Incident Reporting Requirements
Incident reporting requirements describe the necessity of notifying external parties when certain incidents—notably data breaches—occur.
- essential to identify breach types when assessing reporting requirements
- data exfiltration
- attacker breaks into a system and transfers data from private network to external network
- suspected breaches have similar regulatory requirements to actual breaches
- insider data exfiltration
- device theft/lost
- accidental data breach
- integrity/availability
- data exfiltration
- legal and regulatory requirements specify how to report each kind of breach
- may describe timelines for notification
- define disclosure requirements for each affected party
