General Requests
IMPORTANT NOTE: If you believe a security incident is an illegal act or life threatening, contact the Georgia Tech Police Department: (404) 894-2500, or Emergency: 911 immediately.
If you wish to get in touch with the Georgia Tech Cyber Security team, please use the contact information below:
Phone:
404.385.CYBR (2927)
Email for General Questions or Inquiries:
ask@security.gatech.edu
For more specific requests, please select one of the options below for details.
Reporting a Security Incident
Phone: 404-385-2927
Email: soc@gatech.edu
If a Georgia Tech IT Resource user suspects or has observed an event that would satisfy the definition of a security incident, they should report the suspicion immediately to the Security Operations Center (SOC). Do NOT attempt to investigate or remediate the incident on your own.
Security Incident – A security incident is an event, as determined by Georgia Tech Cyber Security, that violates an applicable law or Institute policy including the violation or imminent threat of violation of computer security policies, acceptable use policies, or standard security practices. An incident could also be established based on the potential for harm to the confidentiality, integrity, or availability of Georgia Tech IT resources.
Requested Information:
- Contact information & affiliation to Georgia Tech
- Impacted system(s) or services
- Date and time of the incident
- What data types may have been impacted?
Please take these steps:
- Stop work on the machine immediately.
- Do NOT disconnect the network or power cables from the machine(s) so that we can use our approved endpoint software to respond to the incident.
- Do NOT attempt to investigate or remediate the incident on your own. Wait for instructions from the Security Operations Center (SOC). There may be compliance requirements, a ‘bigger picture’, or other ’complications’ that you may not know about.
- Provide us with as much information as you can about the user(s), GT account(s), and/or endpoint(s) that are affected. Some helpful scoping information is outlined in Requested Scoping Information (below) OR in the GT Security Incident Response Plan.
- Do NOT send sensitive information via email. Instead, provide it over the phone or wait to add it to a Security Incident Response Task (SIT) inside our Security Operations Management Tool.
Report a Phishing Email
Please forward suspected phishing messages as an attachment to:
phishing@gatech.edu
*Forwarding the email as an attachment provides Cyber Security with email header information, which is valuable during their analysis of the message.
Instructions to forward an email message as an attachment are referenced below:
Requesting Assistance from Log Management Team
The Log Management Team, part of the Cyber Security Engineering Team, maintains their service page as a KB, which can be located here:
Vulnerability Reporting
The Georgia Institute Of Technology recognizes that security vulnerability research takes place on campus both through sponsored research, internally initiated research, and informal research. In addition, system users often find security vulnerabilities incidentally during the course of some other activity. Georgia Tech is fully committed to the identification and remediation of security vulnerabilities within Institute systems and networks.
If you have identified a security vulnerability within a Georgia Tech system, please send a message to the Cyber Security team at vulnerability.reporting@gatech.edu.
Network Abuse Reporting
Network Abuse Reporting
If you suspect that your network, systems, or services may have been negatively impacted by resources at Georgia Tech, please report them to the Georgia Tech Cyber Security via email to: abuse@gatech.edu.
When reporting abuse, provide the following:
- Your name, and an email address or phone number for contacting you
- If you are affiliated with Georgia Tech, your affiliation (Faculty, Staff, Student, etc.) and your GT account
- The type of abuse (SPAM, bandwidth abuse, etc.)
- The IP address of the attacking system, if appropriate
- The date and time of the abuse
- Any additional information that you feel may help us to locate and diagnose the problem, such as full message headers, system logs, etc.
Reporting a Lost or Stolen Item
Reporting a Lost or Stolen Item
If your electronic device (including laptop, cellphone, or tablet) has been lost or stolen, please reach out to Georgia Tech Police Department and file a police report.
Phone: (404) 894-2500
In addition, please contact Georgia Tech Cyber Security at soc@gatech.edu to evaluate if protected data was present on the device, including but not limited to:
- Health records
- Employee/personnel records
- Student data
- Research data
- Financial records