# Incident Response ## expand\_more HGSE adheres to the University’s comprehensive Privacy and Security (PrivSec) Incident Response Plan, which encompasses all University functions. This plan serves not as a replacement for existing Harvard incident management strategies but as a supplement, offering detailed procedures tailored for responding effectively to PrivSec incidents. It is designed to ensure cohesive and robust handling of privacy and security challenges across the institution. The PrivSec Incident Response Plan is readily available to University employees assigned critical roles in the incident response process, thereby enhancing preparedness and coordination University-wide. The below situations just include some of the most common incidents encountered by Harvard community members. ### Please complete the below reporting steps if you experience, or are aware of, any of the following situations: Open all sections Close all sections ### I've lost possession of an HGSE-owned/managed electronic device or a device that contains Harvard data. expand\_more - Contact HGSE’s Director of Security Operations (DSO) via the [IT Service Center](mailto:it_onestop@gse.harvard.edu) - If you are an HGSE or Harvard employee, contact your manager - Open a case with the Harvard University Police Department (HUPD) by calling 617-495-1215 (if urgent, call 617-495-1212) ### I've found or placed sensitive, unsecured HGSE or Harvard data where it shouldn't be. expand\_more If you see sensitive HGSE or Harvard data on an unsecured server or posted publicly, or you believe you may have used an unsecure system to collect or transmit sensitive HGSE or Harvard data, [open a ticket](https://its.gse.harvard.edu/security.harvard.edu/report-incident#) or call 617-495-7777. ### I've received a suspicious email that might be phishing. expand\_more Forward phishing emails to . When the University receives a suspected phishing email, their security teams check it out to determine the risk. If it is in fact a phishing attack, they may take any of the following steps: - Breaking dangerous links so they don't connect to unsafe webpages - Blocking malicious files from being delivered to other inboxes in the future - Escalating the report to the University's Security Operations Team to investigate compromised systems or accounts ### I've found a technology vulnerability or coding bug in an HGSE or Harvard system. expand\_more If you are aware of a vulnerability in an HGSE or Harvard system, [open a ticket](https://its.gse.harvard.edu/security.harvard.edu/report-incident#) or call 617-495-7777. ### I've received an electronic threat to my safety or someone else's safety. expand\_more If you or someone else has received a threat to your safety, including "cyberstalking" or "cyberbullying," open a case with the Harvard University Police Department (HUPD) by calling 617-495-1215 (if urgent, call 617-495-1212). ### I believe there might be an incident involving credit cards or other PCI-related matters. expand\_more Please contact the University Office of Cash Management immediately at 617-496-0300 and [cash\_management@harvard.edu](mailto:cash_management@harvard.edu). We ask that you also contact HGSE’s Director of Security Operations (DSO) via the [IT Service Center](mailto:it_onestop@gse.harvard.edu). ### I have a non-urgent security question or concern. expand\_more If you have a non-urgent security question or concern, you're encouraged to schedule some time with HGSE’s Director of Security Operations (DSO): [calendly.com/sarah\_pruski](https://calendly.com/sarah_pruski)