ca?
Why is this Essential?
Reporting security incidents or a potential anomaly in a timely manner allows the incident to be assessed and contained as soon as possible. That includes any incidents or breaches that you and/or your team may be able to handle yourselves - those still need to be reported immediately to Cybersecurity. Further, visibility of incidents would aid the cybersecurity team in adjusting the response to a threat across UBC.
Reference Links
Policy SC14 - Acceptable Use and Security of UBC Electronic Information and SystemsInformation Security Standards – U4 - Reporting Information Security Incidents
Privacy Matters @UBC – Report an Incident
Creating quick steps to report phishing and remove it in one click
Instructions
All IT Staff and users in the unit must be aware of the requirement to report potential information security incidents to security@ubc.ca. For example, a suspicious email or a pop up on a computer screen that wants the user to contact a 1800 number or a pop-up that asks for ransom, etc. should all be reported to security@ubc.ca for analysis. IT Staff should always encourage Users to report suspected or confirmed incidents, like attempted phishing emails, directly to cybersecurity as well.
What is Acceptable?
IT support staff have been made aware of this responsibility through one of the following: - communications, awareness sessions, training, and I am confident there is broad awareness within IT support staff. IT Support Staff advise Users accordingly.