Cyber threats come in many forms and can severely impact business operations, brand reputation, financial standing and even lead to a lawsuit. Organizations must prepare to respond and manage cyber events at different organizational levels to limit their damage and accelerate recovery.
Most businesses focus on incident management or crisis management to react to cyber attacks. Both provide different aspects of response. And, both have a unique set of objectives.
Learn the key differences between incident management and crisis management to decide which response plan is best for your company.
Cyber Events Types
Cyber events must be appropriately classified to activate stakeholders at the necessary organizational levels to ensure an adequate response. An incident is an adverse security event that negatively impacts or poses an imminent threat to the confidentiality, integrity or availability of data, including technologies that store and process that data. This definition also includes explicit or implied security policy violations.
Cyber incidents are generally classified by magnitude: minor incident, major incident and crisis.
Minor Incident
Incidents that insignificantly affect organizations are defined as minor incidents. Enterprises typically qualify incidents as minor when they do not cause a notable operational or informational impact on their business. These usually can be handled as part of day-to-day operations. For example, commodity malware that infects an end-user workstation typically qualifies as a minor incident.
Major Incident
A cyber event becomes a major incident when it causes a functional or informational impact on the organization. This requires an urgent response beyond day-to-day operations.
An informational impact occurs when a cyberattack negatively affects the confidentiality or integrity of data. In contrast, a functional impact occurs when a cyberattack impairs the functionality of a ..
Support the originator by clicking the read the rest link below.
