Security Incident Management. Trane shall notify Customer after the confirmation of a Security Incident that affects Customer Confidential Information, Customer systems and Customer property. The written notice shall summarize the nature and scope of the Security Incident and the corrective action already taken or planned.
Security Incident Management. Unless otherwise prohibited by law, Mark43 will notify Subscriber without undue delay (and in any event within seventy-two (72) hours) in the event Mark43 reasonably believes that there has been any unauthorized access, acquisition, disclosure, use, modification, loss or destruction of Subscriber Data (“Security Incident”). Mark43 will promptly investigate the Security Incident, will take necessary steps to eliminate or contain the exposure of Subscriber Data, and will keep Subscriber informed of the status of the Security Incident. Mark43 will provide reasonable assistance and cooperation requested by Subscriber or Subscriber’s designated representatives to correct, remediate, or investigate the Security Incident or to mitigate potential damage resulting from it, including any notification that Subscriber may determine appropriate to send to affected individuals, regulators or third parties.
Security Incident Management. Criteo will maintain 24x7x365 security detection and response capabilities to assure appropriate detection and response to actual and potential data security risks to Criteo data assets. These security incident management controls will be operated and maintain by a dedicated Security Team.
Security Incident Management. Littlefish will provide Security Incident Management where a Security Incident is classified as a true positive. A Critical Hour Framework (CHF) will be developed as part of the Service Transition process. The CHF is focused on taking decisive action in response to notification of a cyber threat and is contingent on the components active within your service to facilitate such response. The development of the CHF is customer dependent, based on technical and procedural capabilities deployed within the <CUSTOMER> Infrastructure and Third-Party Supplier organisations. Littlefish will, as part of the CSOC Service Transition, run a workshop with <CUSTOMER> stakeholders to define technical response and prioritisation of security threats and Security Incidents. This will be documented and distributed to the <CUSTOMER> stakeholders and the appropriate technical teams. The ITSM Platform will be configured to provide appropriate categorisation and prioritisation for Security Incidents as agreed with <CUSTOMER> stakeholders in the Service Transition workshop. The Security Incident response will be aligned with the Security Incident Priority Level as agreed with <CUSTOMER> during Service Transition. Where <CUSTOMER> has been compromised Littlefish will take the authorised action(s), as documented within the CHF, and also notify the <CUSTOMER> representative as soon as is reasonably possible without compromising the speed and integrity of initial investigation and response. Security Incidents will be summarised in a monthly report and within an dedicated incident report escalated to <CUSTOMER> after the process documented within the CHF have been completed. In the event of a P1 security Incident, a major incident response report will be created detailing key elements such as a timeline of events, root cause analysis/hypothesis, authorised actions taken to mitigate the incident risk and additional recommendations. Security Incidents will be communicated to a <CUSTOMER> representative within the timescales set out in the Service Levels by telephone and email. In order to ensure verbose Littlefish XDR service may deploy a number of in scope components, in addition to the Microsoft Sentinel solution, in order to ensure that attack vectors across <CUSTOMER>’s estate are provided increased monitoring and response capabilities, these include: Through the use of Microsoft Defender For Endpoint Littlefish will first onboard the solution endpoint agent through the use of Microso...
Security Incident Management. (a) The Contractor shall notify the Company promptly of any security risks, breaches or incidents which represent a material threat to the confidentiality, integrity or availability of the Services or to the Company’s confidential information supported by the Contractor, at the Company’s cost where such works fall outside the scope of the Service.
(b) The Contractor shall prioritise security incidents on the basis of their potential impact to the Company and the Company’s Associates, and shall resolve incidents on the basis of such prioritisation. This is provided at the Company’s cost where such works fall outside the scope of the Service.
(c) The Contractor shall support, where applicable, post-incident root-cause analysis in relation to any information security incident which has a material impact on the security of the Company’s confidential information, and shall share this root-cause analysis with the Company. This is provided at the Company’s cost where such works fall outside the scope of the Service.
Security Incident Management. (i) The Vendor shall at all times monitor and verify that all access to the Customer Data is authorised and to check for any Security Incidents.
(ii) In the event of a Critical Security Incident or Major Security Incident, as determined by the Customer, the Vendor shall:
a) notify the Customer no later than four hours after the Security Incident (including, where necessary, escalating such notification);
b) respond immediately and in an appropriate manner to such incident in accordance with the Security Service Levels and the procedure set out in the Security Incident Response Plan; and
c) provide immediate assistance to the Customer and/or Customer’s representatives into the investigation and retain all documentation relating to any such investigations.
(iii) The Vendor shall not disclose the details of a Security Incident or weakness to third parties without written authorisation from the Customer.
(iv) The Vendor shall collect and secure evidence in the investigation of a Security Incident using forensics procedures, ensuring a chain of custody and, where necessary, compliance to regulatory requirements.
(v) The Vendor shall classify all reports of Security Incidents as “CONFIDENTIAL” in accordance with the Customer Data Classification Policy and ensure that appropriate controls are applied to protect this information.
(vi) The Vendor shall, in the event of a Security Incident, provide reports on Security Incidents. Such reports shall include, but shall not be limited to:
a) the source and destination of the event as well as the time, date and type of event;
b) a weighting of criticality (Low Priority, Major or Critical Security Incident);
c) a Root Cause Analysis report in respect of each security incident; and
Security Incident Management. 37.1 The Reseller will operate and maintain an Incident Management Process that is materially in accordance with the requirements of the document entitled “NIST Special Publication 800-61. Revision 1. Computer Security. Incident Handling Guide” or any equivalent replacement standard.
37.2 Responsibility for the management of Security Incidents in respect of the Reseller’s systems and/or premises lies with the Reseller.
37.3 Following a Security Incident, the Reseller will promptly implement its Incident Management Process and take all measures reasonably necessary to ensure the security and integrity of its systems and restore the security and integrity of Data, networks and systems impacted by the Security Incident.
37.4 The Reseller will manage, review and document Security Incidents in accordance with the Incident Management Process.
Security Incident Management. 4.1. Service Provider must notify Client in writing of any security incidents immediately and report any activity which is considered suspicious in an agreed timely manner.
Security Incident Management. 5.1 PUBG Partner shall promptly notify Xxxxxxx without undue delay of becoming aware of any Security Incident.
5.2 Such notification shall at a minimum (and to the extent known): (a) describe the nature of the Security Incident, the categories and numbers of data subjects concerned, and the categories and numbers of Personal Data records concerned; (b) communicate the name and contact details of PUBG Partner’s data protection officer or other relevant contact from whom more information may be obtained; and (c) describe the likely consequences of the Security Incident.
5.3 In the event of a Security Incident involving Personal Data in PUBG Partner’s possession or control, PUBG Partner shall immediately, and at PUBG Partner’s expense: (i) take appropriate steps that Xxxxxxx may reasonably require to investigate, remedy and/or mitigate the Security Incident, and prevent the further unauthorized access to, use of, or disclosure of Personal Data while preserving records and other evidence; (ii) provide reasonable assistance to, and cooperation with, Xxxxxxx to provide notifications to regulatory authorities or data subjects as may be required by Data Protection Laws. PUBG Partner shall refrain from notifying any data subject or regulatory authority on behalf of Xxxxxxx unless Xxxxxxx specifically requests it in writing, except as and when otherwise required by Data Protection Laws.
Security Incident Management. 5.1. Vendor shall maintain an incident management process for addressing information security incidents and Data Security Breaches, including escalation paths to senior management, incident contact lists, initial responses, investigation log, system recovery, issue and eradication, reporting and review and follow up procedures, including appropriate notification to regulators and law enforcement.
5.2. Vendor’s incident management process shall include a recording of relevant detail, which may include: the type of incident, date and time of the incident, the person who reported the incident, the cause and effect of the incident, and the remedial actions taken in response to the incident.
5.3. Vendor shall utilize a lessons learned exercise to improve its security program, which shall include documenting the areas identified for improvement, and the actions taken. Upon request, Vendor shall provide a copy of its lessons learned exercise documentation.