Incident

From CNM Wiki
Revision as of 03:33, 29 December 2020 by Gary (talk | contribs) (Definitions)
(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Jump to: navigation, search

Incident is in the SOIM context, an incident is described as a set of alerts that are considered evidence of a cybersecurity breach, generally a successful attack (although serious attempts, or attempts against critical systems, may also be considered incidents.

Definitions

According to the CyBOK (version 1),

Incident. In the SOIM context, an incident is described as a set of alerts that are considered evidence of a cybersecurity breach, generally a successful attack (although serious attempts, or attempts against critical systems, may also be considered incidents.

According to the ITIL Foundation 4e by Axelos,

Incident. An unplanned interruption to a service or reduction in the quality of a service.

Management

Main wikipage: Incident management