The re-organized and renamed Office of Cybersecurity still provides services to DoIT as well as the campus and UW System.
The breadth of the new security team ranges from risk and compliance, to threat management, to incident monitoring and reporting to security awareness programs.
Your group may want the Cybersecurity team to assess the security risks remaining with your service or application. Or you may wish for team members to assist in the implementation of a security control such as password managers or other tools.
Questions on any security topic, requests for presentations, assessments on a service, etc. can be directed to cybersecurity@CIO.Wisc.Edu.
In addition to completing this yearly training and taking action on any action items provided to you in the Security Awareness Training checklist, there are additional security practices as an employee of UW-Madison.
Some may incorrectly state they have a "security breach" when really reporting a potential security breach. Here are some examples of how one may report a security breach:
To determine whether or not these situations are potentially data breaches, you’ll want to find out if any sensitive data has potentially been exposed to an unintended audience. It is not your job to prove that a security breach has occurred; rather, it is your job to determine if one MAY HAVE occurred. If a security breach may have occurred, contact your local IT department or the DoIT Help Desk and they will gather information and send the case to the appropriate area. A security breach occurs when sensitive data from the University is exposed to the incorrect person or persons. Sometimes, someone is trying to access the data to commit identity theft or fraud, but sometimes an application malfunctions and the data is exposed unintentionally to other users of the application.
In general, "logical" breaches should be reported to your local IT department or to the DoIT Help Desk and "physical" breaches should be reported to your local police department.
Physical breaches can be for lost, misplaced or stolen devices. Also, physical breaches can be for personal or University-held data. If University-held data, the local police department would also be contacting the UW-Madison Office of Cybersecurity about the issue.
Logical data breaches involve the potential release of sensitive University-held data from devices connected to the network. Common examples include:
A note on stolen electronic devices: Stolen electronic devices can include desktops, laptops, tablets, smart phones, or any other electronic devices that stores data. Stolen electronic devices fall into the category of security breach when they contain University-related sensitive data. This means devices with University business data (pay, social security, etc.), research data, or other sensitive data to the University. A personal laptop with no sensitive data of the University is not a security breach.
Users of UW-Madison information resources must report incidents involving possible unauthorized access to UW-Madison restricted data or other sensitive information, using the Mandatory Information Incident Reporting Procedures.
Reportable incidents include:
To report non-urgent unauthorized access, denial of service, spam, electronic harassment, inappropriate commercial use, copyright infringement, or other such actions, complete the Reporting an Incident to IT Security. Note this goes directly to the security team, not the help desk. For urgent issues, you should call the DoIT Help Desk directly.
The following flowchart illustrates the overall process of incident reporting and response. The department or other unit performs the initial steps. These are equivalent to the mandatory reporting procedures outlined above.
Security is a constantly evolving landscape. As hackers are becoming more sophisticated in their attempts, being aware of the latest trends and requirements is necessary. To stay up to date, subscribe to these publications. If you have any questions or concerns about security, don’t hesitate to contact the Office of Cybersecurity at firstname.lastname@example.org.