Incident Response

InfoSec Incident Response (ISI)Incident Response

Anytime the confidentiality, availability, or integrity of our College's data or computing resources is compromised, whether by malicious persons, malware, or bad fortune there has been an information security incident (ISI). Some examples of ISI include lost laptops with confidential information on them, malware on a desktop computer, compromised password via phishing email, data-center fire, Banner data breach, and many more.

Reporting an InfoSec Incident

There are a couple of avenues available, depending on the urgency of the incident. If you feel a password has been compromised, data has been stolen, or there is malware on your computer, first attempt to contact Wesley Dymond directly at (541)383-7746 x7746. If you have questions and do not believe there is an urgency to your request, place a help-desk ticket and select "InfoSec Incident" as the category.

Time is of the essence

It is easier to mitigate or reduce the impact of an ISI at the beginning of an incident. Compromised user accounts, for instance, will often be used within 4-24 hours of a phishing campaign so spread more malware throughout our College. Detecting and correcting the compromised user account in a timely manner is paramount. Another common occurrence is lost cell phones that are configured to access our cocc.edu work email. If a cell phone is lost, great benefit can be gained by remotely tracking, locking, or (worst case) wiping the device.