Information security incident reporting policy
This policy from TechRepublic Premium provides guidelines for the reporting of information security incidents by company employees. The goal is to facilitate the security response and remediation process to ensure the least amount of potential damage to systems, networks, customers and business reputation.
From the policy:
An information security incident is defined as “A security breach or integrity loss that could have an impact on the operation of networks and services.”
This can be difficult to identify at first glance, although some elements of a breach or hack will be obvious:
- Ransom demands via email for hijacked data (ransomware).
- Witnessing the remote control of your system by unknown parties.
- The disappearance of sensitive personal information.
- Router logs showing unauthorized access by outside individuals.
- Social engineering attempts aimed at getting employees to provide passwords or other confidential data.