The terms “security incident” and “security event” are used by cyber security professionals to describe potential data breaches, but what is the real difference between the two — and which one poses the most threat to your company?
Security Events Happen Daily
A security event is any occurrence during which private company data or records may have been exposed. The key, when it comes to events, is that data only might’ve been exposed.
As you might expect, security events happen frequently. Some companies, depending on their size and notoriety, experience hundreds of events per day in the form of phishing emails, brute force attacks, employee negligence, etc.
Security monitoring services, while they vary widely in scope according to the company’s abilities, generally include the documentation of and investigation into these events.
Security Incidents Are Events That Produce Consequences
If an event was proven to have resulted in a data or privacy breach, that event is deemed an incident.
For example, a delay in patching a security weakness in vital company software would be an event. It would only be deemed an incident after your security monitoring team confirmed a resulting data breach by hackers who capitalized on the weakness.
What Happens After a Security Incident?
Upon the incident’s discovery, your IT department and/or managed Security vendor would initiate an incident response and remediation protocol, taking fast action to contain data and downtime losses using the various tools and skills that they have mastered.
Unfortunately, some incidents take years to discover. Yahoo, for example, experienced a massive breach in 2013 but did not discover it until 2016, while investigating a separate incident.
More Examples: An Infographic
Check out the infographic below for a side-by-side comparison of these two cyber security phrases, including common examples of each.
How Many Security Events Do You Have Each Month?
While some events—such as those produced by social engineering attempts—are common to all industries, others may be more or less common at your company. Invite a highly qualified security consultant to assess your security practices and reveal any gaps you may have, before those gaps result in a security incident.
Ask a dedicated member of our team your questions about security monitoring services: Email Us