Description
- involves actual or suspected unauthorized disclosure of data classified as confidential or higher
- involves unauthorized access or use of information resources
- involves consequential legal issues
- may cause disruption to high impact information resources or university-wide Essential IT services
- involves active threats
- is widespread
- is likely to raise public interest
Applicability
-
This procedure applies to all information resource owners or designees, custodians, users and third parties who are responsible for Texas A&M University information resources.
Implementation
-
1
Anyone may report illegal, disruptive, or suspicious activity impacting Texas A&M information resources at any time to the Division of IT Helpdesk ( helpdesk@tamu.edu or (979)-845-8300),
-
2
Known or suspected security incidents must be reported immediately to either:
-
2.1
TAMU Helpdesk Central: (979) 845-8300 or helpdesk@tamu.edu, or
-
2.2
TAMU Security Incident Reporting: security@tamu.edu.
-
2.1
-
3
The university CISO has reporting responsibilities to the Texas Department of Information Resources for security incidents that are assessed to:
-
3.1
Propagate to other university or state systems;
-
3.2
Result in criminal violations that shall be reported to law enforcement; or
-
3.3
Involve the unauthorized disclosure or modification of confidential information, e.g., sensitive personal information as defined in §521.002(a)(2) of Texas Business and Commerce Code, and other applicable laws that may require public notification.
-
3.1
-
4
If the security incident is assessed to involve suspected criminal activity (e.g., violations of Chapter 33 or Chapter 33A Texas Penal Code), the security incident shall be investigated, reported, and documented in a manner that restores operation promptly while meeting the legal requirements for handling of evidence.