An information security incident is where there is the risk of a breach; by reporting these quickly, steps can be taken to investigate, secure the information and prevent the incident becoming a breach.
An incident is like a Health & Safety near miss, by reporting it we can not only prevent a breach occurring but can also learn where our risks are and identify controls to reduce the risk of them reoccurring.
An information security breach is where the incident has resulted in any loss of, or unauthorised access to University data, normally involving University personal or confidential information including intellectual property.
Any information security breach that involves personal information is a breach of the Data Protection Act 1998. The University needs to investigate, and when appropriate report these to the Information Commissioners Office who can issue enforcement action including fines.
All staff must report any perceived breaches so they can be fully investigated. Ignoring them allows the information to go unchecked and the risk to individuals and the University to increase, therefore staff are more likely to receive a disciplinary for not reporting a security incident or breach.
What is the difference between an Incident and a Breach?