Client Support
IT Managed Services
Upgrade your IT
Cybersecurity
Protect your business
Consulting
Solve your problems

Support your technology and your people. We can completely manage your IT, or support your existing team through co-managed IT.

Learn More
Person using multi-factor authentication on cellphone

Get a security partner that will help you manage your risks. Gain a 24/7 security team that is ready to respond to threats to your business.

Learn More

Work with us to solve complex problems. Engage us for a one-time project, or keep us on a monthly retainer for on-demand expertise.

Learn More

What Does it Mean to be “Breached”?

May 5th, 2023 | Cybersecurity

Cybersecurity is a crucial aspect of any business. However, even with the best security measures in place, you will be breached. In this blog, we’ll discuss what it means to get breached and the differences between an indicator, event, incident, and a breach. 

> Cybersecurity Update | You Will Be Breached | Aldridge

What Does it Mean to be “Breached”? 

What is a Breach?  

A breach is an unauthorized access, use, or disclosure of sensitive information. Breaches can occur in various forms, such as a cyber-attack, human error, or an inside job. The result is the same – the sensitive information has been compromised and is no longer secure. 

Indicators, Events, Incidents, and Breaches are terms that are frequently used in the context of cybersecurity. Here’s how they differ: 

Indicator 

An indicator is a piece of evidence that suggests a security incident has occurred or may be occurring. For example, unusual login attempts, suspicious network activity, or the presence of malware on a device are all indicators of a potential security incident. 

Event 

An event is a specific occurrence that is logged by a security system. Events can include things like failed login attempts, system crashes, or changes to user permissions. 

Incident 

An incident is a security event that has been verified and requires investigation. An incident can range from a minor issue that can be resolved quickly to a significant breach that requires a more in-depth investigation. 

Breach 

A breach is an incident that results in the unauthorized access, use, or disclosure of sensitive information. Once a breach has occurred, the organization must take immediate action to mitigate the damage and prevent future incidents. 

Determining Whether it’s an Incident or a Breach 

When an incident occurs, IT security teams will investigate to determine the scope and severity of the issue. Once the investigation is complete, the results will be presented to the executive team for a decision on whether it was an incident or a breach. 

An incident may be considered a breach if it involves the unauthorized access, use, or disclosure of sensitive information. If the incident is considered a breach, the organization must take immediate action to contain the damage and notify the affected individuals. Additionally, the organization must review and improve its security measures to prevent future breaches. 

A breach is a significant cybersecurity incident that results in the unauthorized access, use, or disclosure of sensitive information. Indicators, events, and incidents are all important components of identifying and addressing potential security issues. Still, it’s ultimately up to the executive team to determine whether an incident was a breach or not. To prevent breaches from occurring, organizations must have strong security measures in place, regular security training for employees, and ongoing monitoring of their networks and systems. 

Watch the full webinar  

Learn about today’s threats, how to effectively manage your cyber risk, and 4 steps you can take today to prepare your business from what’s coming next: 2023 State of Cybersecurity | You Will Be Breached