Report a Suspected Cyber Security or IT Security Incident

Service Overview

Information security is a responsibility for students, faculty, and staff for data, workstations, and other resources. ITS supports Camosun by providing information and tools around phishing, anti-virus, and network security. An Information Security Incident could mean lost or stolen data or workstations, active ransomware attacks, malware, computer viruses, and/or compromised user accounts.  Use this service to report a suspected Cyber Security or Information Security Incident.

Available To

Faculty & Staff

What is a Cybersecurity Incident?

A cybersecurity or information security incident is any attempted or successful unauthorized access, use, disclosure, modification, or destruction of information, or interference with IT operations or services.

Examples include:

Category

Examples

Illegal or Unauthorized Use
  • Use of College computing facilities for any behaviour that is prohibited by the Criminal Code of Canada or any other applicable federal or provincial legislation 
  • Unauthorized access, use, alteration, or destruction of college systems, software, or data

Unsolicited or Suspicious Activity
  • Unsolicited or spam email originating from college sources
  • Use of malicious code (e.g., unexpected pop-ups, file changes, account lockouts)

Data Theft or Breach
  • Theft of sensitive information via hacking or physical device theft
  • Unauthorized copying of sensitive data
  • Notices of vendor or SaaS breaches involving College data

Unsanctioned Computing Infrastructure

  • Unauthorized network devices, VPNs, or cloud storage used to access or store college data

Malware or Ransomware
  • Ransomware or malware infections affecting desktops, laptops, or servers

Social Engineering
  • Phishing attempts and other social engineering tactics designed to trick users into revealing credentials or sensitive information

Credential or Access Compromise
  • Compromised user credentials
  • Unauthorized access to systems, data, or files

Data Integrity Incidents
  • Unauthorized deletion of systems, data, or files

Device Loss
  • Lost or stolen devices containing college information, personal, or sensitive data

 

Reporting Incidents

All cybersecurity incidents or suspected incidents should be reported immediately upon discovery.  Report To:

·       Your Workplace Leader or Supervisor

·       IT Service Desk

o   Email: itsservicedesk@camosun.ca

o   Phone: 250-370-3064

·       IT Security Team

o   Using the ITS Service Portal

o   Email: itsecurity@camosun.ca or cybersecurity@camosun.ca

What to Include in Your Report

When reporting an incident, include as much detail as possible:

·       What happened and when

·       How it was discovered

·       Who or what was involved (e.g., systems, users, departments)

·       Any steps already taken (e.g., disconnecting from the network)

Do not delete or alter any files, messages, or logs related to the incident. Preserve evidence whenever possible.

 

Getting Started

Click the Report Incident button on this page to make this request.  Please include as many details as possible when making this request so that we can better assist you.