Cyber Resilience

From CIPedia
Jump to navigation Jump to search

Definitions

European Definitions

ECA

Cyber resilience: The ability to prevent, prepare for, withstand and recover from cyberattacks and incidents. [1]

[BG] Киберустойчивост: Способността за предотвратяване, подготовка, устояване и възстановяване от кибератаки и инциденти.

[CS] Kybernetická odolnost: Schopnost kybernetickým útokům a bezpečnostním incidentům zabránit, připravit se na ně, odolat jim a zotavit se z nich.

[DK] Cyberrobusthed: Evnen til at forhindre, forberede sig på, modstå og komme sig over cyberangreb og -hændelser.

[DE] Cyber-Resilienz: Die Fähigkeit, Cyberangriffe und Vorfälle zu verhindern, sich darauf vorzubereiten, ihnen standzuhalten und sich davon zu erholen.

[ES] Ciberresiliencia: Capacidad de prevenir los ciberataques e incidentes, de prepararse para los mismos, de resistir y de recuperarse ante estos.

[NE] Cyberweerbaarheid: Het vermogen om cyberaanvallen en -incidenten te voorkomen, erop voorbereid te zijn, ze te weerstaan en ervan te herstellen.


National definitions

Costa Rica

Ciber-resiliencia / Resiliencia cibernética (Cyber resilience): Habilidad de prepararse para, adaptarse, soportar, y rápidamente recuperarse de interrupciones resultantes de ataques deliberados, amenazas o incidentes accidentales u ocurridos naturalmente. [2]

Sinónimo o equivalente a ciberresiliencia.

Eswatini

Cyber resilience: The general ability of systems, networks and organisations to withstand cyber incidents and recover from harm wherever caused.[3]


France

Resilience In the field of computing, the ability of an information system to withstand a breakdown or cyberattack and return to its initial operating state after the incident. [4]

Resilience En informatique, capacité d’un système d’information à résister à une panne ou à une cyberattaque et à revenir à son état initialaprès l’incident. [5]


Indonesia

Cyber resilience: Terselenggaranya infrastruktur informasi kritikal nasional. [6]

Dengan pendekatan ini maka infrastruktur informasi kritis ini harus tahan terhadap ancaman, dan tetap dapat beroperasi untuk melayani publik walaupun terjadi ataupun kerusakan sebagian.

Jordan

Cyber Resilience: The overall ability of systems and organisations to withstand cyber events and, where harm is caused, recover from them. [7]


Montenegro

Sajber otpornost – sposobnost sistema i organizacija da izdrže sajber incidente i oporave se od štete u slučaju istih. [8] [9]


Netherlands

Digitale weerbaarheid: het vermogen om (relevante) risico’s tot een aanvaardbaar niveau te reduceren door middel van een verzameling van maatregelen om cyberincidenten te voorkomen en wanneer cyberincidenten zich hebben voorgedaan deze te ontdekken, schade te beperken en herstel eenvoudiger te maken. Wat een aanvaardbaar niveau van weerbaarheid is, is de uitkomst van een risico-afweging. Die kan helpen om de juiste technische, procedurele of organisatorische maatregelen te kiezen. [10]

Cyber resilience: the ability to reduce relevant risks to an acceptable level by means of a set of measures to prevent cyber incidents and, if they do occur, to detect them, limit the damage and facilitate recovery. What constitutes an acceptable level of resilience is determined by a risk assessment. This can help with the selection of the right technical, procedural or organisational measures. [11]


New Zealand/AOTEAROA

Cyber Resilience involves detection, protection and recovery from cyber incidents. [12]


North Macedonia

Сајбер отпорност - способноста да се подготви, да се прилагоди, издржи и брзо да закрепне од пореметувања што произлегуваат од намерни напади, несреќи или природни закани или инциденти во сајбер просторот. [13] [14]



Papua New Guinea

Cyber resilience refers to an entity's ability to continuously deliver the intended outcome, despite adverse cyber events. It is the ability to prepare for and adapt to changing conditions and withstand and recover rapidly from disruptions. Cyber resilience focuses on the preventative, detective, and reactive controls in an information technology environment to assess gaps and drive enhancements to the overall security posture of the entity. [15]



Qatar

Cyber resilience is the ability to prepare for, adapt to, withstand, and rapidly recover from disruptions resulting from deliberate attacks, accidents, or naturally occurring threats or incidents. [16]

المرونة وهي القدرة ع ى الاستعداد والتكيف مع الظروف المتغ يرة والصمود والتعا في ´ بسرعة من الاضطرابات ال ت ي تنتج عن الهجمات أو الحوادث المتعمدة أو تلك ال ت ي قد تحدث أ لسباب طبيعية. [17]


Romania

Rezilienţa infrastructurilor cibernetice: capacitatea componentelor infrastructurilor cibernetice de a rezista unui incident sau atac cibernetic şi de a reveni la starea de normalitate.

Cyber infrastructure resilience the capacity of infrastructure components to withstand cyber attack or cyber incident and return to normality. [18]


United Kingdom (UK)

Cyber resilience – the overall ability of systems and organisations to withstand cyber events and, where harm is caused, recover from them. [19]


United States

NIST
Information System Resilience: The ability of an information system to continue to: (i) operate under adverse conditions or stress, even if in a degraded or debilitated state, while maintaining essential operational capabilities; and (ii) recover to an effective operational posture in a time frame consistent with mission needs. (from: NIST SP 800-53 Rev 4) [20]


Financial Stability Board
Cyber Resilience: The ability of an organisation to continue to carry out its mission by anticipating and adapting to cyber threats and other relevant changes in the environment and by withstanding, containing and rapidly recovering from cyber incidents [21]


Vanuatu

Cyber-resilience: is the ability to effectively prepare for, adapt, withstand, respond to and recover from cyber-attacks. [22]


Zambia

Cyber resilience means the ability to prepare for, respond to and recover from cyber-attacks. [23]


Other Definitions

Cymru/Wales

Seibergadernid: Y gallu sydd gan sefydliad i barhau i gyflawni a darparu ei brif swyddogaethau a gwasanaethau a sicrhau diogelwch ei ddata er gwaethaf digwyddiadau seiberddiogelwch. [24]


Scotland

Cyber resilience is being able to prepare for, withstand, rapidly recover and learn from deliberate attacks or accidental events in the online world. [25]

To do this, people need to develop the skills, knowledge and understanding of the risk, in whatever setting they find themselves in, and then take the necessary steps to prepare for and respond to such events.


Victoria (Australia)

Cyber resilience means having appropriate internal cyber capability, strong governance and policy, strategic partnering, cyber situational awareness, ongoing cyber risk assessments (including understanding the risks and flow-on impact of a cyber breach), clear communication mechanisms, and a rapid cyber breach response capability. [26]


Cyber resilience is the organisation’s capability to withstand negative impacts due to known, predictable, unknown, unpredictable, uncertain and unexpected threats from activities in cyberspace (ISF 2011). [27]


Other International Definitions

Cyber Resilience.org

Cyber resilience refers to the ability to continuously deliver the intended outcome despite adverse cyber events. [28]


World Economic Forum

The ability of systems and organizations to withstand cyber events, measured by the combination of mean time to failure and mean time to recovery. [29]


Academic Definitions

Fredrik Björg et al. recently have published a paper on Cyber Resilience - fundamentals for a definition.

Dictionary

Cyberweerbaarheid: Weerbaarheid: het vermogen om (relevante) digitale risico’s tot een aanvaardbaar niveau te reduceren door middel van een verzameling van maatregelen om cyberincidenten te voorkomen en wanneer cyberincidenten zich hebben voorgedaan deze te ontdekken, schade te beperken en herstel eenvoudiger te maken [30]



See also

Notes

References

  1. European Court of Auditors, Challenges to effective EU cybersecurity policy, Briefing Paper, March 2019
  2. Estrategia Nacional de Ciberseguridad de Costa Rica (2017)
  3. ESWATINI NATIONAL CYBERSECURITY STRATEGY 2020 - 2025 (2020)
  4. Information systems defence and security: France's Strategy
  5. La Stratégie de la France en matière de défense et de sécurité des systèmes d’information (2011)
  6. Indonesia National Cyber Security Strategy development (presentation), 2016
  7. National Cyber Security Strategy (2018-2023)
  8. Strategija sajber bezbjednosti Crne Gore 2022-2026 (2021)
  9. Стратегија сајбер безбједности Црне Горе 2022-2026
  10. Nederlandse Cybersecurity Strategie 2022-2028: Ambities en acties voor een digitaal veilige samenleving
  11. Netherlands Cyber Security Strategy 2022-2028: Ambitions and actions for a digitally secure society
  12. New Zealand’s Cyber Security Strategy (2015)
  13. НАЦИОНАЛНА СТРАТЕГИЈА ЗА САЈБЕР БЕЗБЕДНОСТ НА РЕПУБЛИКА МАКЕДОНИЈА 2018 -2022
  14. National Cyber Security Strategy of the Republic of Macedonia (2018)
  15. National Cyber Security Strategy (2020)
  16. QATAR National Cyber Security Strategy (May 2014)
  17. الاستراتيجية الوطنية للأمن السيبراني QATAR NCSS - Arabic version (May 2014)
  18. Hotărârea nr. 271/2013 pentru aprobarea Strategiei de securitate cibernetică
  19. National Cyber Security Strategy 2016, HM Government
  20. NIST Glossary
  21. Financial Stability Board, Cyber Lexicon (Nov. 12, 2018)
  22. National Cybersecurity Strategy 2030
  23. National Cyber Security Policy
  24. Strategaeth Seiberddiogelwch Llywodraeth: Adeiladu sector cyhoeddus seibergadarn 2022-2030
  25. Scottish Government: Safe, Secure and Prosperous: A Cyber Resilience Strategy for Scotland
  26. Cyber Security Strategy Victoria (2017)
  27. Network and Cyber Security Statement by Victorian government (2017)
  28. Cyber Resilience.org
  29. WEF Partnering for Cyber Resilience Guidelines 2012
  30. Cybersecurity Woordenboek 2021