An IT security incident is defined as an event that impacts or has the potential to impact the confidentiality, availability, or integrity of NSHE information technology resources. Incident severity is based upon the sensitivity of the data involved, legal issues, and magnitude of the service disruption, threat, expanse, and public interest.