Report IT security incidents

For the reporting of incidents occurring in the context of information processing, specialized reporting points have been established at KIT, depending on the type of data or equipment concerned.

Reporting Process

There is a reporting obligation for the following incidents according to chapter 3.7 IT-Security concept:

  • Loss of devices, e.g. PCs, laptops or smartphones
  • Loss of storage devices, e.g. USB sticks or CDs
  • Deception through fraudulent message
  • Detect malware on devices
  • Discovering devices, e.g. Wi-Fi routers, small boxes or other PCs/laptops, in one's own premises that are suddenly there but have not been announced
  • Extortion or coercion not to behave in accordance with the rules

If an IT security incident is discovered during information processing, it must be reported immediately to the local IT appointee or your organizational unit or the KIT-CERT (cert∂

If you are unsure whether an incident you have observed is an IT security incident or simply seems a little bit unusual, please contact your IT appointee of the organizational unit as a precaution or send an e-mail to beratung-itsec∂ Together with you the observed incident will be evaluated.

More information on KIT-CERT and the Reporting obligation.

In addition, KIT-CERT works closely with the Legal Affairs Business Unit (RECHT) on requests from security authorities; in particular, KIT-CERT coordinates the processing of requests.

Report a data breach

If an incident occurs during information processing that leads to a violation of the protection of personal data - a so-called data breach - the management of an organizational unit must be informed immediately. The latter will then decide whether the data breach must be forwarded to the reporting office established at KIT due to the severity of the risk.

More information on the reporting office, the procedure and cases of doubt.