Responses

A security incident is any attempted of unauthorized access, use, disclosure, modification, or destruction of information. This includes interference with information technology operation and violation of the policy, laws or regulations. Examples of security incidents include are Computer system breach, Unauthorized access to, or use of, systems, software, or data, Unauthorized changes to systems, software, or data, Loss or theft of equipment storing data, Denial of service attack, Interference with the intended use of IT resources and Compromised user accounts.

It is important that actual or suspected security incidents are reported as early as possible so that company can limit the damage and cost of recovery which includes specific details regarding the system breach, vulnerability, or compromise of your computer and we will respond with a plan for further containment and mitigation.

No investigation can be successful if the computing infrastructure will not support the basic requirements of good information security. The FBI has estimated that fewer than ten percent of all computer incidents get reported, fewer than ten percent of those get investigated, fewer than ten percent of those result in prosecution, and fewer than ten percent of the prosecutions result in conviction and punishment which means the computer criminal has a one in ten thousand chance of going to jail for a computer-related crime for any endeavor. Solid investigation can change those odds materially.

Implement appropriate policies, standards, and practices. Ensure that legal Problems (such as privacy and ownership of company information) are documented in appropriate policies.

Implement, equip, and thoroughly train a computer incident response team (CIRT).

Implement appropriate access controls.

Implement appropriate vulnerability testing.

Implement real time intrusion detection and logging.

Institute periodic incident response rehearsals and drills.

Institute and maintain relationships with local law enforcement agencies.

References:

Sec. (n.d.). Report a Security Incident | Information Security Office. Retrieved from https://security.berkeley.edu/quick-links/report-security-incident

Stephenson, P. (n.d.). Investigating a computer security Incident. Retrieved from http://www.ittoday.info/AIMS/DSM/82-02-65.pdf