Recommended
More Related Content
What's hot
What's hot (20)
More from Kaycelyn Ramos , CSP
Recently uploaded
Recently uploaded (20)
Security incident
- 2. Security Incidents • a violation, breach of security policy or procedure • unauthorized access • any other event that harms, or may harm the security
- 3. Not all security incidents are significant enough to require investigation. • Assess the harm from any security incident. • Determine the impact of actual, potential, or suspected loss, compromise or disclosure. • identify whether the incident is minor (an infringement or breach) or major
- 4. Significant security incidents Crimes like theft or robbery Destruction of property e.g. vandalism Fraud Natural events like fire which may compromise security Incorrect handling of classified information Cyber security incidents
- 5. Significant security incidents • assault • use of weapons including firearms • threats of harm to self or others Personal Attacks Hostage taking and high jacking Kidnapping Arson or suspected arson Bombing Sabotage
Editor's Notes
- Major - (a violation, which you must be reported) Minor – breach, infringement Choosing which incidents to investigate The initial question is which incidents need to be investigated, and in what way. Often the severity of an incident’s consequences is the main criterion used to determine whether an investigation is initiated. However, focusing only on the severity of an incident should be considered incomplete. An alternative approach is to look not only at the severity of an incident but to also use additional criteria. Some possible reasons for choosing to investigate incidents are, for example: High actual severity of the incident’s consequences such as loss of life, loss of containment or extensive (property) damage; A legal or procedural requirement to do so; The occurrence of similar incidents earlier in time, within the same organisation or sector; Incidents with limited actual consequences but with a high potential for serious consequences; Near misses when an incident is just barely avoided.
- Report any suspected cyber security incidents including: suspicious or apparently targeted emails with attachments or links any compromise or corruption of information hacking viruses disruption or damage to services or equipment data spills.
- In safety, Incident is then regarded as a synonym for a near-miss event. There are many different definitions of what constitutes an incident or accident. In general the focus is on unintended and unforeseen events which have unintended consequences. In this article we will use the terms incident and incident investigation interchangeably with accident or accident investigation. In addition we focus on the field of occupational health and safety, although we realise that the same investigation techniques may be relevant for the investigation of other types of incidents as well. In security, there is no such thing as security accident