(As defined by the Governor's Office of Information Technology - OIT)
State of Colorado characterizes information system security or cyber incidents as any event violating State of Colorado security policy, standards, procedures, guidelines, processes or security best practice that may be detected as unexplained network or system behavior resulting in the loss of sensitive data or any instance where State of Colorado’s reputation might suffer. State of Colorado segments these incidents into the following categories consistent with definitions published by the National Infrastructure Protection Center:
The OCS Information Security Operations Center (ISOC) is staffed to receive and disseminate timely information regarding network security vulnerabilities and threats in the State of Colorado. The ISOC will receive, analyze, and escalate reports to State agencies that their systems are being used to source or are being victimized by a threat vector.
The Colorado Department of Higher Education will act as a communicator between the Colorado Office of Information Technology and the institutions of higher education regarding incident reporting.
For Institution Security Personnel, if an incident has occurred at your institution, please complete the following form and submit to CDHE.
For more information on Colorado Information Security, visit OIT's website.
OIT Resources include: