What action must be taken immediately upon detection of a cyber event?

Upon detection of a cyber event, the critical action to take is to report to the designated point of contact. This step is essential because it ensures that the appropriate individuals or teams within the organization are made aware of the incident in a timely manner. The designated contact is usually best equipped to initiate a response strategy, coordinate with necessary personnel, and implement the proper protocols aligned with the organization's incident response plan.

Quickly informing the designated point of contact allows for an organized and efficient response to the event, minimizing potential damage and streamlining communication. This approach helps ensure that expertise and authority are applied to the situation promptly, facilitating a more effective response than if all personnel were notified at once or if less critical actions, like a system reboot or documentation, were undertaken prematurely.