Each agency must report all information security incidents to the ITS Information Security Division (ISD) as soon as possible.
Information security incidents result from a validation of an information security event. Information security events are defined as any violation of computer security policies, network integrity, data confidentiality, or standard computer security practices.
Detailed reporting procedures and a description of reportable events are provided in the ISD Cyber Security Incident Reporting Guidelines document. State employees can access this document from the ITS website.
A. Each agency must establish security event/incident response procedures that define the actions to be taken when a security event/incident occurs.B. Each agency is responsible for assessing the significance of a security incident within their organization and for providing this information to ISD based on the business impact on affected resources and the current and potential technical effect of the incident (e.g., loss of revenue, productivity, access to services, reputation, unauthorized disclosure of sensitive information, or propagation to other networks).C. Each agency must implement a policy requiring all agency users to report suspected security events/incidents to an appropriate level supervisor, manager, or security officer within their agency. Each agency must train their users on the procedures for reporting a suspected security event, security policy violation, state or federal law violation, theft, damage, or action placing state resources at risk.D. Each agency is responsible for contacting the appropriate law enforcement and investigative authorities if criminal action is suspected. Miss. Code Ann. § 25-53-1 to § 25-53-25.