Report an Incident

The MS-ISAC® and EI-ISAC® are happy to assist U.S. State, Local, Tribal, and Territorial (SLTT) entities with cybersecurity incident response. Even if your SLTT organization is not an MS-ISAC or EI-ISAC member, we encourage you to contact us if you experience:

  • Changes to system hardware, firmware, or software without the owner’s knowledge, instruction, or consent
  • Compromised passwords
  • Malware, including viruses, trojans, worms, or botnet activity
  • Defacement of a government website
  • Unauthorized access to information
  • Disruption or attempted denial of service (DoS)
  • Unauthorized use of system data or privileges

“Thank you for providing this invaluable service!”

– MS-ISAC Member

“My interaction with the engineering team on deploying the Albert was nothing but 1st class service.  I have complete confidence that the Albert is being monitored very well.” 

– EI-ISAC Member

Direct Assistance From Our CIRT

Our expertly trained Cyber Incident Response Team (CIRT) is here to help. If your SLTT organization experiences a cybersecurity incident, our CIRT can provide the following free response services:

  • Emergency conference calls
  • Forensic analysis
  • Log analysis
  • Mitigation recommendations
  • Reverse engineering
  • Ongoing communication throughout the incident
  • At the close of the incident, written communication will be provided that summarizes the incident. 

“I will continue to leverage this expert and valuable service as long as it exists. The MS-ISAC CIRT was once again very efficient and provided a robust root cause analysis in a timely fashion.”

– MS-ISAC Member


The Security Operations Center (SOC) is available 24/7 to assist via phone or email:

Arrow 866-787-4722

Arrow [email protected]