The loss of control, compromise, unauthorized disclosure, unauthorized acquisition, or any similar occurrence where: a person other than an authorized user accesses or potentially accesses personally identifiable information; or an authorized user accesses personally identifiable information for other than an authorized purpose.
Breach
any observable occurrence in a network or system.
Event
A particular attack. It is named this way because these attacks exploit system vulnerabilities.
Exploit
An event that actually or potentially jeopardizes the confidentiality, integrity or availability of an information system or the information the system processes, stores or transmits.
Incident
A security event, or combination of events, that constitutes a deliberate security incident in which an intruder gains, or attempts to gain, access to a system or system resource without authorization.
Intrusion
Any circumstance or event with the potential to adversely impact organizational operations (including mission, functions, image or reputation), organizational assets, individuals, other organizations or the nation through an information system via unauthorized access, destruction, disclosure, modification of information and/or denial of service.
Threat
Weakness in an information system, system security procedures, internal controls or implementation that could be exploited by a threat source.
Vulnerability
A previously unknown system vulnerability with the potential of exploitation without risk of detection or prevention because it does not, in general, fit recognized patterns, signatures or methods.
Zero Day
what are the components commonly found in incident response plan
- Preparation
- Detection and Analysis
- Containment, Eradication and Recovery
- Post-incident activity
is a cross-functional group of individuals who represent the management, technical and functional areas of responsibility most directly impacted by a security incident.
Incident response team
guides the actions of emergency response personnel until the end goal is reached—which is to see the business restored to full last-known reliable operations.
Disaster recovery plan (DRP)
refers specifically to restoring the information technology and communications services and systems needed by an organization, both during the period of disruption caused by any event and during restoration of normal services.
Disaster recovery
is a documented process or set of procedures to recover and protect a business IT infrastructure in the event of a disaster.
Disaster Recovery Plan
Key Components of a Disaster Recovery Plan (5
Business Impact Analysis
Recovery Strategies
Plan Development
Testing and Maintenance
Training and Awareness
