SB013 Reports known or suspected security incidents
Reporting known or suspected security incidents helps protect people as well as their place of work. If the incident is reported early, If the incident is reported early, IT and Security teams can act fast to prevent damage.
Security incidents may not always be detected by technical controls. Data breaches for example may occur through physical means such as a leaked physical document. It's important to try and find out about such incidents quickly as it can give valuable time to security teams.
Building a culture of trust, where people want to report security incidents, is important. Incidents can become worse if they're not reported.
Behaviours in SebDB are ranked by their impact on risk. Tier 1 behaviours have the biggest impact, Tier 4 behaviours the least.
Account compromise happens when unauthorised people access them.
Data theft is the intentional stealing of data.
Malware infections occur when malicious software makes its way on to a device or network.