Cyber Incident

From Open Risk Manual

Definition

Cyber Incident. A Cyber Event that:

  • jeopardizes the cyber security of an information system or the information the system processes, stores or transmits or
  • violates the security policies, security procedures or acceptable use policies, whether resulting from malicious activity or not.

VERIS A4 Threat Model

A cyber incident is viewed as a series of events that adversely affects the information assets of an organization. The VERIS classification employs the A4 threat model[1]: Every cyber incident is comprised of the following elements (the 4 A’s)

  • Actors: Whose actions affected the asset?
  • Threat Action: What actions affected the asset?
  • Assets: Which assets were affected?
  • Attributes: How the asset was affected?

References

  • Adapted from NIST (definition of “Incident”)
  1. VERIS Incident Description

Contributors to this article

» Wiki admin