It is difficult to avoid the fact that cyber security is on everyone’s mind nowadays. It doesn’t take long for cyber security and data breaches to come up in a discussion, whether it’s in the conference room or the cafeteria.
Frequently, story is about the most recent breached organization or what an organization is doing or should be doing to secure itself.
Definitions
Security Event: An action directed to a system, network, or human intended
to alter the target’s state
Security Incident: An event that violates organizational, regulatory,
legislative or contractual security, or privacy policies
Data Breach: A security incident that:
– Involves the intentional or unintentional access, disclosure,
manipulation or destruction of data; or
– Meets specific definitions of a “Breach” as per state/province or federal
laws or active contracts with clients, third parties or partners
According to definitions above, most organizations have millions of events happen on any day, a number of those are qualified as actual cybersecurity threats, and a part of them are qualified as Breaches.
It is good practice to treat all incidents as potential Breaches until they can be
properly qualified.
Source of Data Breach
Data breaches can occur as a result of a wide range of incidents, the most common of those are:
A targeted cyber attack by a criminal specifically targeting an organization
An opportunistic attack such as one by a criminal scanning the internet for vulnerable systems, finding, and exploiting them
Inadvertently through errors and omissions such as an employee who loses a USB key containing sensitive data, or by an event at a third party who was entrusted to protect client data
The above incidents are the most common causes of data breaches, which most security companies examine in greater detail beginning with targeted cyber attacks as a result of cybercrime.
