Threat Classification
During an incident you will need to identify the nature of the threat - likely one of the following. This classification should be used as one of the entries into our Security Incident Log
Unauthorized Access
Incidents involving access to systems or data by individuals who do not have permission, potentially leading to information theft or data manipulation.
Malware Infection
Cases where systems are infected by viruses, ransomware, spyware, or other malicious software that compromises system integrity or steals data.
Data Breach
Incidents where sensitive, protected, or confidential data is accessed, used, or disclosed in an unauthorized way.
Denial of Service (DoS)
Attacks that make network services unavailable to intended users, typically by overwhelming the service with excessive requests.
Phishing Attacks
Attempts to acquire sensitive information such as usernames, passwords, and credit card details by masquerading as a trustworthy entity in electronic communications.
Loss or Theft of Equipment
Incidents involving the physical loss or theft of devices like computers, mobile phones, and storage devices containing business data.
Exploits
Incidents where attackers exploit known or unknown vulnerabilities in software to gain unauthorized access or cause damage.
Accidental Data Loss
Non-malicious incidents where data is lost or corrupted due to human error, software or hardware failure.
| Title | Threat Classification | |
|---|---|---|
| Document Type | ||
| Document ID | Version | Issued |
| Review Process | ||
| Approved | Issued | Reviewer |