Incident vs Breach explanation in CISSP 2021 course appears to be incorrect or incomplete
-
While watching CISSP 2021 "Legal, regulatory issues for information security" video the difference between Incident and Breach is discussed but the presenters imply that they are synonymous, essential the same thing and they give no distinction between.
However, when searching around and seeing other thoughts posted online, it seems the consensus is that a breach is an incident but that an incident is not necessarily a breach. The difference being whether disclosure (confidentiality has been violated) has occurred. If disclosure has occurred during an incident then a breach has occurred.
Is my understanding correct?
Thanks!
-
Hi, Doug! You have the definition of each well spelled out. Incident and breach are technically two separate but related terms. You can have an incident that doesn't result in a breach. Incidents ONLY become breaches if an organization’s information is stolen.
I hope this helps clarify things for you. Thanks for taking the time to point out our presenters' error.