What a Service Desk must report in term of InfoSec categories

Here is a list of topics (can be improved) related to Information Security and Data privacy the ServiceDesk (or HelpDesk) needs to escalate to the CISO or the Local ICT Security Officer.

This should be part of the operational controls and incident escalation.

Security / Confidentiality Integrity Availability Privacy
Access request not ‘standard’

Request of VPN from staff, not ‘standard’

Request of VPN from 3rd parties

Virus

Malware

Physical security issue (intrusion, badge lost or theft)

Staff departure

Staff move

Data Loss

Data Theft

Data Leakage

Device theft

Device lost

Fraud

Social engineering

Abuse of access

Reporting from a user / client of a suspicious event related to Security and Cyber Security

Hacking of systems / networks

Fraudulent copying of software or license

Illegal processing of data

Spying and Eavesdropping

Retrieval of recycled or discarded media

Unauthorized use of equipment

Destruction of Systems or Data

Corruption of Systems or Data

Change management incident

Hacking of systems / networks

Illegal processing of data

Spying and Eavesdropping

Natural or Technical disaster

System or network failure or unexpected downtime

System or data recovery or unexpected availability

Device theft

Device lost

Massive Account Lock

DDos

Data Loss

Data Leakage

Device theft

Device lost

Request for exporting Private data outside the company

Hacking of systems / networks

Illegal processing of data

Spying and Eavesdropping

Retrieval of recycled or discarded media

 

Be the first to comment

Leave a Reply

Your email address will not be published.


*


*