It’s a normal Tuesday morning. Coffee is warm, emails are flowing, and everything seems routine — until someone from accounting messages IT: “Hey… I can’t open any files on the shared drive. They all have weird extensions.”
Minutes later, more reports come in. Systems slow down. A ransom note suddenly appears on a workstation. Leadership starts asking questions. Anxiety rises. Is customer data involved? Are backups safe? How widespread is this?
At the same time, an individual across town faces a quieter but equally unsettling moment. A bank notification pops up about a transfer they never authorized. Then another email arrives — a password reset they didn’t request. Confusion turns to concern, then urgency.
In both cases, the first instinct is often to fix things quietly, contain the embarrassment, or hope it resolves on its own. But cybersecurity incidents rarely improve with silence. Knowing who to contact and how quickly to report an incident can dramatically affect recovery, investigation, and protection for others who might be targeted next.
That’s why understanding the proper reporting channels isn’t just good cybersecurity practice — it’s part of being responsible stewards of our data, our organizations, and each other.
Below is a practical guide to the appropriate reporting channels in the United States.
For Organizations
If your organization experiences a cybersecurity threat or breach, swift reporting is critical. Federal agencies rely on these reports to coordinate responses, track threat actors, and provide guidance to affected entities.
Report to Federal Authorities
- Federal Bureau of Investigation (FBI)
Cyber incidents such as ransomware, business email compromise (BEC), and data breaches should be reported to the FBI through the Internet Crime Complaint Center (IC3): - Cybersecurity and Infrastructure Security Agency (CISA – DHS)
CISA assists organizations in responding to cyber incidents and strengthening defenses. You can report incidents or seek assistance through:- Email: report@cisa.gov
- Phone: (888) 282-0870
- Online form: https://www.cisa.gov/forms/report
Active or Severe Incidents
If a significant security event is actively unfolding—such as:
- Major data loss
- Prolonged system outages
- Loss of control over critical systems
You should immediately contact local law enforcement or emergency responders by calling 911. Active threats may require rapid, on-the-ground intervention.
For Individuals
If you believe you’ve been the victim of a cybercrime—such as identity theft, online fraud, ransomware, or account compromise—reporting the incident helps protect both you and others.
- Internet Crime Complaint Center (IC3)
File a report with the FBI’s IC3 at:
Providing accurate details—even if the loss seems small—helps investigators identify trends and disrupt criminal operations.
Final Encouragement
Cybercrime thrives in silence. Reporting incidents isn’t just about recovery—it’s about community protection, accountability, and resilience. If something doesn’t feel right, trust your instincts and report it.
If you’re unsure how to prepare before an incident occurs, Shepherd Security exists to help educate, equip, and protect. Stay vigilant, stay informed, and don’t walk through cyber incidents alone.
shepherdsecurity.net 
Leave a comment