Cyber Incident
From Open Risk Manual
Revision as of 02:21, 5 March 2020 by Wiki admin (talk | contribs)
Definition
Cyber Incident. A Cyber Event that:
- jeopardizes the cyber security of an information system or the information the system processes, stores or transmits or
- violates the security policies, security procedures or acceptable use policies, whether resulting from malicious activity or not.
VERIS A4 Threat Model
A cyber incident is viewed as a series of events that adversely affects the information assets of an organization. The VERIS classification employs the A4 threat model[1]: Every cyber incident is comprised of the following elements (the 4 A’s)
- Actors: Whose actions affected the asset?
- Threat Action: What actions affected the asset?
- Assets: Which assets were affected?
- Attributes: How the asset was affected?
References
- Adapted from NIST (definition of “Incident”)
- ↑ VERIS Incident Description