Not a Tech Pro Research member? Sign up for a Free Trial and get access to this content and more for one week.
Information security incident reporting policy
- Originally Published:
- Oct 2016
This policy provides guidelines for reporting information security incidents by company employees. The goal is to facilitate the response and remediation process to ensure the least amount of damage to systems, networks, customers, and business reputation.
From the policy:
Confidential information must be kept secure to protect the business and its staff. System or network breaches and data loss can result in severe consequences for organizations. There are numerous examples of publicized intrusions that produced damaging results, from the theft of 134 million credit cards from Heartland Payment Systems in 2008 to the Sony PlayStation Network hack of 2011 to Yahoo’s recent revelation that at least 500 million user accounts had been hacked.
These and many other episodes prove that technological safeguards and a strong employee commitment to policy are essential tools in preventing and responding to information security incidents. With this perspective in mind, the proper channel and process for reporting security incidents that might compromise data integrity is of utmost importance for all employees in order to maintain business operations.
All full-time employees, contract workers, consultants, part-time staff, temporary workers, and other personnel are covered by this policy.
Incident reporting requirements
An information security incident is defined as “A security breach or integrity loss that could have an impact on the operation of networks and services.” This can be understandably difficult to identify at first glance. However, some elements of a breach or hack will be obvious:
- Ransom demands via email for hijacked data (ransomware)
- Witnessing the remote control of your system by unknown parties
- The disappearance of sensitive personal information
- Router logs showing unauthorized access by outside individuals
- Social engineering attempts to try to get employees to provide passwords or other confidential data
- Defacing of company web pages
Already a member? Log in here