Cybersecurity

Members of the WMU community who use IT systems and digital services must report any security incidents and information security breaches immediately. Prompt reporting enables a rapid response and helps minimize potential losses.

Examples of incidents that should be reported include:

  • Phishing – emails, text messages (SMS), or other communications attempting to obtain login credentials, personal data, or financial information (e.g., a message impersonating the Dean’s Office with a link to a fake login form).
  • Malware – cases where a computer is infected with viruses, ransomware, trojans, or other unwanted software.
  • Significant slowdown of an IT system – a sudden drop in performance that may indicate a DoS attack or unauthorized background activity.
  • Suspected computer virus – unusual system behavior, unexpected alerts, changes to files, or programs launching automatically.
  • Data theft – unauthorized access to data stored on computers, servers, or external storage devices.
  • Unauthorized copying of data – e.g., copying files containing students’ personal data to a private USB drive or cloud storage.
  • Unauthorized access to user accounts – unauthorized individuals logging into an employee or student account, or system resources.
  • Loss or theft of a data carrier – e.g., a missing USB drive or a stolen laptop containing work-related data.
  • Breach of the IT security policy – bypassing system safeguards, installing unauthorized software, or circumventing access-control mechanisms.
  • Malfunction of security systems – e.g., detecting that antivirus software, a firewall, or multi-factor authentication has been disabled.

Reporting

Incidents should be reported to the WMU IT Centre:

Why this matters

Every report helps to:

  • respond to threats quickly,
  • prevent further spread of the incident,
  • ensure compliance with legal requirements,
  • build a culture of security within the academic community.