Skip to main content
WISCONSIN STATEWIDE INTELLIGENCE CENTER (WSIC)
Menu
Home
Suspicious Activity Reporting Form
Election Threat Reporting Form
Cyber Incident Reporting Form
Cyber Incident Reporting
*
Indicates required field
Submitter’s Contact Information
Submitter’s Contact Information
* First Name
* Last Name
* Email Address
* Telephone (###) ###-####
* Organization or WSIC Partner #
* Type of Organization
United States Federal Government
Private Sector
Foreign Government
Individual
State, Local, Tribal, or Territorial (SLTT) Government (U.S.)
Other…
Enter other…
* Critical Infrastructure Owner
Yes
No
Industry Sector (If Applicable)
* Incident Start Date: mm/dd/yyyy
Incident Start Time
* Incident Detected Date: mm/dd/yyyy
Incident Detected Time
Impact Details
Impact Details
* Is the confidentiality, integrity, and/or availability of the organization’s information systems affected?
Yes
No
* Please define the functional impact to the organization by selecting one of the following
High – Organization has lost the ability to provide all critical services to all system users.
Medium – Organization has lost the ability to provide a critical service to a subset of system users.
Low – Organization has experienced a loss of efficiency, but can still provide all critical services to all users with minimal effect on performance.
None – Organization as experienced no loss in ability to provide all services to all users.
What is number of systems impacted (if known)?
How many users are impacted (if known)?
What operating systems (OS) are impacted?
OS Name
OS Version
* How was this incident detected?
By an Administrator
AV Software
Intrusion Detection System
Log Review by an Analyst
By a User
Other
Unknown
* What is the function of the system(s) affected? Please select all that apply
Application Server(s)
Database Server(s)
Domain Name Server(s)
Mail Server(s)
Time Server(s)
Web Server(s)
Other Server(s)
Firewall(s)
SCADA System(s)
Switch(s)
Router(s)
Desktop(s)
Laptop(s)
Please enter the attacking Internet Protocol (IP) address(es)
IP Address
Port
Protocol
Add another attacking Internet Protocol (IP) address(es), Port Protocol
IP Address
Port
Protocol
Please paste network flow here (if available)
Threat Vectors
Threat Vectors
* Please select at least one threat vector
Attrition
Web
Email
External/Removable Media
Impersonation/Spoofing
Improper Usage
Loss or Theft of Equipment
Physical Cause
Other
Unknown
* Cyber Incident Report Type
Cyber Fraud
Data Destruction
Data Theft
DoS/DDoS/TDoS
Malware/Ransomware
Network Intrusion
Other
Phishing/Spear phishing
Suspicious Network Traffic
Website Defacement
Information Impact to the Organization
Information Impact to the Organization
* Was the confidentiality of classified information compromised?
Yes
No
* Was proprietary information such as protected critical infrastructure information (PCII), intellectual property, or a trade secret accessed or exfiltrated?
Yes
No
* Was personally identifiable information (PII) such as taxpayer, employee, or beneficiary accessed or exfiltrated?
Yes
No
* Was protected health information (PHI) such as medical history, test and laboratory results, insurance information accessed or exfiltrated?
Yes
No
* Was sensitive or proprietary information modified or deleted?
Yes
No
Unknown
* Please select the organization’s recoverability for this incident
Extended – Time to recovery is unpredictable; additional resources and outside help are needed.
Not recoverable – Recovery from this incident is not possible (e.g., sensitive data exfiltrated and posted publicly).
Supplemented – Time to recovery is predictable with additional resources.
Regular – Time to recovery is predictable with existing resources.
Narrative of Events
Leave this field blank
