The greater your awareness and training,

the fewer incidents will escape your attention.

Security incidents are sometimes overlooked or briefly noticed and then brushed to one side, or people sometimes overreact to what they perceive as security incidents.

Why a security incident may go unnoticed?

An example:

A defender experiences a security incident, but the organisation s/he works with does not react at all. This could be because…

• the defender isn’t aware that a security incident took place;
• the defender is aware of it but dismisses it as unimportant;
• the defender hasn’t informed the organisation (s/he forgot, doesn’t believe it necessary, or decide to keep quiet because it happened because of a mistake on their part);

* the organisation, having done a team evaluation of the incident after the defender registered it in the incident book, does not judge action necessary.

Why do people sometimes overreact to security incidents?

For example:

A colleague might be constantly telling stories about some security incident or other, but on further examination they prove not to have substance or merit the definition. The actual security incident in this instance is the fact that your colleague has a problem which makes him/her see non-existent security incidents. S/he might be feeling very afraid, or suffering from stress, and should be offered support to resolve the problem.

Do not forget that it is more

common that security incidents are overlooked or

dismissed: Be careful about this!