Incident vs Breach: Responding to an IT Threat

Incident vs Breach


Incident vs Breach: In order to respond to an IT or data threat effectively, it is important that the IT department dealing with the threat understands what the threat entails.

The Difference between and Incident and a Breach

In simplified terms, a breach is always an incident, but not all incidents are breaches.

A breach occurs when sensitive, personal information is leaked, hacked or released (whether accidentally or through illegal action). This would involve access to personal information which should be confidential, such as; social security or identity numbers, medical records, contact details, etc. Specific legal definitions are applied in this case.

When a security incident occurs, but does not involve the theft or compromising of personal information, it is not considered a breach. These incidents usually take the form of impersonation or denial of service (where a user is blocked from accessing their own machine or network).

How to Respond to an Incident vs a Breach

The response should reflect the severity of the incident/breach, considering safety concerns, loss of personal data, exposure of data, legal requirements and violations, interruption of services, etc. The major difference in response is that, in terms of a breach, the organisation is under legal obligation to report the breach. With regards to an incident that isn’t a breach, it does not have to be reported.

The first and most crucial step in responding to a threat is determining whether it is a breach or incident. If the incident isn’t reported because it was accidentally labelled a mere incident and not a breach, serious regulatory and reputational consequences will be the result.

Can your IT department differentiate between an incident and a breach?
Is it equipped to respond appropriately?

To protect your organisation’s information security, and to ensure data protection compliance, contact Kaluma for customised software solutions that support the unique requirements of your organisation’s data security: CLICK HERE.

Image courtesy of Hyena Reality at