What Are Security Incidents?

Data usage is increasing

A data breach occurs when confidential or sensitive information is accessed or stolen by unauthorized persons. As we grow with technology, more and more data is being added to the digital world and as a result data breaches have become a popular type of attack. Data breaches can be extremely costly for businesses, according to Verizon’s 2021 Data Breach Investigation Report (DBIR), the median breach cost for organizations is $21,659. 

Malware attack is a type of security incident where cybercriminals use malicious software to damage a computer system or gain unauthorized access to data. A malware attack can come in many forms including, ransomware, spyware, command and control and more. 

Phishing involves fraudulent communication, typically an email, that’s designed to appear as coming from trusted or reputable sources to deceive users into revealing their credentials or sensitive business data. Verizon’s 2021 DBIR report found that phishing was present in 36% of breaches.  

According to the Cybersecurity & Infrastructure Security Agency, “A denial-of-service (DoS) attack occurs when legitimate users are unable to access information systems, devices, or other network resources due to the actions of a malicious cyber threat actor.”

A common method of attack that cybercriminals use are to flood a networks server with traffic, which overloads the server causing a DoS condition. Different types of services that may be affected by a DoS attack are email, websites and banking accounts. 

Hold regular security awareness training to ensure your employees have basic knowledge of cybersecurity threats to help minimize human error and block a possible breach.

Without an end user’s input and reports, security incidents could go undetected for long periods of time. So, it’s important to ensure that your employees are aware of appropriate channels within the organization to report possible security breaches.

As an end user, you are the first line of defense when attackers attempt to breach your organization. Any security infrastructure can be compromised by human error or failure to report a possible incident. This is why it’s essential for end users to report a suspected security breach, even if it does not appear to be a significant threat.

In response to an incident being reported, your business can take the following steps:

• Take action to mitigate the security incident and prevent it from spreading across the organization.
• Perform additional investigation to document the scale and severity of the breach and type of institutional data that was potentially involved.
• Identify all exploited vulnerabilities.
• Revise or recreate protection policies.