A-Z’s of Security Incident Reporting

What is a Security Incident?

To understand security incident reporting we must first define what a security incident is. Although the most basic definition of a security incident is “an intrusion or attempted intrusion”, organizations define the term security incident depending on the importance of security to their specific industry. A security incident implies/requires unauthorized access to facilities, equipment and resources, with intent to damage or harm.

Security is the protection of of these facilities, equipment and resources from physical circumstances and events that could cause serious losses or damage to an enterprise, agency, or institution. This includes protection from fire, natural disasters, burglary, theft, vandalism, and terrorism.

Organizations like government agencies, embassies, and corporations that deal in highly sensitive or critical areas have extremely strong security measures. These are designed to deny unauthorized access to facilities, equipment and resources, and to protect personnel and property from damage or harm. This type of security can involve the use of multiple layers of interdependent system including include CCTV (closed-circuit television) surveillance, security guards, protective barriers, locks, access control protocols, and many other techniques. Security incident reporting is crucial for these organizations.

Organizations whose activities are neither sensitive nor critical may not require high levels of security but must still make use of basic security measures to ensure protection of their assets and report and repair security incidents.

The Severity of a Security Incident

Regardless of industry, the severity of a security incident is a subjective measure of its impact on or threat to the operation and/or integrity of an organization. The severity of an incident determines the priority for handling the incident, who manages the incident, and the timing and extent of the response. Two major factors in determining severity are, the scope of impact – how many people, departments, or systems the incident affects – and the criticality of the affected asset – how important is it to the continuing operation of the organization? What would be the impact on the organization, either functional or financial, if this asset were unavailable or corrupted?

What is Security Incident Reporting

A part of the incident management process, security incident reporting is really the activities and tools that an organization uses to identify and classify security incidents for investigation, repair or management.

What types of Organizations use Security Incident Reporting?

Security is something that affects all types organizations and is not Industry specific. Efficient and timely security incident reporting is something that can benefit every industry to report and manage security incidents, from Federal penitentiaries to foreign embassies to private security patrol companies.

What is the Purpose of Security Incident Reporting?

The purpose of security incident reporting is to clearly define and communicate the characteristics of security incidents so they can be properly classified and treated by incident management processes. To be effective, security incident reporting must capture precise and incident specific details and communicate these to the appropriate people, quickly and efficiently. This report will then trigger an organization’s incident response, which is an organized approach to addressing and managing the aftermath of a security breach or incident. The goal of any organization is to handle the situation in a way that limits damage and reduces recovery time and costs. For these reasons, it is critical that security incident reporting be as comprehensive, timely and efficient as possible.

The evolution of Security Incident Reporting

Traditional paper based systems for security incident reporting had obvious inefficiencies associated with capturing the incident details and relaying these to the right people, especially so for urgent incidents. More contemporary Incident reporting software and even mobile solutions have emerged in response to these, yet the inefficiencies still exist.

Security Incident Reporting and Efficiency

Efficiency in security incident reporting is determined by how comprehensive the report details are and how quickly they can be communicated. Additionally, a key factor in ensuring efficiency is appropriate notifications. Existing security incident reporting solutions may provide a tool by which to report incidents, but typically forms are rigid and notifications are not triggered based on the specific details within the report itself. This rigidity and lack of intelligence results in 2 types of inefficiencies for security incident reporting and incident management; incomplete data capture and notifications that are not detail-dependent. With incomplete data, additional site visits may be necessary to confirm details, adding both time and cost to the process. In the case of notifications, the lack of intelligence in existing security incident reporting solutions means that notifications are sent either to everyone or to the same group of people each time, regardless of the details associated with the specific incident, causing notification overload and the potential for oversight.

A True Solution to Security Incident Reporting

Developed with the goal of efficiency, 1ST incident Reporting Mobile App provides a true solution for security incident reporting. 1ST allows users to quickly report all the details of specific security incident (field event or damage), including precise location, date/time, asset specific information and to attach multi-media files (pictures, audio and video). Because it is mobile, 1ST’s security incident reporting is onsite and immediate, permitting faster response times. With dynamic fields that are specific to security incident reporting, and the ability to control what information must be submitted, reports are comprehensive. This facilitates the assessment process and eliminates the need for unnecessary site visits. 1ST generates a field incident or inspection report, which is automatically sent for confirmation and action by a specific department or operations personnel. With a very sophisticated notification management process, the security incident report allows for notification distribution lists that can be based on incident specific criteria, thus eliminating nuisance notifications and increasing workflow efficiency.

What makes 1ST Incident Reporting Mobile Application different?

What sets 1ST apart from other security incident reporting applications is that it is an Intelligence-led mobile solution. This intelligence is what allows 1ST to solve the problem of inefficient capture and communication of field incidents, while other security incident reporting solutions continue to cause inefficiencies. 1ST’s use of dynamic fields to enable complete and security incident specific detail capture, coupled with its support of multi-media file attachments, make it unique as a true solution to data capture. It’s complex and intelligent notification logic, that allows for recipient lists to be defined at a very granular level, solves the problem of notification inefficiencies. This intelligence behind the complete data capture and the sophisticated notification management is what makes 1ST a real solution to the problem of the inefficiencies in security incident reporting and what truly sets 1ST apart from any other security incident reporting mobile applications. Additionally, 1ST can connect directly to existing enterprise systems (for work order management, labor estimates, material requirements, etc.), further streamlining the incident management process.

An Example of 1ST’s Efficiency in Security Incident Reporting

In a typical example of security incident reporting, a security patrol officer of a utilities company reports a security incident (breach) at the location of the substation. 1ST’s security incident report can automatically capture the exact (GPS) location of the incident and allow the security patrol officer to report very specific details based on the fields selected and the values in those fields. The application also supports the sending of multi-media file attachments for even more precision. So if the security incident is simply graffiti that has been painted on the wall, the details can be entered, a picture taken and sent and notifications will be sent to the appropriate cleanup crew. If however, that same security incident report indicates that the fenced perimeter has been compromised, the notification of this incident might be very different – possibly a security crew would be dispatched to the location as well as an electric crew so that the facility could be inspected safely.

For more information about 1ST’s Security Incident Reporting please contact us.