3 hours 39 minutes
Mulele 3.19 incident examples
during this module will explore the types of incidents that may occur and analyze the different types of incidents. With examples
types of incidents
when cards used to transfer funds are compromised.
Hack When a criminal system intentionally compromises system and steals data.
employer trusted individual takes information.
Los lost USB drives, mobile devices, papers or workstations,
accidental disclosure, unintentionally sharing sense of information
Skimming devices are rfid scanners or point of service terminals can all be used
to steal information from cards, Information taken from magnetic strip. A photo of a card is taken or malware transfers data from the transaction elsewhere.
Hack business software such as malware, ransomware used to take information, encrypt information or control information for various purposes
organized crime, rogue nations, Lone wolf or a hacker for hire could be responsible for these types of incidents.
Insider instance, deliberate unauthorized access theft or sabotage made by employees or subcontractors.
Lost instance, lost USB drives, laptops, mobile phones, workstations, data center equipment,
paper record boxes,
backup tapes, data files that cannot be restored for all examples
of loss incidents.
It's important to note that some regulations give you a pass in the event you have encryption on any of these types of devices, especially electronic devices.
But you may have to show your encryption, process your methodology and prove that the encryption keys are way to decrypt the information was not obtained or was not publicly available,
accidental disclosure incidents, including an unintended recipient of an email exposing confidential information on a screen or paper in public
sharing information verbally in public sharing a link to an unintended recipient. Acts of God, terrorism vendor. Air natural occurrences such as a fire
or special incidents which could be a meteor asteroid hitting your building. Hopefully a small one are examples of accident disclosures. These are things that you didn't plan. These are simply just accidents or things that were rare really didn't anticipate occurring. However,
they created an incident which could have potentially exposed. P. Or sense of information
the file left at a restaurant that was later retrieved should be considered a breach to her false.
The answer is of course true.
The question remains though, how serious of a breach was it?
Was it a file
with non identifying information?
Or was it a file that had thousands of
instances of pe
well being a breach?
If it had P. I. It definitely would constitute as one. Even if it was one. However
or individuals if they are under a certain threshold may not have reported to regulatory authorities. Which is why it's so important to understand and work with council on what laws are impacted by the P. I. That was exposed
and what you need to do about it.
In this module, we discussed the different types of incidents
and reviewed each of the specific incident types with examples.