BPM Incident Management

Information security, personal data protection, business continuity, environmental protection, occupational health and safety, IT service management, OT infrastructure management are just some of the areas where incident management is required by law or industry standards. In some cases (GDPR, UKSC), the failure to correctly address the incident management area may lead to the imposition of high fines on the organization.

So how to ensure that the organization can be sure that it can efficiently and quickly in all areas that require it (GDPR: 48 h, UKSC: 24H):

• collect information about incidents from all employees;
• properly classify and evaluate them;
• take effective corrective actions;
• make appropriate decisions on the notification of incidents to supervisory authorities
• draw conclusions and improve.

All these elements will be supported by the BPM Incydenty module. A tool that gives the Organization the ability to properly address the incident management process, regardless of the area they come from. What makes us stand out?

In every organization, incidents affecting the area of information security occur almost every day. Remember that an incident is not only an event that has already influenced a given process (in this case, information security), but also an event that could potentially affect it. This is mainly due to threats in the area of cybersecurity and the number of automated attacks carried out on IT and OT infrastructures in Poland.

These “new” threats make the current form of identification and reporting of security incidents, consisting in manual reporting of identified events by users, using ICT systems or e-mail messages, a thing of the past. When we started noticing this problem in our clients, we came up with the idea to enable the integration of the BPM Incydenty system with systems allowing for automatic correlation of events occurring in the systems and IT networks of the organization (eg SIEM, WAF, IDS / IPS).

Already after the first implementation of the module with such an option, the number of events handled in accordance with the incident supervision procedure increased drastically, which translated into the actual security of the organization and preventing data leakage.

One of the potential incidents transferred by the SIEM class system to BPM Incydenty turned out to be information about the transfer of a large volume of data outside the organization. As a result of reporting the incident and launching the procedure for handling it, it turned out that one of the employees was sending a backup copy of company data to a private external resource.