Why report security incidents?
A security incident is a computer or network based activity which results (or may result) in misuse, damage, denial of service, compromise of integrity, or loss of confidentiality of a network, computer, application, or data; and threats, misrepresentations of identity, or harassment of or by individuals using these resources. Security incidents may be observed, identified from audit files, or detected in real-time by detection software. Security incidents should be reported to the organization because: • A given security incident could be the first sign of a bigger problem; it is critical to promptly report it and to stop a potentially serious threat. • It is clearly important to protect the confidentiality, availability, and integrity of classified or sensitive data. An incident can affect an organization’s performance of mission-critical activities. • There can be a public relations impact. News about security incidents tend to be damaging to an organization’s reputation. • If the i
Related Questions
- How does an entity report cyber security incidents to the ES-ISAC (Electricity Sector Information Sharing and Analysis Center)?
- Does the Supreme Court of Ohio still require the courts of Ohio to report all security incidents?
- Is a person who administers logical access controls required to report security incidents?
