Incident Reporting
Information Security Procedure

Pod

Information Security Procedures (ISPR) provide formal methods for which Information Security Regulations, Standards, and Best Practices are conducted.

Being able to recognize and report both actual and suspected cybersecurity-related incidents helps limit the damage, time, and costs associated with recovery. Furthermore, incident reporting helps the District enforce and strengthen security policies, procedures, and contingency plans as well as maintain regulatory compliance.

What is an Information Cybersecurity Incident?

A cybersecurity incident is an occurrence that actually or potentially jeopardizes the confidentiality, integrity, or availability of an information system or the information the system processes, stores, or transmits or that constitutes a violation or imminent threat of violation of security policies, security procedures, or acceptable use policies (NIST).

Examples

  • Unauthorized access or changes to, or use or destruction of systems, software, or data
  • Unauthorized disclosure of data
  • Interference or subversion of systems
  • Loss or theft of equipment or systems storing institutional data
  • Compromised user accounts
  • Denial of service attacks
  • Ransomware
  • Violation of a security policy whereby any of the above may occur

What To Do if You Suspect a Phishing Attempt

If you think you may have received a phishing email, please follow the reporting procedure at https://www.lbcc.edu/phishing

What To Do if You Suspect Your Computer Is Infected

  1. Stop using the device immediately.
  2. Do not power down the device. The device may contain important information for a forensics team.
  3. Unplug the device from the network or disconnect it from Wi-Fi.  Infected systems are often used to infect others on the same network.
  4. Follow the How to Report an Incident section below.

How to Report a Cybersecurity Incident

In order to effectively diagnose and mitigate a cybersecurity incident, ITS needs as much information as possible.

What to Include in the Incident Report

  • Your name
  • Email address
  • Department
  • Telephone number
  • Description of the information security problem
  • Date and time the problem was first noticed (if possible)
  • Any other known resources affected

Where to Report the Incident

After you have gathered the necessary information listed above, please report the incident to either:

 

Important: if you experience a type of event or emergency that would normally require police assistance, please contact Campus Safety at (562) 938-4910.