An event that poses a potential threat to the confidentiality, integrity, or availability of an organization’s information or systems. Incidents can include anything from a data breach to a malware infection to a phishing attack. It is important for organizations to have processes in place to identify and respond to incidents in order to prevent or minimize potential damage.