Report: Organizations not completely clear on what IT security incidents to report
Defining a data breach can be tough for a lot of organizations. However, since the introduction of the General Data Protection Regulation (GDPR) in 2018, organizations that operate in the EU need to follow regulatory guidelines that can have real business implications if ignored.
But when a cyber incident hits your organization, do you know if it needs to be disclosed to the public? How prepared are you to let your customers and authorities know? Do you have a tried and tested incident response plan in place?
To help us learn more about this, during Infosecurity Europe 2019 in London, we asked 298 IT security professionals a few significant questions around the subject. Here is what we found out.
One of the standout headlines from when the GDPR was implemented, was the need for organizations to declare a data breach within 72 hours. Based on our survey, a majority said they were able to comply, but 14 percent of organizations are still not compliant.
According to the GDPR, a data breach is a type of security incident but that not all security incidents qualify as a data breach. There are three controlling principles at play here, and any single one or combination constitutes a breach.
- Confidentiality Breach – an unauthorized or accidental disclosure of, or access to, personal data.
- Availability Breach – accidental or unauthorized loss of access to, or destruction of, personal data.
- Integrity Breach – an unauthorized or accidental alteration of personal data.
Keeping this in mind, responses from the survey showed that IT professionals still have some uncertainty around whether certain types of cyber incidents require disclosure. Some incidents may not actually involve an attack (e.g. cloud misconfiguration), and attacks aren’t necessarily aimed at stealing data (e.g. ransomware).
Public exposure (Read more...)
*** This is a Security Bloggers Network syndicated blog from The State of Security authored by Ray Lapena. Read the original post at: https://www.tripwire.com/state-of-security/security-data-protection/report-infosecurity-europe-security-incidents/