Cybersecurity, Emergency Incident, Contacting Security

How to contact the Cybersecurity Operations Center on-call responder in an emergency.

Cybersecurity breach or other cybersecurity emergency? 



  • Do not power anything off.
  • Do not remove anything from the network yet if at all possible.
  • Do not mess with any of the affected things if at all possible.
  • Before you do anything, Security needs to work towards understanding, containing, mitigating, and ultimately recovering the incident. Messing with the system can complicate or disrupt campus’ ability to do those things, so please take two steps back and breathe.
Cybersecurity Operations Center (CSOC) 24-hour critical response:
217-265-0000 (option 3)
  • If you are not the Security Liaison for your unit, notify and involve your unit Security Liaison as well. If you do not know who your Security Liaison is, your CSOC responder can assist.

Other important security incident or event, or notification?

You can report via email to
Also, see KB 56730 for detailed guidance

Reports submitted to this address are evaluated and triaged, at longest, once every 24 hours.

Non-emergency security questions and requests can be sent to

If you are not a security liaison for your unit and are in need of emergent or critical security assistance, notify and involve your designated Security Liaison.

See for more details on the Critical Event Response team, what they do, and what to expect

Keywordsinformation security, security, cybersecurity, incident, breach, impact, event, report, emergency, critical, compromise, malware, phishing, contact, urgent, cyber, trouble, support   Doc ID89561
OwnerSecurity S.GroupUniversity of Illinois Technology Services
Created2019-02-06 16:08:07Updated2023-06-09 08:48:55
SitesUniversity of Illinois System, University of Illinois Technology Services
Feedback  0   0