This page uses javascript to help render elements, if you have problems please enable javascript.
 
You are now inside the main content area
 
 
 
left col

Cyber Services

Incident Response

Respond Fase. Recover Smarter. Stay Secure.

right col
 
left col
right col
 
left col
right col
 
 
left col

What is an Incident?

A Security Incident is any event that compromises the confidentiality, integrity, or availability of university systems or data. Common examples include:

  • Phishing or social engineering attacks
  • Malware or ransomware infections
  • Unauthorized access to systems or data
  • Data leaks or exposure

Cybersecurity incidents can happen at any time, from phishing attacks and malware infections to data breaches and system compromises. The CSUF Information Security Office (ISO) leads the university’s Incident Response Program, ensuring swift action to contain threats, minimize damage, and restore normal operations.

right col
 
left col

Why is Incident Response Important?

Incident Response is the structured approach CSUF uses to detect, investigate, contain, and recover from cybersecurity threats and breaches. It involves a coordinated effort between the Information Security Office (ISO), IT teams, and university departments to ensure that any disruption to systems or data is handled quickly and effectively.

Incident Response is essential to:

  • Minimize Damage: Quick containment prevents the spread of threats and limits data loss.
  • Restore Operations: Ensures that critical university services are brought back online safely and efficiently.
  • Protect Sensitive Data: Helps safeguard student, faculty, and institutional information from misuse or exposure.
  • Maintain Trust: Demonstrates CSUF’s commitment to protecting its digital environment and complying with CSU and federal regulations.
  • Learn and Improve: Post-incident reviews help strengthen defenses and prevent future incidents.
right col
 
left col
right col
 
left col

Our Response Process

CSUF follows a structured, multi-phase approach to incident response:

Identification

  • Detect and verify the incident
  • Assess scope and impact
  • Notify stakeholders

Containment

  • Isolate affected systems
  • Prevent further damage
  • Preserve evidence for analysis

Eradication

  • Remove malicious code or unauthorized access
  • Patch vulnerabilities
  • Strengthen defenses

Recovery

  • Restore systems and services
  • Monitor for recurrence
  • Validate system integrity

Lessons Learned

  • Conduct post-incident review
  • Update policies and procedures
  • Share findings with relevant teams

 

Roles and Responsibilities

  • IT Teams: Report incidents, assist with containment and recovery
  • Faculty & Staff: Recognize and report suspicious activity
  • Students: Practice safe computing and report issues promptly
  • ISO (Information Security Office): Lead incident response, coordinate with IT and legal teams

 

IT Help Desk Support

Faculty/Staff

Call: (657) 278-7777

Email: helpdesk@fullerton.edu

 

Students

Call: (657) 278-8888

Email: StudentITHelpdesk@fullerton.edu

 

IT Helpdesk Website

 

right col