Cyber security is everyone's business.

To ensure your personal information and UQ's data, systems and intellectual property remain safe, it's important to be aware of cyber security, and how to recognise and report incidents and risks.


Cyber security attacks aim to manipulate, steal and destroy personal and UQ data, systems and intellectual property.

When a cyber security attack or potential attack is identified at UQ, this is called an incident. Examples of incidents include:

  • an unauthorised person accessing UQ systems or data
  • confidential or restricted UQ data being distributed publicly
  • malicious software being downloaded on UQ computers.

Protect your UQ-owned computer


A cyber security risk is a weakness that can be exploited and lead to an incident. Examples of cyber security risks include:

  • an unrestricted system holding sensitive information
  • leaving your computer unlocked when you walk away from your desk
  • personal information not being securely stored.

Many cyber attacks are sent through email, so make sure you're aware of email security, scams and phishing.

There are also practical steps you can take to enhance the security of your UQ account.

Report an incident or risk

It's important to report incidents and risks to Information Technology Services (ITS), so we can manage them. Sometimes the signs of an incident or risk are small, so it's better to report even if you are unsure.

Report a cyber security incident or risk

Training for staff and students

To help you recognise incidents and risks, UQ has developed Cyber Security Awareness Training for:

UQ staff must complete training every 3 years.


Read the following to find out how cyber security is managed and governed at UQ:

We're here to help

Before contacting us, try browsing or searching for common questions.