Breach is defined as the act of breaking or failing to observe a law, agreement or code of conduct. In terms of cybersecurity, breach refers to an incident in which data, services, network and/or devices are accessed by an unauthorized user in an attempt to steal or view sensitive, or confidential information.
Related:The Equifax Breach and What Went Wrong
While the terms breach and incident may seem to be interchangeable in every day conversation, to many government and federal agencies making the distinction between them is important.
A security incident can be something like a computer virus, but a security breach means sensitive information has been accessed, viewed and possibly stolen.
As of June 2015, 47 states, including Ohio, had adopted a breach notification law. Each state has provisions that include who must comply, the type of information that is affected, what constitutes a breach, requirements for providing notice, as well as exemptions.
It’s important to know the difference and whether it be a breach, or an incident, we are here to help and answer your questions and concerns.
Related: Train Your Employees How to Recognize Threats
A good place to start is often with a network risk assessment to find out where the vulnerabilities are and then create a course of action.
Related: What is a Risk Assessment?
If you would like more information about an assessment, or to see if it is right for you, contact us here or call 937.885.7272.
Follow us on Facebook, Twitter and LinkedIn and stay up to date on Hacks, Attacks & Cybersecurity by subscribing to our email list.