Unintentional and intentional information security incidents pose a significant risk to day-to-day business and its continuity. An information security incident compromises the data for which the organisation is responsible, trust, availability and integrity of services. Information security incidents should therefore be considered in full seriousness and handled appropriately at all times.