{"id":865,"date":"2019-07-07T18:33:14","date_gmt":"2019-07-07T22:33:14","guid":{"rendered":"http:\/\/puluka.com\/home\/?p=865"},"modified":"2019-07-07T20:11:23","modified_gmt":"2019-07-08T00:11:23","slug":"incident-vs-breach","status":"publish","type":"post","link":"http:\/\/puluka.com\/home\/tech-talk-security\/incident-vs-breach\/","title":{"rendered":"Security Incident vs Breach"},"content":{"rendered":"\n<p class=\"wp-block-paragraph\">Information Security has three core values that need to be protected known as the CIA triad: <\/p>\n\n\n\n<div class=\"wp-block-image\"><figure class=\"alignright\"><img loading=\"lazy\" decoding=\"async\" width=\"300\" height=\"244\" src=\"http:\/\/puluka.com\/home\/wp-content\/uploads\/2019\/07\/CIAtriade-300x244.png\" alt=\"\" class=\"wp-image-869\" srcset=\"http:\/\/puluka.com\/home\/wp-content\/uploads\/2019\/07\/CIAtriade-300x244.png 300w, http:\/\/puluka.com\/home\/wp-content\/uploads\/2019\/07\/CIAtriade-768x625.png 768w, http:\/\/puluka.com\/home\/wp-content\/uploads\/2019\/07\/CIAtriade.png 796w\" sizes=\"auto, (max-width: 300px) 100vw, 300px\" \/><\/figure><\/div>\n\n\n\n<ul class=\"wp-block-list\"><li>Confidentiality of the Information: only those with a need to know have access.<\/li><li>Integrity of the Information: the data is not altered, destroyed and is otherwise accurate for the authorized users.<\/li><li>Availability of the Information: authorized users have access when needed.<\/li><\/ul>\n\n\n\n<p class=\"wp-block-paragraph\">When we see evidence that any one or more of these three principles have been violated there is an information security incident.  Once a a potential incident has been detected we engage an incident response process to gather details around the incident and respond with any necessary remediation.<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">During the investigation if we further determine that information has left the control of our systems and been accessed and copied by unauthorized users we now have a breach.  A breach is a confirmed disclosure of information to an unauthorized party.  Not just the potential for exposure, but a confirmed egress of the data.<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">Thus all breaches are security incidents but not all incidents are a breach.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>Information Security has three core values that need to be protected known as the CIA triad: Confidentiality of the Information: only those with a need to know have access. Integrity of the Information: the data [&hellip;]<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[18],"tags":[],"class_list":["post-865","post","type-post","status-publish","format-standard","hentry","category-tech-talk-security"],"_links":{"self":[{"href":"http:\/\/puluka.com\/home\/wp-json\/wp\/v2\/posts\/865","targetHints":{"allow":["GET"]}}],"collection":[{"href":"http:\/\/puluka.com\/home\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"http:\/\/puluka.com\/home\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"http:\/\/puluka.com\/home\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"http:\/\/puluka.com\/home\/wp-json\/wp\/v2\/comments?post=865"}],"version-history":[{"count":12,"href":"http:\/\/puluka.com\/home\/wp-json\/wp\/v2\/posts\/865\/revisions"}],"predecessor-version":[{"id":878,"href":"http:\/\/puluka.com\/home\/wp-json\/wp\/v2\/posts\/865\/revisions\/878"}],"wp:attachment":[{"href":"http:\/\/puluka.com\/home\/wp-json\/wp\/v2\/media?parent=865"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"http:\/\/puluka.com\/home\/wp-json\/wp\/v2\/categories?post=865"},{"taxonomy":"post_tag","embeddable":true,"href":"http:\/\/puluka.com\/home\/wp-json\/wp\/v2\/tags?post=865"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}