Tech moves fast! Stay ahead of the curve with Techopedia!
Join nearly 200,000 subscribers who receive actionable tech insights from Techopedia.
A security incident is a warning that there may be a threat to information or computer security. The warning could also be that a threat has already occurred. Threats or violations can be identified by unauthorized access to a system. A computer security incident is a threat to policies that are related to computer security.
An incident can also result in the misuse of confidential information on a computer system. This could include information such as Social Security numbers, health records, or anything that could include sensitive, personally identifiable information.
When an incident affects a computer system, a computer security incident response team (CSIRT) should be activated to handle the threat. There should also be policies and procedures that have already been established for handling an incident when it occurs.
Examples of computer security incidents include attacks such as denial of service attacks and malicious code, which includes worms and viruses. Unauthorized access by someone who is not allowed to access a computer system is also considered a potentially threatening computer security incident. A security incident may even refer to inappropriate use of a computer in a system, such as an employee using a work computer to access pornography when this is expressly forbidden in the company's procedural guidelines.