If you suspect you or your agency has been compromised in a cybersecurity incident or breach, please review the following guidelines for next steps:
- Immediately contact your agency IT support staff
- For agencies supported by the Office of Information Technology Services (ITS), call the ITS Service Desk at 208-605-4000, option 1, and notify your Service Delivery Manager for further coordination
- For non-ITS agencies, contact your agency cybersecurity coordinator per ITA Policy P4110
- Execute the agency’s Incident Response Plan
- Cyber incidents and breaches must be reported per Risk Management claim requirements:
- A breach must be reported within 24 hours of initial discovery
- An incident must be reported within five (5) days or initial discovery
- All breaches and incidents must be reported by the agency cybersecurity coordinator through WebEOC
- Follow the steps under your specific agency’s Continuity of Operations Plan (COOP), Business Continuity Plan, and/or Disaster Recovery Plan
- Cyber incidents and breaches must be reported per Risk Management claim requirements:
- For non-ITS supported agencies, possible consultation or assistance is available from the office of the chief information security officer. Email ITS-CISO@its.idaho.gov or call 208-605-4000, option 2.