Report a Cyber Incident

  • Contact Information
  • Incident Information
  • Impact Details
  • Indicators and Defensive Measures
  • Complete

This form is designed to enable organizations, businesses, and individuals in Jamaica to report cybersecurity incidents in a structured and efficient manner. Reporting incidents helps protect critical infrastructure, prevent further harm, and improve national cybersecurity defenses.

 

What is an Incident?

An incident refers to any event that jeopardizes the confidentiality, integrity, or availability of information systems, networks, or data. Common examples include:

  • Unauthorized access to or misuse of IT systems.
  • Ransomware attacks or other forms of malware.
  • Data breaches involving the exposure, loss, or theft of personal, financial, or proprietary information.
  • Distributed Denial-of-Service (DDoS) attacks that disrupt services.
  • Insider threats or intentional sabotage.
  • Suspicious or unauthorized use of an organization's resources

 

Who Should Use This Form?

This form should be used by:

  • Impacted users directly affected by the incident.
  • Representatives reporting on behalf of an impacted user or organization.

 

How the Information Will Be Used?

The information provided will be used solely for the purpose of:

  • Assessing the incident.
  • Coordinating appropriate response efforts.
  • Sharing anonymized threat intelligence (if necessary) to prevent similar incidents.

 

NOTE:
Under the Data Protection Act (DPA) of Jamaica, organizations have a legal obligation to report certain types of personal data breaches to the relevant authority (e.g., Information Commissioner) within 72 hours of becoming aware of the breach. Failure to comply with this requirement could result in fines or other penalties. 

Ensure compliance by promptly reporting any incident that compromises personal or sensitive data. Submitting this form does not absolve you of any legal or regulatory obligations under the Data Protection Act (DPA) or other applicable laws. It is your responsibility to notify any affected individuals or stakeholders as required under law, especially in cases involving breaches of personal data

For further guidance, consult your legal or compliance team.
 

Contact Information

I am:

Select the appropriate option
Enter Full Name
Enter your Phone Number
Enter the Organization’s Name
What is your Title/Role in the Organization?

Incident Information

Incident Overview
The affected entity is:

Select the appropriate option
Enter the Individual's Full Name or Organization Name
Incident Description
Provide a detailed summary, including what occurred, how it was detected, potential causes, and indicators of compromise (e.g., malicious emails, IP addresses, file hashes)
How was the Incident Detected
Select the dicovery method used to detect the incident
Enter the physical address or virtual environment affected

Impact Details

Select the appropriate option
System Impact
Types of Systems Affected
What operating systems (OS) are impacted?
Select all that apply
Windows Version

Select Affected Windows Versions
macOS Version

Select the Affected Mac Version
Linux Version
Android Version
iOS Version
CVE-
e.g., 2014-7654321 (do not include the CVE prefix)
Observed Activity
Where was the activity observed
Characterize the observed activity at its most severe level
Impact Information
What is the known informational impact from the incident?
Recovery From Incident
Describe efforts to mitigate the threat, such as isolating systems, deploying patches, or restoring backups
Who Has Been Notified?

Select all that apply
e.g., JaCIRT, MOCA, JCF Cybercrimes Unit, third-party vendors
Select the type of assistance you are requesting from the CIRT
Include any other relevant information, such as potential timelines, third-party involvement, or suspected attackers
Include any other relevant information, such as potential timelines, third-party involvement, or suspected attackers.

Indicators and Defensive Measures

Submission Marking Information
Please provide the information below to ensure that your submission is handled appropriately.
Please select the Traffic Light Protocol (TLP) Color
Indicate which entities the above contact information may be shared with
Indicators
Please provide details of the indicators observed related to the incident
Please provide details of the indicators observed related to the incident
Indicator Title Indicator Description Weight
Provide a short title for the indicator
Detailed description of the indicator and any relevant context
more items
Please enter the Internet Protocol (IP) address observable(s)
IP Address Port Number Protocol Weight
Protocol Type (e.g., TCP, UDP)
more items
Domain Weight
Domain Name
more items
MD5 Hash Weight
MD5 Hash Value
more items
Please select applicable kill chain stages
Defensive Measure Title Defensive Measure Description Weight
Title of Defensive Measure
Detailed description of the measure
more items
Please refer to the Common Attack Patterns Enumeration and Classification (CAPEC) for details
Attack Pattern Title CAPEC ID Description Weight
Title of the attack pattern
ID number from CAPEC
Detailed description of the attack pattern
more items
Please refer to the Common Vulnerabilities and Exposures (CVE) for details
Vulnerability Title CVE ID Description Weight
CVE Identifier
Detailed description of the vulnerability
more items