Talk to Expert

Incident Response Policy – Security Breach & Notification Guidelines

Effective Date: January 1, 2025
Last Updated: January 1, 2025

  1. Introduction

    1. Net Onboard Sdn Bhd is committed to maintaining a proactive and structured approach to detecting, managing, and mitigating security incidents.
    2. This Incident Response Policy aligns with:

      1. ISO 27001 (Information Security Management System)
      2. NIST Incident Response Framework
      3. Malaysia’s Personal Data Protection Act (PDPA) 2010
      4. General Data Protection Regulation (GDPR) (if applicable to EU users)
    3. This policy outlines the steps, roles, and responsibilities in responding to cybersecurity incidents, data breaches, and system disruptions.
  2. Scope & Applicability

    1. This policy applies to:

      1. All users, employees, vendors, and third-party service providers handling Net Onboard’s IT systems and cloud services.
      2. All IT infrastructure, networks, applications, and databases under Net Onboard’s control.
    2. It covers:

      1. Cybersecurity threats (malware, hacking, phishing, ransomware).
      2. Unauthorized access (data breaches, account compromises, insider threats).
      3. Service disruptions (DDoS attacks, system failures, infrastructure malfunctions).
  3. Incident Classification & Severity Levels

    1. All incidents are categorized based on severity and impact:
    2. Critical Severity

      1. Description: Data breach, ransomware attack, or full system outage
      2. Response Time: 30 minutes
      3. Resolution Target: Within 4 hours
    3. High Severity

      1. Description: Major security threat or unauthorized access detected
      2. Response Time: 30 minutes
      3. Resolution Target: Within 8 hours
    4. Medium Severity

      1. Description: Suspicious activity or partial service disruption
      2. Response Time: 1 hour
      3. Resolution Target: Within 24 hours
    5. Low Severity

      1. Description: Minor security alerts, such as failed login attempts
      2. Response Time: 4 hours
      3. Resolution Target: By the next business day
  4. Incident Response Lifecycle

    1. Phase 1: Identification

      1. Continuous security monitoring & log analysis is performed.
      2. Alerts from firewalls, IDS/IPS systems, antivirus software, and AI-based anomaly detection are reviewed.
      3. Users must report security concerns immediately via [email protected].
    2. Phase 2: Containment

      1. Affected systems will be isolated to prevent further damage.
      2. Immediate account lockout and network segmentation measures will be applied.
      3. Third-party cybersecurity teams may be engaged for emergency response.
    3. Phase 3: Eradication

      1. Malicious code, unauthorized access, or compromised credentials will be removed.
      2. Security patches and system updates will be deployed.
      3. Network security policies will be reviewed to prevent recurrence.
    4. Phase 4: Recovery

      1. Affected systems will be restored from secure backups (geo-redundant storage).
      2. Service functionality will be tested before reconnecting to production environments.
      3. Continuous monitoring for residual threats will continue.
    5. Phase 5: Post-Incident Review & Reporting

      1. A detailed incident report will be generated, documenting findings and lessons learned.
      2. Root cause analysis (RCA) will be performed.
      3. Security policies and user awareness training will be updated accordingly.
  5. Data Breach Notification & Compliance

    1. If a data breach is confirmed:

      1. Affected users will be notified within 72 hours in accordance with PDPA & GDPR.
      2. Regulatory authorities will be informed based on legal requirements.
      3. Users will receive guidance on protective actions (e.g., password resets, account monitoring).
  6. User Responsibilities in Security Incidents

    1. Users must:

      1. Report any suspected security incidents or suspicious activity immediately to [email protected].
      2. Follow company security policies (e.g., using strong passwords, enabling MFA).
      3. Cooperate with the investigation team during security incidents.
  7. Compliance & Regulatory Standards

    1. This policy ensures compliance with:

      1. ISO 27001 & NIST Cybersecurity Framework
      2. Malaysia’s Personal Data Protection Act (PDPA) 2010
      3. General Data Protection Regulation (GDPR) (if applicable)
  8. Governing Law & Dispute Resolution

    1. This policy is governed by Malaysian law.
    2. Disputes regarding security incidents will be handled through mediation before proceeding to arbitration or litigation.
  9. Amendments & Updates

    1. Net Onboard reserves the right to update this Incident Response Policy at any time.
    2. Users will be notified of material changes via email or system notifications.

For incident reporting and security-related inquiries, contact [email protected].