2.5 Security Incident Management

quote block

A security incident is any unauthorized access, acquisition, disclosure, loss of access, or destruction of Institutional Information. The significance of a breach is determined by its potential to cause substantial harm or disruption to university resources, stakeholders, affected individuals, or services. This assessment considers various risk factors, including the type and volume of data involved, the number of individuals affected, and the nature of the incident. All users must report Information Security Incidents according to the procedures and timelines outlined at https://infosec.usu.edu. Timely reporting helps mitigate damage, ensures compliance with regulatory requirements, and assists in the swift recovery and investigation of security incidents.

quote block
Related Policies:

Why

Utah State University (USU) must be prepared to detect, respond to, and recover from security incidents to minimize damage, protect Institutional Information, and maintain operational continuity. Security incidents—ranging from unauthorized access to data breaches and system compromises—can have serious consequences, including financial loss, reputational damage, legal liabilities, and regulatory penalties. Without a structured incident management process, USU risks delayed response times, increased impact, and failure to meet compliance obligations.

This policy establishes a clear framework for incident detection, reporting, and response to ensure:

  • Rapid containment and mitigation of security threats to reduce harm to individuals and university resources.
  • Regulatory compliance with laws such as FERPA, HIPAA, GDPR, and breach notification requirements.
  • Forensic investigation and lessons learned to strengthen security posture and prevent recurrence.

Timely and accurate reporting of security incidents is critical for effective response and resolution.

How

When an incident is reported, USU representatives from the Service Desk, Legal, and IT Security teams will assist users throughout the process, ensuring that incidents are properly documented, investigated, and mitigated. By adhering to these guidelines, users contribute to the timely containment, regulatory compliance, and recovery from security events, strengthening USU’s overall cybersecurity posture.

Report Incident