Cybersecurity Incident Reporting
The State of Minnesota, Minnesota IT Services (MNIT), and the Bureau of Criminal Apprehension (BCA) take cybersecurity incidents seriously. Public agencies – state agencies, local governments, public education entities, and government contractors – are required to report cybersecurity incidents that impact their entity beginning Dec. 1, 2024. Please use the form below to begin the reporting process.
The requirement is based on new legislation that aims to enhance cyber defenses by collecting information about cybersecurity incidents, anonymizing it, and sharing it with appropriate organizations. A cybersecurity incident is defined by law as an action taken using an information system or network that results in an actual or potentially adverse effect on an information system, network, or the information it contains.
By working together, we will strengthen our cyber-resiliency and protect State of Minnesota systems and data for all.