In this article, we will tackle what is an information security incident. Also, let us discuss and learn the various types of information security incidents.
Know About Information Security Incident
What is an information security incident? This is a question that is usually asked by many people.
An information security incident can be defined as an event or situation. That has the potential of compromising confidentiality.
Also, integrity and/or availability of an organization’s information assets. Moreover, the Information security incident can be of various types:
A System failure:
Whenever a system fails to perform its operations as expected. It is an information security incident.
So a system failure can be caused due to hardware issues, software issues, or human error.
A Computer Attack
Any attempt made to breach the security of a computer network is known as a computer attack. Computer attacks can be of various types such as Denial of Service (DoS).
Also, like Distributed Denial of Service (DDoS), etc. Examples of computer attacks are viruses, worms, Trojan Horse programs, and spyware.
A Human Error:
So any mistake is committed by a user or an employee on behalf of an organization. It is also constituted as an information security incident.
Examples include sending sensitive information in response to a phishing mail. Moreover, giving out passwords to unauthorized persons on social media sites like Facebook and Twitter.
Physical Loss
In case any physical device containing sensitive data is stolen from the company premises. This is known as physical loss which constitutes an information security incident for that organization.
So these devices could be laptops, portable hard disks. Also, even mobile phones may contain confidential information.
That could lead to a data breach if it falls into wrong hands.
Inappropriate Use of Information
In case any employee or a member of the organization. It uses the information assets of the organization for a purpose.
That is not congruent with the organizational policies. It constitutes an information security incident.
Examples include an employee using an official email ID for personal use. Also, accessing government databases for personal gain.
Two Classified Categories
An Information Security Incident can be classified into two categories: internal and external. Internal information security incidents are those that occur within the boundaries.
Of the organization’s network or computer systems. Examples include a virus attack on an organization’s local area network (LAN).
Also, loss and theft of laptops containing sensitive data. Moreover, theft of confidential data from a database, etc.
However, if a hacker manages to penetrate through an organization’s firewall. Then, to gain unauthorized access to a company’s internal network or computer systems.
So this would be termed as an external security incident. External information security incidents occur when a third party gains access to confidential information stored.
This is within an organization’s computer systems or networks. In which case this would be termed as hacking or cyber-crimes.
An example of this could include when an employee leaves the organization. Also, take with him/her confidential data (such as customer database) to his/her new workplace.
So this is considered both an internal and external security incident. This is since it involves theft or loss of sensitive data by someone working for the company itself.
In Addition Example
Another example of an external information security incident. It could be when an employee (or even an outsider) gains unauthorized access to computer systems through hacking (or any other means).
As such, this constitutes both, an internal and external information security intrusion. Since it involves unauthorized access to computer systems.
It is by someone who has no actual connection with the company itself. A recent study was conducted by PricewaterhouseCoopers (PwC).
It shows that the annual worldwide cost of cyber-crime by 2015 will exceed USD 2 trillion. So the US accounts for $100 billion losses per year due to cyber-crime.
While China accounts for $250 billion annually due to cyber-crimes in that country alone. So the “Cost of Cyber Crime Study” also shows how companies are suffering financially.