"A breach of a system’s security policy in order to affect its integrity or availability and/or the unauthorized access or attempted access to a system or systems"

Broadly speaking, this translates to four types of incident:

• > Attempts to gain unauthorized access to a system and/or data.

• > Unauthorized use of systems for storing or processing data (such as data exfiltration).

• > Unauthorized changes to a system’s firmware, hardware or software.

• > Malicious disruption and/or a denial of service.

For the purposes of your incident response plan, you may want to come up with your own definition for a ‘cyber incident’ that better suits your organization and business goals.

Since cyber risk management is a continual process, monitor your risks to make sure they are still acceptable, review your controls to make sure they are still fit for purpose, and make changes as required. Remember that your risks are continually changing as the cyber threat landscape evolves, and your systems and activities change