Security incident management enables you to monitor, detect, and respond to security events efficiently and effectively.
So you have measures in place to prevent a security incident taking place. But what if the worst happens and a security incident occurs? How do you minimise the impact of the incident, and how do you document what has happened in order to help prevent reoccurrence? The answer is to implement security incident management. In this blog post we explain what a security incident is, and how you can start to implement security incident management for your business.
What is a Security Incident?
At Capital Support we separate security incidents into two types: information security incidents, and building security incidents. An information security incident can be defined as follows: –
- Any incident where a security policy is violated.
- Any incident where the confidentiality, integrity, or availability of classified information is, or could be, compromised.
- Any occurrences of the above incidents that have come to life but have not been reported.
A building security incident can be defined as follows: –
- An incident where an attempt has been made to force entry to a building, a room, or other facility.
- An incident where a person has intruded into a part of a building without relevant authorisation.
- An incident where an item of value has gone missing in suspicious circumstances.
- Any occurrence of the above incidents that have come to life but have not been reported.
Implementing Security Incident Management
Your business can control the effects of security incidents by implementing security incident management. Capital Support have implemented a Security Incident Management Policy, which applies to any severity of security incident. Incidents covered by the policy can range from a technical or management issue that has no apparent immediate effect, to a wide-ranging life-threatening crisis.
As part of the policy, we have set out a formalised process of both reporting and managing all security incidents. Because a typical building security incident (such as an intrusion or attempted break-in) may have information security implications that are not immediately apparent, a single security reporting system is in place.
Of course, your business’s Security Incident Management Policy will be unique to your business. Although fundamental principles will always apply, your policy will be tailored to your security appetite.
Enhance Your Business Security
Capital Support will support your business in implementing a robust, effective Security Incident Management Policy. Our Security Risk Management service helps you to identify and close gaps in your security, and includes the delivery of an audit report aligned to the ISO 27001:2013 security standard. For more information on how Capital Support can help you to enhance your business’s security, please contact us.