The difference between IT and security incidents

Shakespeare once asked “what’s in a name?” Call a rose something else and it would still smell as sweet, he argued.

But over the decades, the answer to his question has often been “quite a lot.”

For Anton Chuvakin, a Gartner security and risk management research director there’s a big difference between security incidents and IT incidents. Understanding the difference, he argues in a blog, could mean the difference between an organization surviving or failing.

Some IT staffers, he says, treat IT problems and security incidents the same way. Wrong. Security incidents can bring down an organization. IT problems – an app doesn’t work, Internet access has been cut, PCs are slow – can be fixed. They need to be fixed fast, but there’s no need for panic.

But if corporate secrets are stolen, if there’s been a loss of confidential personal data then someone better light a fire under the pants of the security team.

“The difference between IT issue resolution and security incident response is huge and unambiguous,” writes Churakin.

Does your staff understand the difference?

 
Read the blog here

 



Related Download
The Evolution of Vendor Risk Management in Financial Institutions Sponsor: BitSight
The Evolution of Vendor Risk Management in Financial Institutions
The financial services industry has long been a pioneer in developing risk management practices. As third party data breaches have increased in recent years, regulators and organizations have moved from relying solely on static questionnaires and assessments, to continuously monitoring the security of vendors.
Register Now