Security Incident Management Sample Clauses

Security Incident Management. 11.1 If an actual or potential Security Incident involving the Supplier Systems has resulted, or may reasonably result, in unauthorised access to or disclosure of, or have any material adverse effect on the Customer’s Confidential Information, Customer Systems or Supplier Systems Leading Resolutions shall immediately on becoming aware of such Security Incident notify Customer of such actual or potential Security Incident. 11.2 The notification provided pursuant to paragraph 1.1 shall include the date and time of the Security Incident, a summary of all known relevant facts in relation to the Security Incident; actions taken by Leading Resolutions to date to remedy the Security Incident and any failures leading to the Security Incident; and any additional steps that Leading Resolutions proposes be taken to remedy the Security Incident or the effects thereof. 11.3 Customer reserves the right to request full co-operation from Leading Resolutions with regards to any suspected or actual Security Incident that may have originated from Leading Resolutions or Supplier Systems; such information requests will only be limited to the Supplier Systems related to the actual or suspected Security Incident. 11.4 Following a Security Incident, Customer may perform an emergency Security Assessment using a Security Assessment Vendor to review and assess the Supplier Systems; Customer will issue written notice to Leading Resolutions to commence a Security Assessment no more than 10 Working Days after receipt of the written notice; 11.5 Leading Resolutions shall produce a remediation plan no less than 10 Working Days after the results from the Security Assessment have been received by Leading Resolutions; the remediation plan must contain the action undertaken to mitigate the vulnerabilities and specify completion dates by which all high and medium vulnerabilities shall be resolved. 11.6 Customer shall have the right to approve the dates and actions contained within the remediation plan and, once complete, Leading Resolutions shall provide evidence-based confirmation to Customer that the actions have been implemented. 11.7 Following the evidence-based confirmation, Customer shall have the right to engage or have Leading Resolutions engage a Security Assessment Vendor (in both cases at Leading Resolutions’ expense), to perform an additional Security Assessment to validate the successful remediation of the risks. Any further failures shall follow the same process outlined in this...

Security Incident Management. Unless otherwise prohibited by law, Mark43 will notify Subscriber without undue delay (and in any event within seventy-two (72) hours) in the event Mark43 reasonably believes that there has been any unauthorized access, acquisition, disclosure, use, modification, loss or destruction of Subscriber Data (“Security Incident”). Mark43 will promptly investigate the Security Incident, will take necessary steps to eliminate or contain the exposure of Subscriber Data, and will keep Subscriber informed of the status of the Security Incident. Mark43 will provide reasonable assistance and cooperation requested by Subscriber or Subscriber’s designated representatives to correct, remediate, or investigate the Security Incident or to mitigate potential damage resulting from it, including any notification that Subscriber may determine appropriate to send to affected individuals, regulators or third parties.

Security Incident Management. TRUCE shall maintain security incident management policies and procedures as required by Data Protection Laws.

Security Incident Management. Criteo will maintain 24x7x365 security detection and response capabilities to assure appropriate detection and response to actual and potential data security risks to Criteo data assets. These security incident management controls will be operated and maintain by a dedicated Security Team.

Security Incident Management. Cvent shall maintain processes to identify, respond to, contain and minimize the impact of Information Security incidents to Customer Data. A “Security Incident” shall be defined as an event that results in the unauthorized disclosure of any personally identifiable or confidential Customer Data. In the event of a Security Incident of Customer Data while maintained in Cvent systems, Cvent shall notify Customer no later than forty-eight (48) hours after the Breach has been confirmed. The notice shall include the approximate date and time of the Breach and a summary of relevant, then-known facts, including a description of measures being taken to further investigate and address the Breach.

Security Incident Management. Maintain information security incident management procedures regarding the internal reporting, investigation, and mitigation of security incidents. Report a Personal Data Breach to Customer in accordance with applicable laws.

Security Incident Management. 1.1. In the event that the Provider determines that a security event has occurred (illegal or unauthorized access to or use of the Provider’s systems, equipment or facilities, which causes damage (such as: loss, discovery, alteration, destruction) to Clalit Health Services data), the Provider will notify the Clalit Health Services Center without delay, at s▇▇@▇▇▇▇▇▇.▇▇▇.▇▇ email address. ● The vendor is obligated to report the incident regardless of the severity level of the incident and the estimated damage ● The Vendor is obligated to report what actions were taken (if any) as part of the incident identification ● The vendor is obligated to report how the incident was identified 1.2. The Incident Notice will include detailed information about the security incident such as a description of the incident, the extent of the impact on Clalit Health Services data, and actions taken by the provider or recommended actions that Clalit Health Services should take in order to resolve the issue and prevent its recurrence. 1.3. In the event of an attack, the provider will not cancel or shut down the Clalit Health Services service, without obtaining the approval of Clalit Health Services.

Security Incident Management. IRIS- CERT. 1.9.3 Denial of service attack mitigation service

Security Incident Management. The Service Provider shall, at a minimum: 3.3.3.1 Support MSI and contribute to the creation of a Security Incident Management Plan across the Service Provider’s Services. Provide plans and exceptions for all security Incident Management plans including security Incident priority matrix, notification rosters, communications plans, and procedures for managing security Incidents. Implement the Service Provider’s portion of the Security Incident Management Plan in concert with participation from the MSI and required Service Component Providers and DIR Customer personnel. Coordinate Security Incident Management procedures with Major Incident Management procedures. 3.3.3.2 Support the security incident handling and notification processes that follow current NIST guidelines and is defined in the SMM. 3.3.3.3 As required, implement and maintain monitoring and alerting services that integrate into the MSI Incident Management System for automated alert notification. 3.3.3.4 Promptly investigate, document, and report security incidents in accordance with 1 TAC Chapter 202 and the SMM. 3.3.3.5 According to the defined process, promptly communicate and escalate security Incidents to the MSI, Customer, and DIR. 3.3.3.6 Conduct Root Cause Analysis and if necessary, develop and implement formal corrective actions or remediation plans once approved by DIR and the appropriate Customer. Evaluate the analysis and proposed corrective actions to ensure future risks are adequately mitigated. 3.3.3.7 Provide Incident investigation support, and initiate corrective actions to minimize and prevent security breaches.