This can result in unauthorized disclosure, modification, destruction or disruption of data, information or system(s). Information security incidents are composed of several distinct elements:
Threats, which are actions or methods that are known to increase the risk of disclosure, modification, disruption and/or destruction of systems and/or data.
Events, which occur when someone or something undertakes a threat action with the intent of disclosing, modifying, disrupting or destroying systems and/or data.
- Inappropriate use of a McMaster University system or systems resulting in unauthorized disclosure, modification or destruction of data or information;
- Inappropriate use of a McMaster University system or systems resulting in unauthorized modification, destruction or disruption of service to a system;
- Violation of McMaster University Information Technology Policies, Procedures and Standards, whether intentional or unintentional.
- Use of McMaster University Information Technology assets in the commission of activities that violate municipal, provincial, federal or international laws and regulations, or applicable industry regulations.
There are many sources of notification of an information security incident, including but not limited to:
- computer and network users within the McMaster University community;
- internal vendors or merchants;
- technical staff on any of the IT services team;
- departmental technical staff;
- external technical advisories and notifications.
Upon receiving notification of a suspected information security incident, a service ticket will be created with the UTS Client Service Desk to track major activities and tasks performed towards resolving incident.
Information security incident response is the responsibility of IT Security; incident response may require the creation of an information security incident response team (ISIRT).
McMaster University constituents, including but not limited to faculty, staff, and students, are encouraged to report security incidents to the University Technology Services Service Desk at:
(905) 525-9140 x24357 (2HELP)
Upon detection of a PCI related information security incident, merchants and/or staff are instructed to:
NOT logoff or power off the affected system.
DO take note of pertinent information, including:
- the time that the suspected incident occurred
- the condition of the affected system
DO report PCI Related incidents directly to the IT Security team:
(905) 525-9140 x28299
In the event that the incident involves an active physical threat, or a violation of local, provincial, federal or international law, please report the incident to:
Hamilton Police Services