This article originally published in the September 2016 issue of Compliance & Ethics Professional.
In today’s threat-filled world, sensitive customer data is constantly at risk for compromise. Cyber attacks, ransomware, spear phishing, malware, system and process failure, employee negligence, lost or stolen devices—the list of dangers goes on. Indeed, it’s a near-certainty that your organization’s data will be—or already has been—compromised. But how do you define such an occurrence? Is it an event? A security incident? A privacy incident? A data breach disaster? Does it even matter what it’s called?
It absolutely matters. How you label an occurrence that may or may not involve the unauthorized disclosure of sensitive customer data will determine, among other things:
- Should the core or the extended incident response team be involved?
- What containment and remediation actions should be taken?
- Will notification be required or not?
- Who must be notified, when, and how?
These factors will dictate your response, and thus how well you can minimize the monetary, regulatory, and reputational risks to you, your company, and the customers you serve.
Main takewaways from this article:
- It’s important to define and understand the difference between an event vs. security incident vs. privacy incident vs. data breach.
- Malware and phishing attacks are occurring more frequently.
- Privacy, Compliance, and Security should work together on incident response.
- Proper incident response protects your customers’ sensitive data against threats.
- Determining which category these occurrences belong in will help you properly assess the risks of data exposure.