We use cookies to improve your online experience. For information on the cookies we use and for details on how we process your personal information, please see our cookie policy and privacy policy. By continuing to use our website you consent to us using cookies. Continue

What is an Information Security Incident?

Compliance Knowledge Base | Information Security

Posted by: India Wentworth Published: Wed, 15 Aug 2018 Last Reviewed: Wed, 15 Aug 2018
What is an Information Security Incident?

An information security incident can be explained as someone who does not have authorisation gaining access to data, possibly with malicious intent. This could happen due to weak computer security, improperly disposed of documents, lost mobile devices, and so on. Information security incidents or 'data breaches' can result in considerable financial and reputational damage for organisations and/or members of staff.

Organisations can mitigate the risk of a data breach by preparing themselves and their staff to spot risks and red flags and report them accordingly to the right authority. Employees should also be briefed in information security best practice so they feel empowered when it comes to keeping personal information safe.

When a Threat Becomes an Incident

A threat refers to anything that could be seen as having the potential to disrupt information systems and processes, we can also think of threats as 'security risks'. Given enough time and the right circumstances, these risks can result in a data breach. That's why security threats should be audited regularly and, as much as possible, mitigated.

What is an Information Security Incident?

The moment someone cybercriminal locates a vulnerability in your system and exploits it to gain unauthorised access to systems and networks, a security incident has occurred. In many cases, incidents like this must be reported to the ICO within 72 hours and the people who may be impacted by the breach must be informed. Incidents may vary, but can include hackers sending or uploading malware to your organisation's systems, attempting phishing scams though email, or infiltrating systems through man in the middle attacks. In all these cases and more, all that is needed is one weak link in the information security chain to allow exploitation.

The speed that a threat can become an incident may be as quick as an employee innocently clicking on a link they've been sent and that looks important or interesting. Coming from an unknown source, this link could cause malware to be downloaded to the device and then spread throughout the entire organisation's network, all before you know it's happened. It is the responsibility of everyone to remain vigilant to the speed and efficacy of such attacks and, even if the sender is known, stop and think before opening attachments or giving away confidential information.

The Ethereum attack is an example of just how fast an incident can take shape. The Ethereum network became the victim of a very slick, technically-proficient, attack that resulted in losses equating to just under $40 million (around £30.2 million). What was so shocking about this case was that the heist happened in a matter of minutes, stressing that huge amounts of information and money can be lost before you even know it – and all due to one critical flaw in the network's design.

Get in Touch

* Required Field

Get in Touch

Get in Touch

Get in Touch

+44 (0)1509 611 019

We'd love to talk to you about how we can help. Please leave your details below and a member of our team will get back to you.

* Required Field

Get in Touch