17.3.12 Information Security Incident Response
Information security incidents [link: 17.8.35] are defined as a single or series of unwanted events that compromise (or are likely to compromise) the confidentiality, integrity, or availability of OIST Information assets and/or breach OIST rule or Japanese law.
Security Incident Response differs from Data Forensics [link: 17.3.13] in that it is triggered by notifications or events, and that only the result of the investigation is disclosed beyond the IT personnel tasked with investigating it, no data is disclosed. The CIO and CISM are responsible for investigating security incidents, and to take all necessary actions in order to protect OIST and its resources and/or to provide information relevant to an investigation. In this regard, the Chief Information Officer (CIO) [link: 17.4.5], Chief Information Security Officer (CISO), and Operation and Support Section Manager have specific rights and responsibilities.
Any user who becomes aware of an information security incident must immediately contact CIO and CISO via e-mail (firstname.lastname@example.org email@example.com), or by phone (see the OIST directory, https://directory.oist.jp).
Please see the Information Security Incident Response Procedures for more details [link: 17.5.8].