Reporting a Cybersecurity incident
Each member of The Texas A&M University System collects and stores a wide variety of personal information from students, alumni, faculty, staff and customers. We also exchange information between partners, such as research partnerships which are so valuable to everyone. While we treat this information with the utmost care and diligence, it is still possible for a data breach to occur. The attempts at breaching, stealing or exposing information are ever increasing in the higher-education field. We plan and prepare for such breaches just in case to ensure we minimize the impact of a breach on everyone.
It is important for each A&M System member to have its own Breach Incident Plan and Response Team in place to quickly and efficiently respond to a data security incident. In these situations, early notification and transparency are critical. As available resources, we have included two documents that will assist you in communicating to the correct personnel and performing some initial actions that will greatly reduce the impact of the breach. Also, the State of Texas Department of Information Resources (DIR) also provides a template to all State agencies to assist them in responding to incidents. See the Incident Response Template here.
To report or request assistance in an ongoing event at the System Office, please first send an email to email@example.com. In case of emergencies, call the System Office Help Desk at 979.458.6430, extension “0” for the on-call person from the SO Security Team. Other specifically named personnel listed below should be contacted as well.
If this incident or breach is at a member, the following individuals should be contacted immediately:
- Your local Information Security Officer
- Your local Chief Information Officer
- Your local Compliance Officer
- Danny Miller, System Chief Information Security Officer – 409.600.1614
- Melia Jones, Assistant General Counsel – 979.458.6140
- Janet Gordon, System Ethics and Compliance Officer – 979.450.1242
These personnel will know best what next steps to take in an incident.
Danny Miller, C|CISO, CISA, ITIL, CRISC, CGEIT | System Chief Information Security Officer
Office of the Chief Information Officer