Most of us were taught not to make a fuss unless something was clearly wrong. Don’t overreact. Don’t bother people. Don’t raise your hand unless you’re sure.
That instinct serves you well in a lot of situations.
Cybersecurity is not one of them.
Most security incidents don’t start with alarms or obvious warnings. They start small. A system acting a little off. A login that doesn’t behave the way it should. An email that looks right but feels wrong.
Security incidents don’t start with alarms. They start with someone noticing something weird.
And more often than not, that someone isn’t in IT. It’s someone in the middle of their day, noticing that something doesn’t quite line up.
Call It Early
You are not expected to diagnose anything. You are not expected to be certain.
You are expected to notice.
If it’s weird to you, it’s useful to us.
A single odd behavior might not mean much on its own. But if five people experience something similar and no one says anything, we lose the chance to see the pattern early.
By the time it becomes obvious, it’s usually bigger than it needed to be.
Think of It Like Patient Care
Report it like you would a patient change.
You don’t ignore a change in condition just because you’re not sure what it means yet. You don’t wait until things are critical before you speak up.
You say:
This isn’t typical.
Something feels off.
I’d like someone to take a look.
The same applies here.
A system slowing down. A screen behaving differently. A login that doesn’t act the way it normally does. Those are early indicators, not inconveniences.
What Counts as “Weird”?
If you’ve ever paused and thought, “That’s probably nothing,” that’s exactly what we want you to report.
Report things like:
“The system is slower than normal”
“I got logged out and back in unexpectedly”
“This email looks real but feels off”
“I got an MFA push I didn’t request”
“Something saved wrong or errored in a weird way”
“This screen looks different than usual”
You don’t need to explain it in technical terms. You don’t need to prove anything.
Just tell us what you saw.
You Are Not Bothering Us
A lot of people hesitate because they don’t want to waste anyone’s time.
Let’s be very clear about this.
You are never wasting our time by reporting something weird.
If we look into something and it turns out to be nothing, that’s a good outcome. It means we checked.
We would rather investigate 100 harmless reports than miss 1 real attack.
That’s not just a saying. That’s how this works.
What Happens After You Report
When you report something, it gives us a starting point.
We look to see if others are experiencing the same thing. We compare it against system activity. We check for patterns that aren’t visible from a single workstation or a single shift.
What seems small in isolation can be significant when viewed across the organization.
Your report helps us see the whole picture.
Why This Matters
Cybersecurity isn’t separate from patient care. It supports it.
If systems become unreliable, if access is disrupted, or if information is compromised, it affects how care is delivered.
Small signals are often the first indication that something larger is developing.
Final Thought
You don’t need to have the answer.
You don’t need to be sure.
You just need to say, “This doesn’t seem right.”
Because catching something early is almost always the difference between a minor issue and a major incident.
Leave a Reply