Reporting Computing Security Incidents

Incident Reporting Hotline: 631-344-8484

Security Incidents
A computer security incident can range from a simple virus to the disclosure of sensitive information. Incidents can be minor, important, or significant. Incidents that must be reported include computer or network related activity, internal or external to the Laboratory, that may impact the Laboratory’s mission.

Examples of such activities include: the possibility of: loss of data; denial of services; compromise of computer security; unauthorized access to data that the Laboratory is required to control by law, regulation, or DOE orders; investigative activity by legal, law enforcement, bureaucratic, or political authorities; or a public relations embarrassment.  

Reporting Process
All employees and users are required to immediately report any suspicious incidents involving the security of the Laboratory computers or networks, including apparent attempts at unauthorized access.

Incidents should be reported to the Cyber Security Incident Response Team (CSIRT) at x8484, or to the System Manager if immediately available. System managers are expected to report incidents immediately that do not have a simple explanation based on normal routine operation of the system.

If there is clearly no urgency, incidents may be reported by email to: 

Investigation Process
CSIRT will investigate all reported incidents. The Head of CSIRT may assume full administrative control of affected systems until the incident is resolved, and may call on other technical experts for priority assistance.

If you have a question that is not addressed in these pages, please send an email to

Top of Page

Last Modified: April 14, 2011
Please forward all questions about this site to: Web Services