We provide this Cyber Security Incident Report template to help professionalize the way you are working. Our business and legal templates are regularly screened and used by professionals. If time or quality is of the essence, this ready-made template can help you to save time and to focus on the topics that really matter!
Nowadays, with the digitalization of our society, the need for data protection became more important. The latest IT Security Standards involve the application of technology to broader social and institutional contexts, and thereby contributes to the servitization of companies, and affects how they compete and interact. This document contains security technology solutions to protect data classified as “Highly Sensitive”, “Sensitive”, “Private” or “Public” as per the Data Classification Standard and Data Handling Guidelines. Specifically:
- Cryptography – Encryption and hashing solutions for protecting sensitive data when in transit or storage, and
- Data Masking – Data masking is a technology for obscuring sensitive information in non-production environments. Through data masking [Company Name] protects the content of sensitive data in non-production environments to ensure that:
- Application developers, testers, privileged users and outsourcing vendors do not have unauthorized access to such information.
- The data maintains the referential integrity of the original production data.
Create an incident report in the template below using the information from the scenario:
TO: Executive Director FROM: General Counsel
RE: Email – Incident Response Details
DATE: MNsure was notified that an email containing MNsure’s broker roster was inadvertently sent to a broker interested in partnering with MNsure..
The data disclosure involved the following data fields: Last Name First Name Middle Initial National Producer Number (NPN) MN License Number Social Security Number Broker Phone Number Broker’s Email Address Employment Status (content varies – owner, VP, active, etc.) Agency Name Agency Street Address Agency City Agency State Agency Zip Code Agency Admin Agency Admin Email MNsure Role (Broker or Admin) Data Collection and Storage MNsure collected Social Security numbers (SSN) in its broker certification process.. As such, the following events were logged as part of MNsure’s incident response process:
Email sent from MNsure employee to broker and his office assistant containing master broker list with protected data.. The courses are entitled, “Protecting Information Security” and “Putting Security into Action.” The data privacy and security courses are available online, and staff are informed of the obligation to complete them through onboarding materials, email notices from the Privacy and Security Manager, in-person reminders at staff meetings, and through the MNsure SharePoint site..
We provide this Incident Memo Report template to help professionalize the way you are working. Our business and legal templates are regularly screened and used by professionals. If time or quality is of the essence, this ready-made template can help you to save time and to focus on the topics that really matter!