Incidents and events of information and cyber security

  • Information Security incident
    • A cyber security incident is a breach of information security in information systems or a breach of the security of services or the security and integrity of electronic communications networks as a result of a cyber security incident.
  • Information security event
    • A cyber security event is an event that may cause information security in information systems to be compromised or the security of services or the security and integrity of electronic communications networks to be compromised.
  • Information incident management
    • To successfully manage an information security incident, eliminate threats, weaknesses and learn from them, structures need to be developed to ensure that risks are systematically eliminated or reduced to an acceptable level or to a level where we will be ready to handle incidents.
  • Information incident management and reporting plans
    • Information incident management and reporting plans: There should be a system for reporting incidents, vulnerabilities, threats and accidents. Reporting should range from employees to system administrators to the security department and competent authorities. The reporting mechanism should be simple (understandable to ordinary users) and, depending on criticality, appropriately available.
  • Duties and responsibilities
    • Assigning individual responsibility for specific activities is the basis for effective incident management and improved information security. The introduction of responsibility in the management of information security incidents must aim to ensure a rapid, efficient and systematic response to security incidents