Difference between revisions of "Vulnerability"
(→References) |
|||
(77 intermediate revisions by the same user not shown) | |||
Line 1: | Line 1: | ||
==Definitions== | ==Definitions== | ||
=== [[EU|European Definitions]] === | === [[EU|European Definitions]] === | ||
+ | ==== NIS 2 ==== | ||
+ | {{definition|‘vulnerability’ means a weakness, susceptibility or flaw of an asset, system, process or control that can be exploited by a cyber threat. <ref name="NIS Directive2">[https://eur-lex.europa.eu/eli/dir/2022/2555/oj# Directive 2022/2555 Measures for a high common level of security of network and information systems across the Union, repealing Directive (EU) 2016/1148]</ref>}}<br/> | ||
+ | |||
==== COM(2006)787==== | ==== COM(2006)787==== | ||
− | {{definition|A characteristic of an element of the [[CI]]’s design, implementation, or operation that renders it susceptible to disruption or destruction by a [[threat]] and includes [[dependency|dependencies]] on other types of [[infrastructure]]. <ref>[http://eur-lex.europa.eu/LexUriServ/site/en/com%/2006/com2006_0787en01.pdf EC COM(2006) 787 final, Directive of the Council on the identification and designation of European Critical Infrastructure and the assessment of the need to improve their protection, EC, Brussels 12.12.2006.]</ref>}} | + | {{definition|A characteristic of an element of the [[CI]]’s design, implementation, or operation that renders it susceptible to disruption or destruction by a [[threat]] and includes [[dependency|dependencies]] on other types of [[infrastructure]]. <ref>[http://eur-lex.europa.eu/LexUriServ/site/en/com%/2006/com2006_0787en01.pdf EC COM(2006) 787 final, Directive of the Council on the identification and designation of European Critical Infrastructure and the assessment of the need to improve their protection, EC, Brussels 12.12.2006.]</ref>}}<br/> |
+ | |||
====[[ENISA]]==== | ====[[ENISA]]==== | ||
{{definition|Vulnerability ''(ICT)'' is The existence of a weakness, design, or implementation error that can lead to an unexpected, undesirable [[event]] compromising the [[security]] of the computer system, network, application, or protocol involved. <ref name="ENISAGlos"> [http://www.enisa.europa.eu/activities/risk-management/current-risk/risk-management-inventory/glossary ENISA Risk Glossary]</ref>}}<br /> | {{definition|Vulnerability ''(ICT)'' is The existence of a weakness, design, or implementation error that can lead to an unexpected, undesirable [[event]] compromising the [[security]] of the computer system, network, application, or protocol involved. <ref name="ENISAGlos"> [http://www.enisa.europa.eu/activities/risk-management/current-risk/risk-management-inventory/glossary ENISA Risk Glossary]</ref>}}<br /> | ||
==== [[CLIMATE-ADAPT]] ==== | ==== [[CLIMATE-ADAPT]] ==== | ||
{{definition|Vulnerability is the degree to which a system is susceptible to, and unable to cope with, adverse effects of climate change, including climate variability and extremes. <ref>[http://climate-adapt.eea.europa.eu/help/glossary European Climate Adaptation Platform (CLIMATE-ADAPT) Glossary]</ref>}}Vulnerability is a function of the character, magnitude, and rate of climate change and variation to which a system is exposed, its sensitivity, and its adaptive capacity.<br/>There are different ways in which vulnerability can be framed; an inventory has been made by the Dutch Climate Changes Spatial Planning research programme.<br/><br/> | {{definition|Vulnerability is the degree to which a system is susceptible to, and unable to cope with, adverse effects of climate change, including climate variability and extremes. <ref>[http://climate-adapt.eea.europa.eu/help/glossary European Climate Adaptation Platform (CLIMATE-ADAPT) Glossary]</ref>}}Vulnerability is a function of the character, magnitude, and rate of climate change and variation to which a system is exposed, its sensitivity, and its adaptive capacity.<br/>There are different ways in which vulnerability can be framed; an inventory has been made by the Dutch Climate Changes Spatial Planning research programme.<br/><br/> | ||
+ | |||
=== European Project Definitions === | === European Project Definitions === | ||
==== CIPRNet project ==== | ==== CIPRNet project ==== | ||
Line 29: | Line 34: | ||
<br /> | <br /> | ||
− | ==== [[ | + | ==== [[UNDRR]] ==== |
− | {{definition|The characteristics and circumstances of a community, [[system]] or [[asset]] that make it susceptible to the damaging effects of a [[hazard]]. <ref> [http://www.unisdr.org/files/7817_UNISDRTerminologyEnglish.pdf 2009 UNISDR Terminology on Disaster Risk Reduction]</ref> }} | + | {{definition|The characteristics and circumstances of a community, [[system]] or [[asset]] that make it susceptible to the damaging effects of a [[hazard]]. <ref> [http://www.unisdr.org/files/7817_UNISDRTerminologyEnglish.pdf 2009 UNISDR Terminology on Disaster Risk Reduction - English Glossary]</ref> }} |
<big>There are many aspects of vulnerability, arising from various physical, social, economic, and environmental factors. Examples may include poor design and construction of buildings, inadequate protection of assets, lack of public information and awareness, limited official recognition of risks and preparedness measures, and disregard for wise environmental management. | <big>There are many aspects of vulnerability, arising from various physical, social, economic, and environmental factors. Examples may include poor design and construction of buildings, inadequate protection of assets, lack of public information and awareness, limited official recognition of risks and preparedness measures, and disregard for wise environmental management. | ||
Line 36: | Line 41: | ||
Vulnerability varies significantly within a community and over time. This definition identifies vulnerability as a characteristic of the element of interest (community, system or asset) which is independent of its [[exposure]]. However, in common use the word is often used more broadly to include the element’s [[exposure]].</big><br/><br/> | Vulnerability varies significantly within a community and over time. This definition identifies vulnerability as a characteristic of the element of interest (community, system or asset) which is independent of its [[exposure]]. However, in common use the word is often used more broadly to include the element’s [[exposure]].</big><br/><br/> | ||
− | {{definition|Vulnérabilité: Les caractéristiques et les circonstances d’une communauté ou d’un système qui le rendent susceptible de subir les effets d’un danger. <ref>[http://unisdr.org/files/7817_UNISDRTerminologyFrench.pdf UNISDR glossary]</ref>}}<br/> | + | {{definition|Vulnérabilité: Les caractéristiques et les circonstances d’une communauté ou d’un système qui le rendent susceptible de subir les effets d’un danger. <ref>[http://unisdr.org/files/7817_UNISDRTerminologyFrench.pdf UNISDR glossary in French]</ref>}}<br/> |
− | {{definition|Уязвимость: Характеристики и условия, присущие общине, системе или имуществу, повышающие их восприимчивость к разрушительному воздействию угрозы. <ref>[http://unisdr.org/files/7817_UNISDRTerminologyRussian.pdf UNISDR glossary]</ref>}}<br/> | + | {{definition|Уязвимость: Характеристики и условия, присущие общине, системе или имуществу, повышающие их восприимчивость к разрушительному воздействию угрозы. <ref>[http://unisdr.org/files/7817_UNISDRTerminologyRussian.pdf UNISDR glossary in Russian]</ref>}}<br/> |
− | {{definition|Vulnerabilidad: Las características y las circunstancias de una comunidad, sistema o bien que los hacen susceptibles a los efectos dañinos de una amenaza. <ref>[http://unisdr.org/files/7817_UNISDRTerminologySpanish.pdf UNISDR glossary]</ref>}}<br/> | + | {{definition|Vulnerabilidad: Las características y las circunstancias de una comunidad, sistema o bien que los hacen susceptibles a los efectos dañinos de una amenaza. <ref>[http://unisdr.org/files/7817_UNISDRTerminologySpanish.pdf UNISDR glossary in Spanish]</ref>}}<br/> |
− | {{definition| قابلية التضرر : سمات وظروف المجتمع أو المنظومة أو الممتلكات التي تجعلها سهلة التأثر بالأخطار. <ref>[http://www.unisdr.org/files/7817_UNISDRTerminologyArabic.pdf UNISDR glossary]</ref>}}<br/> | + | {{definition| قابلية التضرر : سمات وظروف المجتمع أو المنظومة أو الممتلكات التي تجعلها سهلة التأثر بالأخطار. <ref>[http://www.unisdr.org/files/7817_UNISDRTerminologyArabic.pdf UNISDR glossary in Arab]</ref>}}<br/> |
{{definition|Kerentanan: Karakteristik dan kondisi sebuah komunitas, sistem atau aset yang membuatnya cenderung terkena dampak merusak yang diakibatkan ancaman bahaya. <ref>[http://www.preventionweb.net/files/7817_isdrindonesia.pdf UNISDR glossary in Bahasa]</ref>}}<br/> | {{definition|Kerentanan: Karakteristik dan kondisi sebuah komunitas, sistem atau aset yang membuatnya cenderung terkena dampak merusak yang diakibatkan ancaman bahaya. <ref>[http://www.preventionweb.net/files/7817_isdrindonesia.pdf UNISDR glossary in Bahasa]</ref>}}<br/> | ||
{{definition|Kerentanan: Keadaan dan ciri-ciri sesebuah komuniti, sistem atau aset yang menyebabkannya mudah terkena bahaya dan mengakibatkan kesan buruk. <ref>[http://www.preventionweb.net/files/7817_isdrmalaysiaterminology.pdf UNISDR glossary in Malay]</ref>}}<br/> | {{definition|Kerentanan: Keadaan dan ciri-ciri sesebuah komuniti, sistem atau aset yang menyebabkannya mudah terkena bahaya dan mengakibatkan kesan buruk. <ref>[http://www.preventionweb.net/files/7817_isdrmalaysiaterminology.pdf UNISDR glossary in Malay]</ref>}}<br/> | ||
− | {{definition|Bulnerabilidad/ Kahinaan: Mga katangian at kalagayan ng isang komunidad, sistema o pag-aari na lumilikha ditong mahina’t madaling kapitan ng mapaminsalang epekto ng isang peligro. <ref>[http://www.preventionweb.net/files/7817_isdrphillipinesterminology.pdf UNISDR glossary in Tagalog]</ref>}}<br/><br/> | + | {{definition|Bulnerabilidad/ Kahinaan: Mga katangian at kalagayan ng isang komunidad, sistema o pag-aari na lumilikha ditong mahina’t madaling kapitan ng mapaminsalang epekto ng isang peligro. <ref>[http://www.preventionweb.net/files/7817_isdrphillipinesterminology.pdf UNISDR glossary in Tagalog]</ref>}}<br/> |
+ | {{definition|脆弱性 - 实体、社会、经济和环境因素或过程所决定、使个人、社区、资产或系统更容 易受到危害影响的状况。 <ref>[https://www.preventionweb.net/files/50683_oiewgreportenglish.pdf UNDRR Terminology on Disaster Risk Reduction in Chinese]</ref>}}<br/>{{definition|<ref>[https://www.preventionweb.net/files/7817_unisdr2009terminologypersianedition.pdf Internationally agreed glossary of basic terms related to Disaster Management in Farsi]</ref>آسيب پذيري <br/>ويژگي و وضعيت هاي يك جامعه، نظام يا دارايي كه آن را مستعد آسيب ديدن از يك مخاطره مي كند. }}<br/><br/> | ||
+ | |||
==== [[UNDHA]] ==== | ==== [[UNDHA]] ==== | ||
{{definition|Vulnerability is the degree of loss (from 0% to 100%) resulting from a potentially damaging phenomenon. <ref name="UNrelief">[http://reliefweb.int/sites/reliefweb.int/files/resources/004DFD3E15B69A67C1256C4C006225C2-dha-glossary-1992.pdf Internationally agreed glossary of basic terms related to Disaster Management]</ref>}}<br/> | {{definition|Vulnerability is the degree of loss (from 0% to 100%) resulting from a potentially damaging phenomenon. <ref name="UNrelief">[http://reliefweb.int/sites/reliefweb.int/files/resources/004DFD3E15B69A67C1256C4C006225C2-dha-glossary-1992.pdf Internationally agreed glossary of basic terms related to Disaster Management]</ref>}}<br/> | ||
{{definition|Vulnerabilidad: grado de pérdida (de 0% a 100%) como resultado de un fénomeno potencialmente dañino. <ref name="UNrelief">[http://reliefweb.int/sites/reliefweb.int/files/resources/004DFD3E15B69A67C1256C4C006225C2-dha-glossary-1992.pdf Internationally agreed glossary of basic terms related to Disaster Management]</ref>}}<br/> | {{definition|Vulnerabilidad: grado de pérdida (de 0% a 100%) como resultado de un fénomeno potencialmente dañino. <ref name="UNrelief">[http://reliefweb.int/sites/reliefweb.int/files/resources/004DFD3E15B69A67C1256C4C006225C2-dha-glossary-1992.pdf Internationally agreed glossary of basic terms related to Disaster Management]</ref>}}<br/> | ||
{{definition|Vulnérabilité: degré de perte (de 0% à 100% ) résultant d'un phénomène susceptible d'engendrer des victimes et des dommages matériels. <ref name="UNrelief">[http://reliefweb.int/sites/reliefweb.int/files/resources/004DFD3E15B69A67C1256C4C006225C2-dha-glossary-1992.pdf Internationally agreed glossary of basic terms related to Disaster Management]</ref>}}<br/><br/> | {{definition|Vulnérabilité: degré de perte (de 0% à 100% ) résultant d'un phénomène susceptible d'engendrer des victimes et des dommages matériels. <ref name="UNrelief">[http://reliefweb.int/sites/reliefweb.int/files/resources/004DFD3E15B69A67C1256C4C006225C2-dha-glossary-1992.pdf Internationally agreed glossary of basic terms related to Disaster Management]</ref>}}<br/><br/> | ||
− | + | ==== [[WHO]] ==== | |
+ | {{definition|Vulnerability: the degree to which a socio-economic system is either susceptible or resilient to the [[impact]] of natural [[Hazard|hazards]] and related technological and environmental [[Disaster|disasters]]. <ref>[http://www.who.int/hac/about/definitions/en/ WHO: Glossary of Humanitarian Terms]</ref>}}The degree of vulnerability is determined by a combination of several factors including hazard awareness, the condition of human settlements and infrastructure, public policy and administration, and organized abilities in all fields of disaster management. Poverty is also one of the main causes of vulnerability in most parts of the world.<br/><br/> | ||
=== National Definitions === | === National Definitions === | ||
==== [[Argentina]] ==== | ==== [[Argentina]] ==== | ||
− | {{definition|Vulnerabilidad: Una debilidad de un activo o grupo de activos que puede ser aprovechada por una [[Threat|amenaza]]. <ref>[http://servicios.infoleg.gob.ar/infolegInternet/anexos/215000-219999/219163/norma.htm Oficina Nacional de Tecnologías de Información ADMINISTRACION PUBLICA NACIONAL Disposición 3/2013 - Apruébase la “Política de Seguridad de la Información Modelo” (2013)]</ref>}}<br/><br/> | + | {{definition|Vulnerabilidad: Una debilidad de un activo o grupo de activos que puede ser aprovechada por una [[Threat|amenaza]]. <ref>[http://servicios.infoleg.gob.ar/infolegInternet/anexos/215000-219999/219163/norma.htm Oficina Nacional de Tecnologías de Información ADMINISTRACION PUBLICA NACIONAL Disposición 3/2013 - Apruébase la “Política de Seguridad de la Información Modelo” (2013)]</ref>}}<br/> |
+ | {{definition|Vulnerabilidad: característica intrínseca a ser afectado o de ser susceptible a sufrir un daño. <ref>[http://www.buenosaires.gob.ar/areas/salud/ceh/archivos/glosario_comites_emergencias.pdf%3Fmenu_id%3D29870 Glosario Comites Emergencia Argentina]</ref>}}<br/><br/> | ||
==== [[Australia]] ==== | ==== [[Australia]] ==== | ||
− | {{definition| Vulnerability is the degree of susceptibility and [[resilience]] of the community and environment to [[Hazard|hazards]]. <ref name="MAIMAus">[https://www.em.gov.au/Documents/Manual03-AEMGlossary.PDF Australian Emergency Management Glossary, Emergency Management Australia (1998)]</ref>}} | + | {{definition|Vulnerability (in reference to risk management): The degree of susceptibility and resilience of an agency to hazards. <ref>[https://www.protectivesecurity.gov.au/resources/Pages/PSPF-Glossary-of-terms.aspx Protective Security Policy Framework - Glossary Oct 2017]</ref>}}<br/> |
− | <br /> | + | |
− | {{definition| Vulnerability is the degree of loss to a given element at risk or set of such elements resulting from the occurrence of a phenomenon of a given magnitude and expressed on a scale of 0 (no damage) to 1 (total loss). <ref name="MAIMAus">[https://www.em.gov.au/Documents/Manual03-AEMGlossary.PDF Australian Emergency Management Glossary, Emergency Management Australia (1998)]</ref>}} <br /> | + | {{definition| Vulnerability is the degree of susceptibility and [[resilience]] of the community and environment to [[Hazard|hazards]]. <ref name="MAIMAus">[https://www.em.gov.au/Documents/Manual03-AEMGlossary.PDF Australian Emergency Management Glossary, Emergency Management Australia (1998)]</ref>}}<br/> |
− | {{definition|Vulnerability: The degree to which a system is susceptible to, or unable to cope with, adverse effects of climate change, including climate variability and extremes. <ref>[http://www.public.health.wa.gov.au/cproot/1510/2/Health_Impacts_of_Climate_Change.pdf Health impacts of climate change: Adaptation strategies for western Australia (2008)]</ref>}}Vulnerability is a function of the character, magnitude, and rate of climate variation to which a system is exposed, its sensitivity, and its adaptive capacity.<br/><br/> | + | {{definition| Vulnerability is the degree of loss to a given element at risk or set of such elements resulting from the occurrence of a phenomenon of a given magnitude and expressed on a scale of 0 (no damage) to 1 (total loss). <ref name="MAIMAus">[https://www.em.gov.au/Documents/Manual03-AEMGlossary.PDF Australian Emergency Management Glossary, Emergency Management Australia (1998)]</ref>}} <br/> |
+ | {{definition|Vulnerability: The degree to which a system is susceptible to, or unable to cope with, adverse effects of climate change, including climate variability and extremes. <ref>[http://www.public.health.wa.gov.au/cproot/1510/2/Health_Impacts_of_Climate_Change.pdf Health impacts of climate change: Adaptation strategies for western Australia (2008)]</ref>}}Vulnerability is a function of the character, magnitude, and rate of climate variation to which a system is exposed, its sensitivity, and its adaptive capacity.<br/> | ||
+ | {{definition|Vulnerability – The extent to which a natural system or human society is unable to cope with the negative impacts of climate change, variability and extremes. <ref>[http://www.oecd.org/env/cc/36736773.pdf ADAPTATION TO CLIMATE CHANGE: KEY TERMS, E. Levina and D. Terpak, OECD (2006) - derived from (Australian Greenhouse Office. 2003)]</ref>}} It depends on changes in climate as well as the sensitivity and adaptive capacity of the system or society.<br /> | ||
+ | {{definition|Vulnerability: a weakness (that may be an unintended consequence of design or configuration) that can be exploited by attackers to compromise or otherwise adversely affect a computer system. <ref>[https://www.staysmartonline.gov.au/glossary on-line glossary Stay Safe On-line]</ref>}} | ||
+ | ===== [[New South Wales]]===== | ||
+ | {{definition|Vulnerability: The mechanism by which [[Critical Infrastructure|critical infrastructure]] can be affected by [[Threat|threats]] and [[Hazard|hazards]]. <ref>[https://www.emergency.nsw.gov.au/Documents/publications/policies/NSW%20Critical%20Infrastructure%20Resilience%20Strategy%202018.pdf NSW Critical Infrastructure Resilience Strategy Partner, Prepare, Provide (2018) ]</ref>}} | ||
+ | <br/><br/> | ||
+ | ====[[Belgium]]==== | ||
+ | {{definition|Kwetsbaarheid is de zwakke schakel van een bezitting of een groep bezittingen die door een of meerdere dreigende gevaren kan worden uitgebuit (ontwikkelingsfout, verkeerde installatie). <ref>[https://www.gegevensbeschermingsautoriteit.be/sites/privacycommission/files/documents/nota_beveiliging_van_persoonsgegevens.pdf | ||
+ | Gegevensbeschermingsautoriteit]</ref>}}<br/><br/> | ||
==== [[Bosnia and Herzegovina]] ==== | ==== [[Bosnia and Herzegovina]] ==== | ||
{{definition|Ugroženost: Karakteristike i okolnosti zajednice, sistema ili sredstva koje ih čine podložnim štetnim efektima opasnosti. (UNISDR, 2009). <ref>[http://www.msb.gov.ba/PDF/EU_SMJERNICE_ZA_PRCJENU_RIZIKA21122015.pdf RADNA VERZIJA OSOBLJA KOMISIJE: Procjena rizika i mapiranje smernice za upravljanje katastrofama]</ref>}} | {{definition|Ugroženost: Karakteristike i okolnosti zajednice, sistema ili sredstva koje ih čine podložnim štetnim efektima opasnosti. (UNISDR, 2009). <ref>[http://www.msb.gov.ba/PDF/EU_SMJERNICE_ZA_PRCJENU_RIZIKA21122015.pdf RADNA VERZIJA OSOBLJA KOMISIJE: Procjena rizika i mapiranje smernice za upravljanje katastrofama]</ref>}} | ||
Line 76: | Line 94: | ||
====[[Capo Verde|Cape Verde]]==== | ====[[Capo Verde|Cape Verde]]==== | ||
{{definition|Vulnerabilidade: Características e circunstâncias de uma comunidade, sistema ou activo que os tornam susceptíveis aos efeitos nocivos do perigo. <ref>[https://www.un.cv/files/RelatorioPDNA_PT.PDF Avaliação das Necessidades Pós- Desastre (PDNA) ERUPÇÃO VULCÂNICA NO FOGO 2014-2015, Cape Verde]</ref>}}Há muitos aspectos de vulnerabilidade, decorrentes de vários factores físicos, sociais, económicos e ambientais. Os exemplos podem incluir má concepção e construção de edifícios, protecção inadequada dos activos, falta de informação e de sensibilização do público, reduzido reconhecimento oficial de riscos e de medidas de preparação, e desrespeito pela gestão ambiental. A vulnerabilidade varia significativamente dentro de uma comunidade e ao longo do tempo. Esta definição identifica vulnerabilidade como uma característica do elemento em questão (comunidade, sistema, ou activo), que é independente da sua exposição. <br/><br/> | {{definition|Vulnerabilidade: Características e circunstâncias de uma comunidade, sistema ou activo que os tornam susceptíveis aos efeitos nocivos do perigo. <ref>[https://www.un.cv/files/RelatorioPDNA_PT.PDF Avaliação das Necessidades Pós- Desastre (PDNA) ERUPÇÃO VULCÂNICA NO FOGO 2014-2015, Cape Verde]</ref>}}Há muitos aspectos de vulnerabilidade, decorrentes de vários factores físicos, sociais, económicos e ambientais. Os exemplos podem incluir má concepção e construção de edifícios, protecção inadequada dos activos, falta de informação e de sensibilização do público, reduzido reconhecimento oficial de riscos e de medidas de preparação, e desrespeito pela gestão ambiental. A vulnerabilidade varia significativamente dentro de uma comunidade e ao longo do tempo. Esta definição identifica vulnerabilidade como uma característica do elemento em questão (comunidade, sistema, ou activo), que é independente da sua exposição. <br/><br/> | ||
+ | ==== [[Chile]] ==== | ||
+ | {{definition|Vulnerabilidad: Es el grado de pérdida de un elemento o grupo de elementos bajo riesgo resultado de la probable ocurrencia de un suceso desastroso, expresada en una escala desde 0 a 1 o pérdida total. <ref>[http://www.gorecoquimbo.gob.cl/gorecoquimbo/site/artic/20150511/asocfile/20150511104931/libro_guia_de_analisis_de_riesgos_naturales_para_el_ordenamiento_territorial_.pdf GUÍA ANÁLISIS DE RIESGOS NATURALES PARA EL ORDENAMIENTO TERRITORIAL Subsecretaría de Desarrollo Regional y Administrativo (SUBDERE) Primera Edición, Junio 2011]</ref>}}<br/><br/> | ||
==== [[Colombia]] ==== | ==== [[Colombia]] ==== | ||
{{definition|Vulnerabilidad: Es una debilidad, atributo o falta de control que permitiría o facilitaría la actuación de una amenaza contra información clasificada, los servicios y recursos que la soportan. <ref>[https://colaboracion.dnp.gov.co/CDT/Conpes/Econ%C3%B3micos/3854.pdf Conpes 3854 POLÍTICA NACIONAL DE SEGURIDAD DIGITAL (2016)]</ref>}}<br/><br/> | {{definition|Vulnerabilidad: Es una debilidad, atributo o falta de control que permitiría o facilitaría la actuación de una amenaza contra información clasificada, los servicios y recursos que la soportan. <ref>[https://colaboracion.dnp.gov.co/CDT/Conpes/Econ%C3%B3micos/3854.pdf Conpes 3854 POLÍTICA NACIONAL DE SEGURIDAD DIGITAL (2016)]</ref>}}<br/><br/> | ||
Line 83: | Line 103: | ||
==== [[Czech Republic]] ==== | ==== [[Czech Republic]] ==== | ||
{{definition|Zranitelnost: Slabé místo aktiva nebo řízení, které může být využito hrozbou. <ref>[http://www.govcert.cz/download/nodeid-561 Výkladový slovník kybernetické bezpečnosti (2013)]</ref> <br/><br/>Vulnerability is a weak spot of an [[asset]] or control which can be made use of by a [[threat]]. <ref>[http://www.govcert.cz/download/nodeid-1143/ Act No. 181 of 23 July 2014 On Cyber Security and Change of Related Acts (Act on Cyber Security)]</ref>}}<br /><br/> | {{definition|Zranitelnost: Slabé místo aktiva nebo řízení, které může být využito hrozbou. <ref>[http://www.govcert.cz/download/nodeid-561 Výkladový slovník kybernetické bezpečnosti (2013)]</ref> <br/><br/>Vulnerability is a weak spot of an [[asset]] or control which can be made use of by a [[threat]]. <ref>[http://www.govcert.cz/download/nodeid-1143/ Act No. 181 of 23 July 2014 On Cyber Security and Change of Related Acts (Act on Cyber Security)]</ref>}}<br /><br/> | ||
+ | ==== [[Dominican Republic]] ==== | ||
+ | {{definition|Vulnerabilidad: grado en que un sistema es susceptible o incapaz de hacer frente a los efectos adversos del cambio climático, incluyendo la variabilidad climática y los extremos del clima. <ref>[https://cambioclimatico.gob.do/glosario/ NATIONAL COUNCIL FOR CLIMATE CHANGE AND THE CLEAN DEVELOPMENT MECHANISM -CNCCMDL, Dominican Republic]</ref>}}La vulnerabilidad es una función del carácter, magnitud y tasa de variación (rapidez del cambio) climática a que está expuesto un sistema, su sensibilidad y su capacidad de adaptación.<br /><br/> | ||
+ | ==== [[El Salvador]] ==== | ||
+ | {{definition|Vulnerabilidad: Es cualquier debilidad en un sistema informático que puede ser utilizada por una o más amenazas de ciberseguridad y comprometer la seguridad de este. <ref>[https://consulta.innovacion.gob.sv/legislation/processes/13/draft_versions/31 (Draft) Ley de ciberseguridad]</ref>}}<br/> | ||
+ | {{definition|Vulnerabilidad: Factor de riesgo interno de un elemento o grupo de elementos expuestos a una amenaza, correspondiente a su predisposición intrínseca a ser afectado, de ser susceptible a sufrir un daño, y de encontrar dificultades en recuperarse posteriormente. Corresponde a la predisposición o susceptibilidad física, económica, política o social que tiene una comunidad de ser afectada o de sufrir efectos adversos en caso de que un fenómeno peligroso de origen natural o causado por el hombre se manifieste. <ref>[http://www.marn.gob.sv/glosario-de-riesgo/ Glosario de Riesgo, Ministerio de Medio Ambiente y Recursos Naturales, El Salvador]</ref>}}Las diferencias de vulnerabilidad del contexto social y material expuesto ante un fenómeno peligroso determinan el carácter selectivo de la severidad de sus efectos.<br/><br/> | ||
+ | |||
+ | ====[[Eswatini]]==== | ||
+ | {{definition|Vulnerability: Bugs in software programs that have the potential to be exploited by malicious cyber attackers. <ref>[https://ncsirt.org.sz/wp-content/uploads/2021/06/Eswatini-NCS-2020.pdf ESWATINI NATIONAL CYBERSECURITY STRATEGY 2020 - 2025 (2020)]</ref>}}<br/> | ||
==== [[France]] ==== | ==== [[France]] ==== | ||
− | {{Definition| | + | {{Definition|Vulnérabilité: propension d’un milieu, d’un bien ou d’une personne à subir des conséquences dommageables à la suite d’un événement. Elle ne produit pas nécessairement de dommage par elle-même. <ref>[http://circulaire.legifrance.gouv.fr/pdf/2014/01/cir_37828.pdf INSTRUCTION GENERALE INTERMINISTERIELLE RELATIVE A LA SECURITE DES ACTIVITES D’IMPORTANCE VITALE N°6600/SGDSN/PSE/PSN du 7 janvier 2014, PREMIER MINISTRE, SECRETARIAT GENERAL DE LA DEFENSE ET DE LA SECURITE NATIONALE, Direction Protection et Sécurité de l’Etat N° NOR: PRMD1400503J] </ref>}} |
Unofficial translation: propensity of an environment, a good or a person to suffer from adverse [[consequence|consequences]] as a result of an [[event]]. It does not necessarily produce [[damage]] itself. | Unofficial translation: propensity of an environment, a good or a person to suffer from adverse [[consequence|consequences]] as a result of an [[event]]. It does not necessarily produce [[damage]] itself. | ||
<br/><br/> | <br/><br/> | ||
{{definition|Vulnérabilité: Mesure dans laquelle un système est sensible – ou incapable de faire face – aux effets défavorables des changements climatiques, y compris la variabilité du climat et les phénomènes extrêmes. <ref>[http://agriculture.gouv.fr/changement-climatique-glossaire-des-definitions Changement climatique: glossaire des définitions]</ref>}}La vulnérabilité est fonction de la nature, de l’ampleur et du rythme de la variation du climat à laquelle le système considéré est exposé, de la sensibilité de ce système et de sa capacité d’adaptation (GIEC, 2007).<br/><br/> | {{definition|Vulnérabilité: Mesure dans laquelle un système est sensible – ou incapable de faire face – aux effets défavorables des changements climatiques, y compris la variabilité du climat et les phénomènes extrêmes. <ref>[http://agriculture.gouv.fr/changement-climatique-glossaire-des-definitions Changement climatique: glossaire des définitions]</ref>}}La vulnérabilité est fonction de la nature, de l’ampleur et du rythme de la variation du climat à laquelle le système considéré est exposé, de la sensibilité de ce système et de sa capacité d’adaptation (GIEC, 2007).<br/><br/> | ||
− | {{definition|Vulnérabilité: Faute, par malveillance ou maladresse, dans les spécifications, la conception, la réalisation, l’installation ou la configuration d’un système, ou dans la façon de l’utiliser. <ref>[https://www.ssi.gouv.fr/entreprise/glossaire/ ANSSI Glossaire]</ref>}}Remarques : Une vulnérabilité peut être utilisée par un code d’exploitation et conduire à une intrusion dans le système.<br/><br/> | + | {{definition|Vulnérabilité: Faute, par malveillance ou maladresse, dans les spécifications, la conception, la réalisation, l’installation ou la configuration d’un système, ou dans la façon de l’utiliser. <ref>[https://www.ssi.gouv.fr/entreprise/glossaire/ ANSSI Glossaire]</ref>}}Remarques : Une vulnérabilité peut être utilisée par un code d’exploitation et conduire à une intrusion dans le système.<br/> |
+ | |||
+ | {{definition|Vulnérabilité: erreur de conception ou failblesse dans un équipement informatique suspectible de permesttre à un attaquant de conduire une action malveillante à son encontre. <ref>[http://www.sgdsn.gouv.fr/uploads/2018/02/20180206-np-revue-cyber-public-v3.3-publication.pdf Revue stratégique de cyberdéfense 12 février 2018]</ref>}} | ||
+ | <br/> | ||
+ | |||
+ | {{definition|Vulnérabilité: Caractéristique d’un bien support qui peut constituer une faiblesse ou une faille au regard de la sécurité des systèmes d’information. <ref>[https://www.ssi.gouv.fr/uploads/2014/01/securite_industrielle_GT_methode_classification-principales_mesures.pdf Méthode de classification et mesures principales, ANSSI (2014)]</ref><br/><br/>Vulnerability: Characteristic of a supporting asset that can constitute a weakness or flaw concerning information system security. <ref>[https://www.ssi.gouv.fr/uploads/2014/01/industrial_security_WG_Classification_Method.pdf Classification Method and Key Measures, ANSSI (2014)]</ref>}}<br/><br/> | ||
+ | |||
+ | ==== [[Gambia]] ==== | ||
+ | {{definition|Vulnerability: A weakness of an ICT asset or control that can be exploited by one or more [[Threat|threats]]. <ref>[http://www.moici.gov.gm/sites/default/files/2019-09/20160726%20Gambia%20Strategy%20-%20Cybersecurity%20Strategy_final_with_Gambia_cover_page.pdf THE GAMBIA NATIONAL CYBERSECURITY STRATEGY (2019)]</ref>}}<br /><br/> | ||
==== [[Germany]]==== | ==== [[Germany]]==== | ||
{{definition|Verwundbarkeit, Verletzlichkeit, Vulnerabilität: Das Ausmaß, zu welchem ein System anfällig ist gegenüber nachteiligen Auswirkungen des Klimawandels, einschließlich der Klimavariabilität und der Extrema oder unfähig ist, diese zu bewältigen. <ref>[http://www.bmub.bund.de/fileadmin/bmu-import/files/pdfs/allgemein/application/pdf/das_gesamt_bf.pdf Deutsche Anpassungsstrategie an den Klimawandel, Bundeskabinett, 17. Dezember 2008 ]</ref>}}Die Verwundbarkeit ist abhängig von der Art, dem Ausmaß und der Geschwindigkeit der Klimaänderung sowie der Schwankung, welcher das System ausgesetzt ist, seiner Empfindlichkeit und seiner Anpassungskapazität.<br /><br/> | {{definition|Verwundbarkeit, Verletzlichkeit, Vulnerabilität: Das Ausmaß, zu welchem ein System anfällig ist gegenüber nachteiligen Auswirkungen des Klimawandels, einschließlich der Klimavariabilität und der Extrema oder unfähig ist, diese zu bewältigen. <ref>[http://www.bmub.bund.de/fileadmin/bmu-import/files/pdfs/allgemein/application/pdf/das_gesamt_bf.pdf Deutsche Anpassungsstrategie an den Klimawandel, Bundeskabinett, 17. Dezember 2008 ]</ref>}}Die Verwundbarkeit ist abhängig von der Art, dem Ausmaß und der Geschwindigkeit der Klimaänderung sowie der Schwankung, welcher das System ausgesetzt ist, seiner Empfindlichkeit und seiner Anpassungskapazität.<br /><br/> | ||
{{definition|The extent to which a system is susceptible to damage caused by [[Climate Change|climate change]]. <ref>[http://www.germany.info/contentblob/2293498/Daten/426241/Adaptation_DD.pdf Combating Climate Change: The German Adaptation Strategy]</ref>}} Vulnerability depends on a variety of factors. External factors are the nature, scale and speed of climate change and their variations. Internal factors are the sensitivity and adaptive capacity of the system in question.<br/><br/> | {{definition|The extent to which a system is susceptible to damage caused by [[Climate Change|climate change]]. <ref>[http://www.germany.info/contentblob/2293498/Daten/426241/Adaptation_DD.pdf Combating Climate Change: The German Adaptation Strategy]</ref>}} Vulnerability depends on a variety of factors. External factors are the nature, scale and speed of climate change and their variations. Internal factors are the sensitivity and adaptive capacity of the system in question.<br/><br/> | ||
− | {{definition|Vulnerabilität: Maß für die anzunehmende Schadensanfälligkeit eines Schutzgutes in Bezug auf ein bestimmtes [[Incident|Ereignis]]. <ref>[http://www.bbk.bund.de/SharedDocs/Downloads/BBK/DE/Publikationen/Wissenschaftsforum/Bd8_Methode-Risikoanalyse-BS.pdf Methode für die Risikoanalyse im Bevölkerungsschutz]</ref>}}<br/><br/> | + | {{definition|Vulnerabilität: Maß für die anzunehmende Schadensanfälligkeit eines Schutzgutes in Bezug auf ein bestimmtes [[Incident|Ereignis]]. <ref>[http://www.bbk.bund.de/SharedDocs/Downloads/BBK/DE/Publikationen/Wissenschaftsforum/Bd8_Methode-Risikoanalyse-BS.pdf Methode für die Risikoanalyse im Bevölkerungsschutz]</ref>}}<br/> |
+ | {{definition|Vulnerabilität ist ein Maß für die anzunehmende Schadensanfälligkeit eines Schutzgutes in Bezug auf ein bestimmtes Ereignis. <ref>[http://www.bbk.bund.de/DE/Servicefunktionen/Glossar/_function/glossar.html?lv2=4968156&lv3=6222934 Glossar, Das Bundesamt für Bevölkerungsschutz und Katastrophenhilfe (BBK)]</ref>}}<br/><br/> | ||
==== [[Guatemala]] ==== | ==== [[Guatemala]] ==== | ||
{{definition|Vulnerabilidad: Condiciones de exposición al daño vinculadas a deficiencias, debilidades o limitaciones en las capacidades y medios necesarios suficientes para enfrentar amenazas que pongan en riesgo la Seguridad de la Nación. <ref>[http://stcns.gob.gt/docs/2016/Plan_Estrategico/PESN%202016-2020.pdf Plan Estratégico de Seguridad de la Nación 2016-2020, Guatemala]</ref>}}<br/><br/> | {{definition|Vulnerabilidad: Condiciones de exposición al daño vinculadas a deficiencias, debilidades o limitaciones en las capacidades y medios necesarios suficientes para enfrentar amenazas que pongan en riesgo la Seguridad de la Nación. <ref>[http://stcns.gob.gt/docs/2016/Plan_Estrategico/PESN%202016-2020.pdf Plan Estratégico de Seguridad de la Nación 2016-2020, Guatemala]</ref>}}<br/><br/> | ||
+ | ==== [[Hong Kong]] ==== | ||
+ | {{definition|保安漏洞 : 系統的缺點或弱點,讓入侵者有機可乘加以破壞,違反保安政 策。 <br/><br/>Vulnerability: A flaw or weakness in a system that could be exploited by intruders to violate the security policy. <ref>[https://www.infosec.gov.hk/english/glossary/files/InfoSecGlossary_eng.pdf Glossary for Information Security Terms/資訊保安詞彙表] </ref>}}<br/><br/> | ||
====[[India]]==== | ====[[India]]==== | ||
{{definition|A vulnerability is a weakness that could be exploited to cause [[damage]] to the system or the [[Asset|assets]] it contains. <ref>[http://www.dgqadefence.gov.in/documents/pdf/cyber-security-policy-dgqa-2015.pdf India's DGQA Cyber Security Policy (2015)]</ref>}}<br /> | {{definition|A vulnerability is a weakness that could be exploited to cause [[damage]] to the system or the [[Asset|assets]] it contains. <ref>[http://www.dgqadefence.gov.in/documents/pdf/cyber-security-policy-dgqa-2015.pdf India's DGQA Cyber Security Policy (2015)]</ref>}}<br /> | ||
{{definition|Vulnerable, vulnerability: ேசதமைட, / தா�க"ப2 த�ைம <ref>[http://www.imdchennai.gov.in/Tamil%20glossary.pdf Glossary of Meteorological Terms in Tamil]</ref>}}<br/> | {{definition|Vulnerable, vulnerability: ேசதமைட, / தா�க"ப2 த�ைம <ref>[http://www.imdchennai.gov.in/Tamil%20glossary.pdf Glossary of Meteorological Terms in Tamil]</ref>}}<br/> | ||
+ | |||
+ | {{definition|Vulnerability: The characteristics and circumstances of a community, system or asset that make it susceptible to the damaging effects of a [[hazard]]. <ref>[https://ndma.gov.in/images/policyplan/dmplan/National%20Disaster%20Management%20Plan%20May%202016.pdf National Disaster Management Plan (NDMP)- (2016)]</ref>}}<br/><br/> | ||
+ | |||
==== [[Ireland]] ==== | ==== [[Ireland]] ==== | ||
{{definition|(climate change) Vulnerability can be defined as the degree to which a system is susceptible to, and unable to cope with, adverse effects of climate change, including climate variability and extremes. <ref>[http://www.housing.gov.ie/sites/default/files/migrated-files/en/Publications/Environment/ClimateChange/FileDownLoad%2C32076%2Cen.pdf Building Resilience to Climate Change, Department of the Environment,Community and Local Government (2012)]</ref>}}Vulnerability is a function of the character, magnitude and rate of climate change and variation to which a system is exposed, its sensitivity and its adaptive capacity. <br /><br/> | {{definition|(climate change) Vulnerability can be defined as the degree to which a system is susceptible to, and unable to cope with, adverse effects of climate change, including climate variability and extremes. <ref>[http://www.housing.gov.ie/sites/default/files/migrated-files/en/Publications/Environment/ClimateChange/FileDownLoad%2C32076%2Cen.pdf Building Resilience to Climate Change, Department of the Environment,Community and Local Government (2012)]</ref>}}Vulnerability is a function of the character, magnitude and rate of climate change and variation to which a system is exposed, its sensitivity and its adaptive capacity. <br /><br/> | ||
− | + | ==== [[Israel]] ==== | |
+ | {{definition|נקודת תורפה במערכת ממוחשבת או ברכיב שלה או בנוהל הקשור אליה אשר ניתן לנצלה כדי לחולל אירוע סייבר. <ref>[https://www.gov.il/he/Departments/General/terms CERT.IL Glossary]</ref>}}<br/><br/> | ||
==== [[Italy]] ==== | ==== [[Italy]] ==== | ||
{{definition|La Vulnerabilità di un elemento (persone, edifici, infrastrutture, attività economiche) è la propensione a subire danneggiamenti in conseguenza delle sollecitazioni indotte da un evento di una certa intensità. <ref>[http://www.protezionecivile.gov.it/jcms/it/glossario.wp Dipartimento della Protezione Civile Glossario]</ref>}}<br/> | {{definition|La Vulnerabilità di un elemento (persone, edifici, infrastrutture, attività economiche) è la propensione a subire danneggiamenti in conseguenza delle sollecitazioni indotte da un evento di una certa intensità. <ref>[http://www.protezionecivile.gov.it/jcms/it/glossario.wp Dipartimento della Protezione Civile Glossario]</ref>}}<br/> | ||
Line 121: | Line 164: | ||
====[[Kingdom of Saudi Arabia]]==== | ====[[Kingdom of Saudi Arabia]]==== | ||
− | {{definition|A | + | {{definition|A vulnerability is a defect or weakness in system security procedure, design, implementation, or internal control that an attacker can exploit. <ref>[http://www.mcit.gov.sa/Ar/MediaCenter/PubReqDocuments/NISS_Draft_7_EN.pdf Developing National Information Security Strategy for the Kingdom of Saudi Arabia NISS draft 7]</ref>}}<br /> |
− | {{definition|Vulnerability is the susceptibility of individuals or a community, services or infrastructure to [[damage]] or [[harm]] arising from an [[emergency]] or other [[incident]]. <ref> [https://www.gov.uk/government/uploads/system/uploads/attachment_data/file/61046/EP_Glossary_amends_18042012_0.pdf Glossary - Revision to Emergency Preparedness, Cabinet Office (2012)]</ref>}} <br /><br/> | + | {{definition|Vulnerability is the susceptibility of individuals or a community, services or infrastructure to [[damage]] or [[harm]] arising from an [[emergency]] or other [[incident]]. <ref> [https://www.gov.uk/government/uploads/system/uploads/attachment_data/file/61046/EP_Glossary_amends_18042012_0.pdf Glossary - Revision to Emergency Preparedness, Cabinet Office (2012)]</ref>}}<br /> |
+ | {{definition|Vulnerability: Weakness in an information system, system security procedures, internal controls, or implementation that could be exploited or triggered by a threat source. (NISTIR 7298r2 Glossary of Key Information Security Terms) <ref>[http://www.sama.gov.sa/en-US/Laws/BankingRules/SAMA%20Cyber%20Security%20Framework.pdf Cyber Security Framework Saudi Arabian Monetary Authority Version 1.0 May 2017 ]</ref>}}<br/><br/> | ||
==== [[Kiribati]] ==== | ==== [[Kiribati]] ==== | ||
{{definition|Te kai rotaki: E uakoraa ana konabwai te botannaomata ni kaaitarai korakoran aananga ni kabuanibwai ake a riki man bibitakin kanoan te bong. <ref>[http://www.president.gov.ki/wp-content/uploads/2014/08/KAPII-Bi-Lingual-Glossary-CLIMATE-CHANGE-TERMS.pdf Kiribati BI-LINGUAL GLOSSARY OF CLIMATE CHANGE TERMS, Original translations by Dr Temakei Tebano & Etita Teiabauri, 2008]</ref><br/><br/>Vulnerability: The extent to which an ecosystem or organization can cope with the negative impacts of [[Climate Change|climate change]], variability and extremes. }}<br/><br/> | {{definition|Te kai rotaki: E uakoraa ana konabwai te botannaomata ni kaaitarai korakoran aananga ni kabuanibwai ake a riki man bibitakin kanoan te bong. <ref>[http://www.president.gov.ki/wp-content/uploads/2014/08/KAPII-Bi-Lingual-Glossary-CLIMATE-CHANGE-TERMS.pdf Kiribati BI-LINGUAL GLOSSARY OF CLIMATE CHANGE TERMS, Original translations by Dr Temakei Tebano & Etita Teiabauri, 2008]</ref><br/><br/>Vulnerability: The extent to which an ecosystem or organization can cope with the negative impacts of [[Climate Change|climate change]], variability and extremes. }}<br/><br/> | ||
+ | ====[[Kuwait]]==== | ||
+ | {{definition|Vulnerability: Any weakness that could be exploited to violate a system or the information it contains. <ref>[https://citra.gov.kw/sites/en/Pages/Glossary.aspx Glossary Communication and Information Technology Regulatory]</ref>}}<br/><br/> | ||
+ | ==== [[Lebanon]]==== | ||
+ | {{definition|Vulnerability(ies): The existence of a weakness, design, or implementation error that can lead to an unexpected, undesirable event compromising the security of the computer system, network, application, or protocol involved. <ref>[http://pcm.gov.lb/Library/Files/LRF/tamim/Strategie_Liban_Cyber_EN_V20_Lg.pdf Lebanon Cyber Security Strategy v2]</ref>}}<br/> | ||
==== [[Luxembourg]] ==== | ==== [[Luxembourg]] ==== | ||
− | {{definition|Vulnérabilité: Faute, par malveillance ou maladresse, dans les spécifications, la conception, la réalisation, l’installation ou la configuration d’un système, ou dans la façon de l’utiliser. <ref> | + | {{definition|Vulnérabilité: Faute, par malveillance ou maladresse, dans les spécifications, la conception, la réalisation, l’installation ou la configuration d’un système, ou dans la façon de l’utiliser. <ref>From French Glossary</ref>}}<br /> |
+ | {{definition|Vulnérabilité: Faille dans un actif ou dans une mesure de sécurité qui peut être exploitée par une ou plusieurs menaces. <ref>[https://cybersecurite.public.lu/fr/glossaire.html Glossaire]</ref>}}<br/><br/> | ||
+ | |||
==== [[Madagascar]] ==== | ==== [[Madagascar]] ==== | ||
{{definition|Vulnérabilité: Une série de circonstances prédominantes ou consecutives composes de facteurs physiques, socio-économiques, et/ou politiques, qui affectent les aptitudes à faire face aux catastrophes. <ref>[http://www.primature.gov.mg/cpgu/wp-content/uploads/2014/03/SNGRC.pdf Stratégie Nationale de Gestion des Risques et des Catastrophes – Madagascar (2014)]</ref>}}Les vulnérabilités peuvent être d’ordre physique, social ou comportemental et de nature principale ou secondaire. Les strategies qui réduisent la vulnérabilité, diminuent également les risques. <br/><br/> | {{definition|Vulnérabilité: Une série de circonstances prédominantes ou consecutives composes de facteurs physiques, socio-économiques, et/ou politiques, qui affectent les aptitudes à faire face aux catastrophes. <ref>[http://www.primature.gov.mg/cpgu/wp-content/uploads/2014/03/SNGRC.pdf Stratégie Nationale de Gestion des Risques et des Catastrophes – Madagascar (2014)]</ref>}}Les vulnérabilités peuvent être d’ordre physique, social ou comportemental et de nature principale ou secondaire. Les strategies qui réduisent la vulnérabilité, diminuent également les risques. <br/><br/> | ||
==== [[Mexico]] ==== | ==== [[Mexico]] ==== | ||
− | {{definition|Vulnerabilidad: Estimación de lo que pasará cuando los efectos de un accidente (radiación térmica, onda de choque, evolución de la concentración de una sustancia, entre otros.) actúan sobre las personas, el medio, sobre edificios, equipo, entre otros. Esta estimación puede realizarse mediante una serie de datos tabulados, gráficos y por los modelos de vulnerabilidad. <ref>[http://tramites.semarnat.gob.mx/Doctos/DGIRA/Guia/MIAParticularRiesgo/GuiasEstudioRiesgo/g_vias_generales.pdf GUÍA PARA LA PRESENTACIÓN DEL ESTUDIO DE RIESGO MODALIDAD ANALISIS DE RIESGO, Mexico] </ref>}}<br /><br /> | + | {{definition|Vulnerabilidades: Las debilidades identificadas en la ciberseguridad dentro de las dependencias o entidades de la APF, los Poderes Legislativo y Judicial, los órganos constitucionales autónomos, las empresas productivas del Estado, los Gobiernos Estatales, Municipales y Delegacionales, así como los particulares que potencialmente permiten que una amenaza afecte los activos de TIC, a la Infraestructura Información Esencial, así como a los Activos de Información. <ref>[https://www.gob.mx/cms/uploads/attachment/file/271884/Estrategia_Nacional_Ciberseguridad.pdf Estragia Nacional de Ciberseguridad (November 2017)]</ref>}}<br/> |
+ | {{definition|Vulnerabilidad: Estimación de lo que pasará cuando los efectos de un accidente (radiación térmica, onda de choque, evolución de la concentración de una sustancia, entre otros.) actúan sobre las personas, el medio, sobre edificios, equipo, entre otros. Esta estimación puede realizarse mediante una serie de datos tabulados, gráficos y por los modelos de vulnerabilidad. <ref>[http://tramites.semarnat.gob.mx/Doctos/DGIRA/Guia/MIAParticularRiesgo/GuiasEstudioRiesgo/g_vias_generales.pdf GUÍA PARA LA PRESENTACIÓN DEL ESTUDIO DE RIESGO MODALIDAD ANALISIS DE RIESGO, Mexico] </ref>}}<br /> | ||
+ | {{definition|Vulnerabilidad: Nivel al que un sistema es susceptible, o no es capaz de soportar, los efectos adversos del cambio climático, incluida la variabilidad climática y los fenómenos extremos. <ref>[http://www.ccpy.gob.mx/glosario-terminos-ipcc.pdf Glosario IPCC, Mexico]</ref>}} La vulnerabilidad está en función del carácter, magnitud y velocidad de la variación climática al que se encuentra expuesto un sistema, su sensibilidad, y su capacidad de adaptación.<br /><br/> | ||
+ | {{definition|Vulnerabilidad: Factor de riesgo interno de un elemento o grupo de elementos expuestos a una amenaza. <ref>[http://www.atlasnacionalderiesgos.gob.mx/apps/IGOPP/glosario.php El Glosario Centro Nacional de prevencion de desastres (CENAPRED)]</ref>}}Corresponde a la predisposición o susceptibilidad física, económica, política o social que tiene una comunidad de ser afectada o de sufrir efectos adversos en caso de que se manifieste un fenómeno peligroso de origen natural, socio natural o antropogénico. Representa también las condiciones que imposibilitan o dificultan la recuperación autónoma posterior. Las diferencias de vulnerabilidad del contexto social y material expuesto ante un fenómeno peligroso determinan el carácter selectivo de la severidad de sus efectos. Sistema de condiciones y procesos resultantes de factores físicos, sociales, económicos y medioambientales que aumentan la susceptibilidad de una comunidad al impacto de los peligros. <br/><br/> | ||
+ | |||
====[[Morocco]]==== | ====[[Morocco]]==== | ||
{{definition|Vulnérabilité: Faille de sécurité dans un programme ou sur un système informatique. <ref>[http://www.dgssi.gov.ma/dgssi_assets/user_upload/STRATEGIE_NATIONALE.pdf STRATEGIE NATIONALE EN MATIERE DE CYBERSECURITE, Morocco, 2011]</ref><br/><br/>Vulnerability: Security flaw in a program or on a computer system.}}<br /><br/> | {{definition|Vulnérabilité: Faille de sécurité dans un programme ou sur un système informatique. <ref>[http://www.dgssi.gov.ma/dgssi_assets/user_upload/STRATEGIE_NATIONALE.pdf STRATEGIE NATIONALE EN MATIERE DE CYBERSECURITE, Morocco, 2011]</ref><br/><br/>Vulnerability: Security flaw in a program or on a computer system.}}<br /><br/> | ||
+ | ====[[Mozambique]]==== | ||
+ | {{definition|Vulnerabilidade: Propriedade intrínseca de algo resultando em suscetibilidade a uma fonte de risco que pode levar a um evento com uma consequência. Conjunto de factores internos ou causa potencial de um incidente indesejado, que podem resultar em risco para um sistema ou organização, os quais podem ser evitados por uma acção interna de segurança da informação. <ref>[https://cta.org.mz/wp-content/uploads/2021/02/Estrategia-Nacional-de-Seguranca-Ciberneticas.pdf Estratégia Nacional de Segurança Cibernética de Moçambique (2021-2024)]</ref>}}<br/><br/> | ||
+ | |||
==== [[Nepal]] ==== | ==== [[Nepal]] ==== | ||
{{definition|Vulnerability: The degree to which a system is susceptible to, or unable to cope with, adverse effects of climate change, including climate variability and extremes. <ref>[http://ppcr.moste.gov.np/wp-content/uploads/2015/02/Training-Manual-Final-26-January-2015-sohan.pdf Climate Change and Community Based Adaptation Planning Training Manual, Government of Nepal (2015)]</ref>}}Vulnerability is a function of the character, magnitude, and rate of climate variation to which a system is exposed, its sensitivity, and its adaptive capacity.<br/><br/> | {{definition|Vulnerability: The degree to which a system is susceptible to, or unable to cope with, adverse effects of climate change, including climate variability and extremes. <ref>[http://ppcr.moste.gov.np/wp-content/uploads/2015/02/Training-Manual-Final-26-January-2015-sohan.pdf Climate Change and Community Based Adaptation Planning Training Manual, Government of Nepal (2015)]</ref>}}Vulnerability is a function of the character, magnitude, and rate of climate variation to which a system is exposed, its sensitivity, and its adaptive capacity.<br/><br/> | ||
==== [[Netherlands]] ==== | ==== [[Netherlands]] ==== | ||
− | {{definition|Een kwetsbaarheid is een eigenschap van een samenleving, organisatie of informatiesysteem (of een onderdeel daarvan) die een kwaadwillende partij de kans geeft om de legitieme toegang tot informatie of functionaliteit te verhinderen en te beïnvloeden, of om die ongeautoriseerd te benaderen. <ref>[https://www.ncsc.nl/actueel/Cybersecuritybeeld+Nederland/cybersecuritybeeld-nederland-2016.html Cybersecuritybeeld Nederland 2016 NCSC, Cyber Security Beeld Nederland 5 (2015)]</ref>}}<br/><br/> | + | {{definition|Kwetsbaarheid: Een kwetsbaarheid is een eigenschap die een aanvaller de mogelijkheid biedt een cyberaanval uit te voeren of een eigenschap die kan leiden tot uitval. Dit kan zich voordoen in een digitale dienst, proces of systeem, maar ook in de samenleving als geheel of in een specifieke organisatie. <ref>[https://www.ncsc.nl/binaries/ncsc/documenten/publicaties/2020/juni/29/csbn-2020/CSBN+2020.pdf Cyber Security Beeld Nederland 2020]</ref>}}<br/> |
+ | |||
+ | {{definition|Een kwetsbaarheid is een eigenschap van een samenleving, organisatie of informatiesysteem (of een onderdeel daarvan) die een kwaadwillende partij de kans geeft om de legitieme toegang tot informatie of functionaliteit te verhinderen en te beïnvloeden, of om die ongeautoriseerd te benaderen. <ref>[https://www.ncsc.nl/binaries/content/documents/ncsc-nl/actueel/cybersecuritybeeld-nederland/cybersecuritybeeld-nederland-2018/1/CSBN_2018.pdf Cyber Security Beeld Nederland 2018]</ref> <ref>[https://www.ncsc.nl/actueel/Cybersecuritybeeld+Nederland/cybersecuritybeeld-nederland-2016.html Cybersecuritybeeld Nederland 2016 NCSC, Cyber Security Beeld Nederland 5 (2015)]</ref>}}<br/> | ||
+ | {{definition|Kwetsbaarheid (vulnerability): Een kwetsbaarheid is een zwakke plek in een proces, object, software of hardware dat kan worden misbruikt door één of meerdere dreigingen. <ref>[https://kennisopenbaarbestuur.nl/media/53867/handreiking-cybercrime.pdf Handreiking Cybercrime (2012)]</ref>}}<br/><br/> | ||
==== [[Nigeria]] ==== | ==== [[Nigeria]] ==== | ||
− | {{definition|Vulnerability is the structural weaknesses of the nation’s information systems and critical information infrastructure ranging from technical flaws, porous measures, to human negligence. <ref>[https://cert.gov.ng/images/uploads/NATIONAL_CYBESECURITY_STRATEGY.pdf National Cyber Security Strategy Nigeria (2014)]</ref>}}<br /><br/> | + | {{definition|Vulnerability is the structural weaknesses of the nation’s information systems and critical information infrastructure ranging from technical flaws, porous measures, to human negligence. <ref>[https://cert.gov.ng/images/uploads/NATIONAL_CYBESECURITY_STRATEGY.pdf National Cyber Security Strategy Nigeria (2014)]</ref>}}<br /> |
+ | {{definition|Vulnerability: A weakness which allows an attacker to reduce a system's information assurance. <ref>[https://www.cert.gov.ng/file/docs/draft-action-plan-ncss.pdf DRAFT ACTION PLAN FOR IMPLEMENTATION OF THE NATIONAL CYBERSECURITY STRATEGY 2019]</ref>}}<br /><br/> | ||
+ | |||
==== [[Norway]] ==== | ==== [[Norway]] ==== | ||
{{definition|Sårbarhet: (1) Et uttrykk for de problemer et system vil få med å fungere når det utsettes for en uønsket hendelse, og de problemer systemet får med å gjenoppta sin virksomhet etter at hendelsen har inntruffet. (2) Sårbarheten til et system er et uttrykk for de svakheter og mangler som finnes i systemet og spesielle omstendigheter som øker sannsynligheten for at trusler vil materialisere seg i en sikkerhetshendelse. <ref>[https://www.regjeringen.no/globalassets/upload/fad/vedlegg/ikt-politikk/nasjonal_strategi_infosikkerhet.pdf Nasjonal strategi for informasjonssikkerhet (2012)]</ref><br/><br/>Vulnerability: (1) The challenges a system will have to face to function when subjected to an adverse [[event]], and challenges related to resuming normal system operation after the event has occurred. (2) The vulnerability of a system is an expression of its weaknesses and flaws and special circumstances that would increase the likelihood that [[threat|threats]] will materialise into a security incident. <ref>[https://www.regjeringen.no/globalassets/upload/fad/vedlegg/ikt-politikk/cyber_security_strategy_norway.pdf Cyber Security Strategy for Norway (2012)]</ref>}}A system’s vulnerability is reduced by increasing the system’s robustness. Examples of special circumstances can include size, complexity, that many [[stakeholder]]s are involved, geographical distribution, frequent changes, and exposed location.<br /> | {{definition|Sårbarhet: (1) Et uttrykk for de problemer et system vil få med å fungere når det utsettes for en uønsket hendelse, og de problemer systemet får med å gjenoppta sin virksomhet etter at hendelsen har inntruffet. (2) Sårbarheten til et system er et uttrykk for de svakheter og mangler som finnes i systemet og spesielle omstendigheter som øker sannsynligheten for at trusler vil materialisere seg i en sikkerhetshendelse. <ref>[https://www.regjeringen.no/globalassets/upload/fad/vedlegg/ikt-politikk/nasjonal_strategi_infosikkerhet.pdf Nasjonal strategi for informasjonssikkerhet (2012)]</ref><br/><br/>Vulnerability: (1) The challenges a system will have to face to function when subjected to an adverse [[event]], and challenges related to resuming normal system operation after the event has occurred. (2) The vulnerability of a system is an expression of its weaknesses and flaws and special circumstances that would increase the likelihood that [[threat|threats]] will materialise into a security incident. <ref>[https://www.regjeringen.no/globalassets/upload/fad/vedlegg/ikt-politikk/cyber_security_strategy_norway.pdf Cyber Security Strategy for Norway (2012)]</ref>}}A system’s vulnerability is reduced by increasing the system’s robustness. Examples of special circumstances can include size, complexity, that many [[stakeholder]]s are involved, geographical distribution, frequent changes, and exposed location.<br /> | ||
Line 153: | Line 215: | ||
==== [[Philippines]] ==== | ==== [[Philippines]] ==== | ||
− | {{definition|Vulnerability: Weakness in an information system, system security procedures, internal controls, or implementation that could be exploited or triggered by a [[threat]] source. Is a weakness in a system, application, or network that is subject to exploitation or misuse. <ref>[http://www.dnd.gov.ph/miss/PDF/downloadables/Cybersecurity%20Glossary%20(Edited).pdf DND GLOSSARY OF CYBER SECURITY TERMS (v.4)]</ref>}}<br/><br/> | + | {{definition|Vulnerability: Weakness in an information system, system security procedures, internal controls, or implementation that could be exploited or triggered by a [[threat]] source. Is a weakness in a system, application, or network that is subject to exploitation or misuse. <ref>[http://www.dnd.gov.ph/miss/PDF/downloadables/Cybersecurity%20Glossary%20(Edited).pdf DND GLOSSARY OF CYBER SECURITY TERMS (v.4)]</ref>}}<br/> |
+ | {{definition|Vulnerability: A flaw or weaknesses that can leave it open to attack. T <ref>[https://digital.nhs.uk/services/data-and-cyber-security-protecting-information-and-data-in-health-and-care/cyber-and-data-security-policy-and-good-practice-in-health-and-care/cyber-and-data-security-resources/cyber-security-glossary NHS Cyber security glossary]</ref>}}his could be a technical, procedural or physical vulnerability that can leave systems, devices, data, information, physical infrastructure or personnel exposed to a threat. <br/><br/> | ||
+ | |||
+ | ==== [[Poland]] ==== | ||
+ | {{definition|Podatność – właściwość systemu informacyjnego, która może być wykorzystana przez zagrożenie [[Cyber Security|cyberbezpieczeństwa]]. <ref name=Poland>[http://bip.kprm.gov.pl/download/75/30991/RM-10-64-18.pdf U S TAWA z dnia o krajowym systemie cyberbezpieczeństwa / Polish (draft) law on the national cybersecurity system (2018)]</ref>}}<br /> | ||
+ | |||
====[[Portugal]] ==== | ====[[Portugal]] ==== | ||
− | {{definition|[Definição] Vulnerabilidade: (1) Insuficiência, seja de que natureza for, que possa ser explorada por uma ou mais ameaças. A vulnerabilidade pode consistir numa omissão ou estar relacionada com uma insuficiência dos controlos no que se refere ao rigor, coerência ou exaustividade destes últimos, podendo ser de natureza técnica, processual, material, organizativa ou operacional; (2) Fraqueza de um sistema informático, revelada por um exame à sua segurança (por exemplo, devido a falhas na análise, conceção, implementação ou operação), que se traduz por uma incapacidade de fazer frente às ameaças informáticas que pesam sobre ele. <ref>[https://www.cncs.gov.pt/recursos/glossario/ Glossário Centro National de Cibersegurança Portugal]</ref>}}<br /><br/> | + | {{definition|[Definição] Vulnerabilidade: (1) Insuficiência, seja de que natureza for, que possa ser explorada por uma ou mais ameaças. A vulnerabilidade pode consistir numa omissão ou estar relacionada com uma insuficiência dos controlos no que se refere ao rigor, coerência ou exaustividade destes últimos, podendo ser de natureza técnica, processual, material, organizativa ou operacional; (2) Fraqueza de um sistema informático, revelada por um exame à sua segurança (por exemplo, devido a falhas na análise, conceção, implementação ou operação), que se traduz por uma incapacidade de fazer frente às ameaças informáticas que pesam sobre ele. <ref>[https://www.cncs.gov.pt/recursos/glossario/ Glossário Centro National de Cibersegurança Portugal]</ref>}}<br /> |
+ | {{definition|Vulnerabilidade: Fraqueza de um ativo ou de um controlo que pode ser explorada por uma ameaça. <ref>[https://www.cncs.gov.pt/content/files/cncs_qnrcs_2019.pdf Quadro Nacional de Referência para a Cibersegurança]</ref>}}<br/><br/> | ||
==== [[Republic of Trinidad & Tobago]] ==== | ==== [[Republic of Trinidad & Tobago]] ==== | ||
Line 163: | Line 231: | ||
==== [[Rwanda]] ==== | ==== [[Rwanda]] ==== | ||
{{definition|Vulnerability The degree to which a system is susceptible to, and unable to cope with, adverse effects of [[Climate Change|climate change]], including climate variability and extremes. <ref>[http://www.rema.gov.rw/fileadmin/templates/Documents/rema_doc/CC%20depart/Climate%20change%20vulnerability_RwandaBaseline.pdf BASELINE CLIMATE CHANGE VULNERABILITY INDEX FOR RWANDA 2015]</ref>}}Vulnerability is a function of the character, magnitude, and rate of climate change and variation to which a system is exposed, its sensitivity, and its adaptive capacity (Parry et al, 2007) (GIZ).<br /><br/> | {{definition|Vulnerability The degree to which a system is susceptible to, and unable to cope with, adverse effects of [[Climate Change|climate change]], including climate variability and extremes. <ref>[http://www.rema.gov.rw/fileadmin/templates/Documents/rema_doc/CC%20depart/Climate%20change%20vulnerability_RwandaBaseline.pdf BASELINE CLIMATE CHANGE VULNERABILITY INDEX FOR RWANDA 2015]</ref>}}Vulnerability is a function of the character, magnitude, and rate of climate change and variation to which a system is exposed, its sensitivity, and its adaptive capacity (Parry et al, 2007) (GIZ).<br /><br/> | ||
− | + | ==== [[Saint Lucia]] ==== | |
+ | {{definition|Vulnerability: The conditions determined by physical, social, economic, and environmental factors or processes, which increase the susceptibility of a community to the impact of hazards (from: ISDR). <ref>[http://www.nemo.gov.lc/DRRProfile.pdf Disaster Risk Reduction Country Profile for Saint Lucia: August 2012]</ref>}}<br/> | ||
+ | {{definition|Vulnerability: The extent to which a community, structure, service, or geographic area is likely to be damaged or disrupted by the impact of a particular hazard. <ref>[http://archive.stlucia.gov.lc/nemp/policies/DMPolicyFramework.pdf Government of Saint Lucia Disaster Management Policy Framework for Saint Lucia, 2004]</ref>}}<br/><br /> | ||
+ | ==== [[Senegal]] ==== | ||
+ | {{definition|Vulnérabilité : une faiblesse dans un système informatique permettant à un attaquant de porter atteinte à l'intégrité de ce système, c'est-à-dire à son fonctionnement normal, à la [[Confidentiality|confidentialité]] ou à [[Integrity|l'intégrité]] des données qu'il contient. <ref>[http://www.numerique.gouv.sn/sites/default/files/SNC2022-vf.pdf STRATÉGIE NATIONALE DE CYBERSÉCURITÉ DU SÉNÉGAL (SNC2022)]</ref>}}<br/><br /> | ||
==== [[Slovakia]] ==== | ==== [[Slovakia]] ==== | ||
{{definition|Zraniteľnosť: Komplexná vlastnosť odrážajúca slabé miesta systému, jeho zníženú odolnosť proti možnému narušeniu jeho funkcie, poškodeniu alebo zničeniu. <ref>[http://archiv.vlada.gov.sk/old.uv/data/files/2365.doc BEZPEČNOSTNÁ RADA SLOVENSKEJ REPUBLIKY]</ref>}}Vyjadruje mieru poškodenia systému v prípade vzniku nebezpečného javu.<br/><br/> | {{definition|Zraniteľnosť: Komplexná vlastnosť odrážajúca slabé miesta systému, jeho zníženú odolnosť proti možnému narušeniu jeho funkcie, poškodeniu alebo zničeniu. <ref>[http://archiv.vlada.gov.sk/old.uv/data/files/2365.doc BEZPEČNOSTNÁ RADA SLOVENSKEJ REPUBLIKY]</ref>}}Vyjadruje mieru poškodenia systému v prípade vzniku nebezpečného javu.<br/><br/> | ||
+ | ==== [[South Africa]] ==== | ||
+ | {{definition|Vulnerability can be seen as, the ability a person or community has, to predict, cope with, or avoid and recover from, the consequences of a [[hazard]] or [[disaster]]. <ref>[https://www.westerncape.gov.za/general-publication/disaster-management-definitions Disaster Management Definitions Western Cape Government]</ref>}}Marginalised, poorer and over-populated communities are more vulnerable and less able to cope with disasters.<br/><br/> | ||
+ | ==== [[Spain]] ==== | ||
+ | {{definition|Vulnerabilidad (Vulnerability): (OTAN) Una debilidad, atributo o falta de control que permitiría o facilitaría la actuación de una amenaza contra información clasificada OTAN o los servicios y recursos que la soportan. <ref>[https://publicaciones.defensa.gob.es/media/downloadable/files/links/c/e/ce_149.pdf CIBERSEGURIDAD. RETOS Y AMENAZAS A LA SEGURIDAD NACIONAL EN EL CIBERESPACIO, MINISTERIO DE DEFENSA (2010)]</ref>}}<br/> | ||
+ | {{definition|Vulnerabilidad: Una debilidad que puede ser aprovechada por una amenaza. <ref>[https://publicaciones.defensa.gob.es/media/downloadable/files/links/c/e/ce_149.pdf CIBERSEGURIDAD. RETOS Y AMENAZAS A LA SEGURIDAD NACIONAL EN EL CIBERESPACIO, MINISTERIO DE DEFENSA (2010)]</ref>}}<br/><br/> | ||
==== [[Switzerland]] ==== | ==== [[Switzerland]] ==== | ||
{{definition|A loophole or bug in hardware or software through which attackers can access a system. <ref>[http://www.melani.admin.ch/glossar/index.html?action=id&id=22&lang=en Melani Glossary (n.d.)]</ref>}}(CIIP/ICT-based definition) | {{definition|A loophole or bug in hardware or software through which attackers can access a system. <ref>[http://www.melani.admin.ch/glossar/index.html?action=id&id=22&lang=en Melani Glossary (n.d.)]</ref>}}(CIIP/ICT-based definition) | ||
− | <br /> | + | <br /><br/> |
+ | ==== [[Tanzania]] ==== | ||
+ | {{definition|Vulnerability: refers to social and material conditions derived from characteristics of individuals and groups that make them susceptible to harm and loss from environmental hazards and that constrain their ability to cope with the adversities of disasters. <ref>[http://www.vpo.go.tz/modules/environment/index.php%3Faction%3Ddownloadfile%26filename%3DGUIDELINES%2520FOR%2520MANAGEMENT%2520OF%2520ENVIRONMENTAL%2520EMERGENCIES.pdf%26directory%3D7.Guidelines United Republic of Tanzania Guidelines for Management of Environmental Emergencies 2014]</ref>}}<br/><br /> | ||
+ | ==== [[Tonga]] ==== | ||
+ | {{definition|Vulnerability: The degree of sensitivity to the [[impact]] of [[Hazard|hazards]]. <ref>[https://www.climatechange.gov.to/glossary/letter_a Tonga climate change ministry glossary]</ref>}}<br/><br /> | ||
+ | |||
+ | |||
+ | ==== [[United Arab Emirates]] ==== | ||
+ | {{definition|Vulnerability: The susceptibility of a target to be effected by a [[threat]]. <ref>[http://www.upc.gov.ae/sspm/common/docs/SSPM-UPC-Eng.pdf Abu Dhabi Safety and Security Planning Manual]</ref>}}<br/><br /> | ||
+ | |||
====[[United Kingdom|United Kingdom (UK)]]==== | ====[[United Kingdom|United Kingdom (UK)]]==== | ||
{{definition|(cyber) Vulnerability is bugs in software programs that have the potential to be exploited by attackers. <ref>[https://www.gov.uk/government/uploads/system/uploads/attachment_data/file/564268/national_cyber_security_strategy.pdf National Cyber Security Strategy 2016, HM Government]</ref>}}<br/> | {{definition|(cyber) Vulnerability is bugs in software programs that have the potential to be exploited by attackers. <ref>[https://www.gov.uk/government/uploads/system/uploads/attachment_data/file/564268/national_cyber_security_strategy.pdf National Cyber Security Strategy 2016, HM Government]</ref>}}<br/> | ||
− | |||
{{definition|Vulnerability is the degree to which an individual or a system is susceptible to adverse effects. In this context, the adverse effects of [[Climate Change|climate change]], including [[Extreme Weather Event (EWE)|extreme events]]. <ref>[https://www.gov.uk/government/publications/emergency-responder-interoperability-lexicon Cabinet Office, Lexicon of UK Civil Protection Terminology, Version 2.1.1, February 2013]</ref>}} Vulnerability is influenced by the system’s sensitivity and its adaptive capacity, as well as the magnitude of the change.<br/><br/> | {{definition|Vulnerability is the degree to which an individual or a system is susceptible to adverse effects. In this context, the adverse effects of [[Climate Change|climate change]], including [[Extreme Weather Event (EWE)|extreme events]]. <ref>[https://www.gov.uk/government/publications/emergency-responder-interoperability-lexicon Cabinet Office, Lexicon of UK Civil Protection Terminology, Version 2.1.1, February 2013]</ref>}} Vulnerability is influenced by the system’s sensitivity and its adaptive capacity, as well as the magnitude of the change.<br/><br/> | ||
− | {{definition|Vulnerability is susceptibility of individuals or community, services or infrastructure to damage or harm arising from an emergency or other incident. <ref>[http://www.gov.uk/government/uploads/system/uploads/attachment_data/file/128797/LEXICON_v2_1_1-Feb-2013.xls UK Civil Protection Lexicon 2013]</ref>}}<br/><br/> | + | {{definition|Vulnerability is susceptibility of individuals or community, services or infrastructure to damage or harm arising from an emergency or other incident. <ref>[http://www.gov.uk/government/uploads/system/uploads/attachment_data/file/128797/LEXICON_v2_1_1-Feb-2013.xls UK Civil Protection Lexicon 2013]</ref>}}<br/> |
+ | {{definition|Vulnerability: refers to the magnitude of harm that would result from a particular hazardous event. <ref>[http://www.oecd.org/env/cc/36736773.pdf ADAPTATION TO CLIMATE CHANGE: KEY TERMS, E. Levina and D. Terpak, OECD (2006) - derived from (UKCIP, 2003).]</ref>}}The concept recognises, for example, that different sub-types of a receptor may differ in their sensitivity to a particular level of hazard.<br/><br/> | ||
+ | {{definition|Vulnerability: A weakness (for example, systematic, procedural, physical or technical) of an [[Asset|asset]], or group of assets, that can be exploited by one or more [[Threat|threats]]. <ref>[https://www.gov.uk/government/uploads/system/uploads/attachment_data/file/642598/cyber-security-code-of-practice-for-ships.pdf Code of Practice Cyber Security for Ships, DSTL (2017)]</ref>}} | ||
+ | ===== [[Bermuda]] ===== | ||
+ | {{definition|Vulnerability: bugs in software programmes that have the potential to be exploited by attackers. <ref>[https://www.gov.bm/sites/default/files/10999-National-Cybersecurity-Strategy.pdf National Cyber Security Strategy 2018-2022]</ref>}}<br /><br /> | ||
==== [[United States]] ==== | ==== [[United States]] ==== | ||
Line 183: | Line 272: | ||
===== [[DoD]]===== | ===== [[DoD]]===== | ||
− | {{definition|Vulnerability: <br/>1. The susceptibility of a nation or military force to any action by any means through which its war potential or combat effectiveness may be reduced or its will to fight diminished. (JP 3-01) <br/>2. The characteristics of a system that cause it to suffer a definite degradation (incapability to perform the designated mission) as a result of having been subjected to a certain level of effects in an unnatural (man-made) hostile environment. (JP 3-60) <br/>3. In information operations, a weakness in information system security design, procedures, implementation, or internal controls that could be exploited to gain unauthorized access to information or an information system (source: JP 3-13). <ref>[http://www.dtic.mil/doctrine/new_pubs/jp1_02.pdf Joint Publication 1-02: Department of Defense Dictionary of Military and Associated Terms (2016)]</ref>}}<br/><br /> | + | {{definition|Vulnerability: <br/>1. The susceptibility of a nation or military force to any action by any means through which its war potential or combat effectiveness may be reduced or its will to fight diminished. (JP 3-01) <br/>2. The characteristics of a system that cause it to suffer a definite degradation (incapability to perform the designated mission) as a result of having been subjected to a certain level of effects in an unnatural (man-made) hostile environment. (JP 3-60) <br/>3. In information operations, a weakness in information system security design, procedures, implementation, or internal controls that could be exploited to gain unauthorized access to information or an information system (source: JP 3-13). <ref>[http://www.dtic.mil/doctrine/new_pubs/jp1_02.pdf Joint Publication 1-02: Department of Defense Dictionary of Military and Associated Terms (2016)]</ref>}}<br/> |
+ | |||
+ | =====[[US-CERT]]===== | ||
+ | {{definition|Vulnerability: A characteristic of design, location, security posture, operation, or any combination thereof that renders an [[asset]], [[system]], network, or entity susceptible to disruption, destruction, or exploitation. <ref name="USCERT">[https://www.us-cert.gov/sites/default/files/c3vp/csc-crr-method-description-and-user-guide.pdf Cyber Resilience Review (CRR): Method Description and Self-Assessment User Guide (2016)]</ref>}}<br /><br/> | ||
+ | |||
+ | ==== [[Vietnam]] ==== | ||
+ | {{definition|Khả năng bị tổn thương – Vulnerability: Là mức độ mà một hệ thống (tự nhiên, xã hội, kinh tế) có thể bị tổn thương do biến đổi khí hậu hoặc không óc khả năng thích ứng với những tác động bất lợi của BDKH. <ref>[http://ccco.danang.gov.vn/98_134_869/Cac_khai_niem,_thuat_ngu_ve_bien_doi_khi_hau.aspx Văn phòng thuộc Ban chỉ đạo Ứng phó biến đổi khí hậu và nước biển dâng thành phố Đà Nẵng/Các khái niệm, thuật ngữ về biến đổi khí hậu]</ref>}}<br/><br/> | ||
===Other Definitions=== | ===Other Definitions=== | ||
Line 192: | Line 287: | ||
==== [[Scotland]] ==== | ==== [[Scotland]] ==== | ||
{{definition|Vulnerability is the degree to which a system is susceptible to, and unable to cope with, adverse effects of climate change, including climate variability and extremes. <ref>[http://www.gov.scot/Publications/2009/04/23145206/8 Preparing for a Changing Climate: Second Consultation to Inform Scotland's Climate Change Adaptation Framework]</ref>}}Vulnerability is a function of the character, magnitude, and rate of climate change and variation to which a system is exposed, its sensitivity, and its adaptive capacity. <br/><br/> | {{definition|Vulnerability is the degree to which a system is susceptible to, and unable to cope with, adverse effects of climate change, including climate variability and extremes. <ref>[http://www.gov.scot/Publications/2009/04/23145206/8 Preparing for a Changing Climate: Second Consultation to Inform Scotland's Climate Change Adaptation Framework]</ref>}}Vulnerability is a function of the character, magnitude, and rate of climate change and variation to which a system is exposed, its sensitivity, and its adaptive capacity. <br/><br/> | ||
+ | ====Academic==== | ||
+ | {{definition|Vulnerability –The degree to which an individual, group or system is susceptible to harm due to exposure to a hazard or stress, and the (in)ability to cope, recover, or fundamentally adapt (become a new system or become extinct). <ref>[http://www.oecd.org/env/cc/36736773.pdf ADAPTATION TO CLIMATE CHANGE: KEY TERMS, E. Levina and D. Terpak, OECD (2006) - derived from (Tompkins, E., 2005)]</ref>}}<br /><br/> | ||
+ | |||
===Standard Definition=== | ===Standard Definition=== | ||
====[[IETF]]==== | ====[[IETF]]==== | ||
Line 202: | Line 300: | ||
{{definition|Weakness of software, hardware, or online service that can be exploited. <ref> [https://www.iso.org/obp/ui/#iso:std:iso-iec:29147:ed-1:v1:en ISO/IEC 29147:2014, Information technology -- Security techniques -- Vulnerability disclosure]</ref>}}<br/> | {{definition|Weakness of software, hardware, or online service that can be exploited. <ref> [https://www.iso.org/obp/ui/#iso:std:iso-iec:29147:ed-1:v1:en ISO/IEC 29147:2014, Information technology -- Security techniques -- Vulnerability disclosure]</ref>}}<br/> | ||
+ | === [[Dictionary]]=== | ||
+ | {{definition|Kwetsbaarheid: Fout in een digitaal systeem waardoor een aanvaller in het systeem kan komen. De aanvaller kan vervolgens bij informatie of toepassingen in het systeem komen, terwijl hij dat niet mag. Of de aanvaller zorgt ervoor dat de gebruiker niet meer bij deze informatie kan komen. Of de toepassing niet meer kan gebruiken. <ref>[https://www.cybersecurityalliantie.nl/ecp_images/2021/12/Cybersecurity-Woordenboek-2021_ZonderSpreads.pdf Cybersecurity Woordenboek 2021]</ref>}}<br/><br/> | ||
+ | {{#set:defined by=Dictionary}} | ||
==See also== | ==See also== | ||
* [[Exposure]] | * [[Exposure]] | ||
Line 207: | Line 308: | ||
* [[Risk]] | * [[Risk]] | ||
* [[Threat]] | * [[Threat]] | ||
+ | * [[Vulnerability Index]] | ||
==Notes== | ==Notes== | ||
− | |||
− | |||
==References== | ==References== | ||
− | + | <references /> | |
+ | | | ||
− | [[Category:Risk]][[Category:Infrastructure]][[Category:Policy]][[Category:CIPRNet-Glossary]] | + | [[Category:Risk]][[Category:Infrastructure]][[Category:Policy]][[Category:CIPRNet-Glossary]][[Category:Vulnerability]] |
− | {{#set:defined by=EU|defined by=ENISA|defined by=IAEA| | + | {{#set:defined by=EU|defined by=ENISA|defined by=IAEA|defined by=IPCC|defined by=ITU-T|defined by=NATO|defined by=UNISDR|defined by=UNDHA|defined by=EM-DAT|defined by=Argentina|defined by=Australia|defined by=Belgium|defined by=Bermuda|defined by=Bosnia and Herzegovina|defined by=Brazil|defined by=Burkina-Faso|defined by=Cameroon|defined by=Canada|defined by=Cape Verde|defined by=Chile|defined by=Colombia|defined by=Cuba|defined by=Czech Republic|defined by=Dominican Republic|defined by=El Salvador|defined by=Eswatinidefined by=France|defined by=Gambia|defined by=Germany|defined by=Hong Kong|defined by=Guatemala|defined by=India|defined by=Ireland|defined by=Israel|defined by=Italy|defined by=Jamaica|defined by=Japan|defined by=Jersey|defined by=Jordan|defined by=Kingdom of Saudi Arabia|defined by=Kiribati|defined by=Kuwait|defined by=Lebanon|defined by=Luxembourg|defined by=Madagascar|defined by=Mexico|defined by=Morocco|defined by=Mozambique|defined by=Nepal|defined by=Netherlands|defined by=Nigeria|defined by=Oman|defined by=Peru|defined by=Norway|defined by=Philippines|defined by=Poland|defined by=Portugal|defined by=Republic of Trinidad & Tobago|defined by=Romania|defined by=Rwanda|defined by=Saint Lucia|defined by=Senegal|defined by=Slovakia|defined by=South Africa|defined by=Spain|defined by=Switzerland|defined by=Tanzania|defined by=Tonga|defined by=United Arab Emirates|defined by=United States|defined by=United Kingdom|defined by=Vietnam|defined by=Scotland|defined by=NIST|defined by=Ontario|defined by=ISO|defined by=IETF|defined by=Caricom|defined by=EU project|defined by=WHO|defined by=US-CERT|defined by=New South Wales}} |
− | defined by=IPCC|defined by=ITU-T|defined by=NATO|defined by=UNISDR|defined by=UNDHA|defined by=EM-DAT|defined by=Argentina|defined by=Australia|defined by=Bosnia and Herzegovina|defined by=Brazil|defined by=Burkina-Faso|defined by=Cameroon|defined by=Canada|defined by=Cape Verde|defined by=Colombia|defined by=Cuba|defined by=Czech Republic|defined by=France|defined by=Germany|defined by=Guatemala|defined by=India|defined by=Ireland|defined by=Italy|defined by=Jamaica|defined by=Japan|defined by=Jersey|defined by=Jordan|defined by=Kingdom of Saudi Arabia|defined by=Kiribati|defined by=Luxembourg|defined by=Madagascar|defined by=Mexico|defined by=Morocco|defined by=Nepal|defined by=Nigeria|defined by=Oman|defined by=Peru|defined by=Norway|defined by=Philippines|defined by=Portugal|defined by=Republic of Trinidad & Tobago|defined by=Romania|defined by=Rwanda|defined by=Slovakia|defined by=Switzerland|defined by=United States|defined by=United Kingdom|defined by=Scotland|defined by=NIST|defined by=Ontario|defined by=ISO|defined by=IETF|defined by=Caricom|defined by=EU project}} | + | {{#set: Showmainpage=Yes}} |
Latest revision as of 23:17, 10 January 2023
Contents
- 1 Definitions
- 1.1 European Definitions
- 1.2 European Project Definitions
- 1.3 Other International Definitions
- 1.4 National Definitions
- 1.4.1 Argentina
- 1.4.2 Australia
- 1.4.3 Belgium
- 1.4.4 Bosnia and Herzegovina
- 1.4.5 Brazil
- 1.4.6 Burkina-Faso
- 1.4.7 Cameroon (Cameroun)
- 1.4.8 Canada
- 1.4.9 Cape Verde
- 1.4.10 Chile
- 1.4.11 Colombia
- 1.4.12 Cuba
- 1.4.13 Czech Republic
- 1.4.14 Dominican Republic
- 1.4.15 El Salvador
- 1.4.16 Eswatini
- 1.4.17 France
- 1.4.18 Gambia
- 1.4.19 Germany
- 1.4.20 Guatemala
- 1.4.21 Hong Kong
- 1.4.22 India
- 1.4.23 Ireland
- 1.4.24 Israel
- 1.4.25 Italy
- 1.4.26 Jamaica
- 1.4.27 Japan
- 1.4.28 (States of) Jersey
- 1.4.29 Jordan
- 1.4.30 Kingdom of Saudi Arabia
- 1.4.31 Kiribati
- 1.4.32 Kuwait
- 1.4.33 Lebanon
- 1.4.34 Luxembourg
- 1.4.35 Madagascar
- 1.4.36 Mexico
- 1.4.37 Morocco
- 1.4.38 Mozambique
- 1.4.39 Nepal
- 1.4.40 Netherlands
- 1.4.41 Nigeria
- 1.4.42 Norway
- 1.4.43 Oman
- 1.4.44 Peru
- 1.4.45 Philippines
- 1.4.46 Poland
- 1.4.47 Portugal
- 1.4.48 Republic of Trinidad & Tobago
- 1.4.49 Romania
- 1.4.50 Rwanda
- 1.4.51 Saint Lucia
- 1.4.52 Senegal
- 1.4.53 Slovakia
- 1.4.54 South Africa
- 1.4.55 Spain
- 1.4.56 Switzerland
- 1.4.57 Tanzania
- 1.4.58 Tonga
- 1.4.59 United Arab Emirates
- 1.4.60 United Kingdom (UK)
- 1.4.61 United States
- 1.4.62 Vietnam
- 1.5 Other Definitions
- 1.6 Standard Definition
- 1.7 Dictionary
- 2 See also
- 3 Notes
- 4 References
Definitions
European Definitions
NIS 2
COM(2006)787
ENISA
CLIMATE-ADAPT
Vulnerability is a function of the character, magnitude, and rate of climate change and variation to which a system is exposed, its sensitivity, and its adaptive capacity.
There are different ways in which vulnerability can be framed; an inventory has been made by the Dutch Climate Changes Spatial Planning research programme.
European Project Definitions
CIPRNet project
The CIPRNet project [5] uses the following definition:
Other International Definitions
CARICOM
IAEA
(1) a physical feature or operational attribute that renders an entity, asset, system, network, facility, activity or geographic area open to exploitation or susceptible to a given threat.
(2) a weakness of an asset or control that can be exploited by a threat. [7]
IPCC
ITU-T
NATO CEP / EAPC
UNDRR
There are many aspects of vulnerability, arising from various physical, social, economic, and environmental factors. Examples may include poor design and construction of buildings, inadequate protection of assets, lack of public information and awareness, limited official recognition of risks and preparedness measures, and disregard for wise environmental management.
Vulnerability varies significantly within a community and over time. This definition identifies vulnerability as a characteristic of the element of interest (community, system or asset) which is independent of its exposure. However, in common use the word is often used more broadly to include the element’s exposure.
ويژگي و وضعيت هاي يك جامعه، نظام يا دارايي كه آن را مستعد آسيب ديدن از يك مخاطره مي كند.
UNDHA
WHO
The degree of vulnerability is determined by a combination of several factors including hazard awareness, the condition of human settlements and infrastructure, public policy and administration, and organized abilities in all fields of disaster management. Poverty is also one of the main causes of vulnerability in most parts of the world.
National Definitions
Argentina
Australia
Vulnerability is a function of the character, magnitude, and rate of climate variation to which a system is exposed, its sensitivity, and its adaptive capacity.
It depends on changes in climate as well as the sensitivity and adaptive capacity of the system or society.
New South Wales
Belgium
Bosnia and Herzegovina
U vjerovatnosnim/kvantitativnim procjenama rizika termin ugroženost izražava dio ili procenat izloženosti koji će vjerovatno biti izgubljen zbog određene opasnosti.
Brazil
Vulnerability is the intrinsic property of something resulting in susceptibility to a source of risk that can lead to an event with a result.
1. Condição intrínseca ao corpo ou sistema receptor que, em interação com a magnitude do evento ou acidente, caracteriza os efeitos adversos, medidos em termos de intensidade dos danos prováveis.
2. Relação existente entre a magnitude da ameaça, caso ela se concretize, e a intensidade do dano conseqüente.
3. Probabilidade de uma determinada comunidade ou área geográfica ser afetada por uma ameaça ou risco potencial de desastre, estabelecida a partir de estudos técnicos.
4. Corresponde ao nível de insegurança intrínseca de um cenário de desastre a um evento adverso determinado.
Vulnerabilidade é o inverso da segurança. [36]
Vulnerability:
1. Intrinsic condition to the receiving body or system which, in interaction with the magnitude of the event or accident, characterizes the adverse effects, measured in terms of the intensity of the probable damage. 2. Relation between the magnitude of the threat, case It materializes, and the intensity of the consequent damage.
3. Likelihood of a particular community or geographical area being affected by a potential threat or risk of disaster, established from technical studies.
4. It corresponds to the level of intrinsic insecurity of a disaster scenario to a particular adverse event.
Vulnerability is the inverse of security.
Burkina-Faso
Cameroon (Cameroun)
Canada
Condition ou ensemble de conditions résultant de facteurs ou de processus physiques, sociaux, économiques et environnementaux qui prédispose une collectivité à subir les effets néfastes des aléas. [39] [40]
It is a measure of how well prepared and equipped a community is to minimize the impact of or cope with hazards.
Cape Verde
Há muitos aspectos de vulnerabilidade, decorrentes de vários factores físicos, sociais, económicos e ambientais. Os exemplos podem incluir má concepção e construção de edifícios, protecção inadequada dos activos, falta de informação e de sensibilização do público, reduzido reconhecimento oficial de riscos e de medidas de preparação, e desrespeito pela gestão ambiental. A vulnerabilidade varia significativamente dentro de uma comunidade e ao longo do tempo. Esta definição identifica vulnerabilidade como uma característica do elemento em questão (comunidade, sistema, ou activo), que é independente da sua exposição.
Chile
Colombia
Cuba
Czech Republic
Vulnerability is a weak spot of an asset or control which can be made use of by a threat. [46]
Dominican Republic
La vulnerabilidad es una función del carácter, magnitud y tasa de variación (rapidez del cambio) climática a que está expuesto un sistema, su sensibilidad y su capacidad de adaptación.
El Salvador
Las diferencias de vulnerabilidad del contexto social y material expuesto ante un fenómeno peligroso determinan el carácter selectivo de la severidad de sus efectos.
Eswatini
France
Unofficial translation: propensity of an environment, a good or a person to suffer from adverse consequences as a result of an event. It does not necessarily produce damage itself.
La vulnérabilité est fonction de la nature, de l’ampleur et du rythme de la variation du climat à laquelle le système considéré est exposé, de la sensibilité de ce système et de sa capacité d’adaptation (GIEC, 2007).
Remarques : Une vulnérabilité peut être utilisée par un code d’exploitation et conduire à une intrusion dans le système.
Vulnerability: Characteristic of a supporting asset that can constitute a weakness or flaw concerning information system security. [56]
Gambia
Germany
Die Verwundbarkeit ist abhängig von der Art, dem Ausmaß und der Geschwindigkeit der Klimaänderung sowie der Schwankung, welcher das System ausgesetzt ist, seiner Empfindlichkeit und seiner Anpassungskapazität.
Vulnerability depends on a variety of factors. External factors are the nature, scale and speed of climate change and their variations. Internal factors are the sensitivity and adaptive capacity of the system in question.
Guatemala
Hong Kong
Vulnerability: A flaw or weakness in a system that could be exploited by intruders to violate the security policy. [63]
India
Ireland
Vulnerability is a function of the character, magnitude and rate of climate change and variation to which a system is exposed, its sensitivity and its adaptive capacity.
Israel
Italy
La vulnerabilità esprime il grado di perdite di un dato elemento o di una serie di elementi causato da un fenomeno di una data forza. È espressa in una scala da zero a uno, dove zero indica che non ci sono stati danni, mentre uno corrisponde alla distruzione totale.
E' espressa in scala da 0 (nessuna perdita) a 1 (perdita totale) ed è in funzione dell'intensità del fenomeno e della tipologia di elemento a rischio: V = V (I;E).
Jamaica
Vulnerability is a function of the character, magnitude, and rate of climate variation to which a system is exposed, its sensitivity, and its adaptive capacity.
Japan
(Cyber) Vulnerability is a flaw or weakness in a system's design, implementation, or operation and management that could be exploited to violate the system's security policy. [74]
(States of) Jersey
Vulnerability is a function of the character, magnitude, and rate of climate change and variation to which a system is exposed, its sensitivity, and its adaptive capacity.
Jordan
Kingdom of Saudi Arabia
Kiribati
Vulnerability: The extent to which an ecosystem or organization can cope with the negative impacts of climate change, variability and extremes.
Kuwait
Lebanon
Luxembourg
Madagascar
Les vulnérabilités peuvent être d’ordre physique, social ou comportemental et de nature principale ou secondaire. Les strategies qui réduisent la vulnérabilité, diminuent également les risques.
Mexico
La vulnerabilidad está en función del carácter, magnitud y velocidad de la variación climática al que se encuentra expuesto un sistema, su sensibilidad, y su capacidad de adaptación.
Corresponde a la predisposición o susceptibilidad física, económica, política o social que tiene una comunidad de ser afectada o de sufrir efectos adversos en caso de que se manifieste un fenómeno peligroso de origen natural, socio natural o antropogénico. Representa también las condiciones que imposibilitan o dificultan la recuperación autónoma posterior. Las diferencias de vulnerabilidad del contexto social y material expuesto ante un fenómeno peligroso determinan el carácter selectivo de la severidad de sus efectos. Sistema de condiciones y procesos resultantes de factores físicos, sociales, económicos y medioambientales que aumentan la susceptibilidad de una comunidad al impacto de los peligros.
Morocco
Vulnerability: Security flaw in a program or on a computer system.
Mozambique
Nepal
Vulnerability is a function of the character, magnitude, and rate of climate variation to which a system is exposed, its sensitivity, and its adaptive capacity.
Netherlands
Nigeria
Norway
Vulnerability: (1) The challenges a system will have to face to function when subjected to an adverse event, and challenges related to resuming normal system operation after the event has occurred. (2) The vulnerability of a system is an expression of its weaknesses and flaws and special circumstances that would increase the likelihood that threats will materialise into a security incident. [100]
A system’s vulnerability is reduced by increasing the system’s robustness. Examples of special circumstances can include size, complexity, that many stakeholders are involved, geographical distribution, frequent changes, and exposed location.
Vulnerability is a way to express the problems a system will have in functioning when it is exposed to an adverse event, as well as the problems the system will experience in resuming operations after the event has occurred. [102]
Oman
Peru
Philippines
his could be a technical, procedural or physical vulnerability that can leave systems, devices, data, information, physical infrastructure or personnel exposed to a threat.
Poland
Portugal
Republic of Trinidad & Tobago
Romania
Rwanda
Vulnerability is a function of the character, magnitude, and rate of climate change and variation to which a system is exposed, its sensitivity, and its adaptive capacity (Parry et al, 2007) (GIZ).
Saint Lucia
Senegal
Slovakia
Vyjadruje mieru poškodenia systému v prípade vzniku nebezpečného javu.
South Africa
Marginalised, poorer and over-populated communities are more vulnerable and less able to cope with disasters.
Spain
Switzerland
(CIIP/ICT-based definition)
Tanzania
Tonga
United Arab Emirates
United Kingdom (UK)
Vulnerability is influenced by the system’s sensitivity and its adaptive capacity, as well as the magnitude of the change.
The concept recognises, for example, that different sub-types of a receptor may differ in their sensitivity to a particular level of hazard.
Bermuda
United States
DHS
NIST
The document provides several definitions.
DoD
1. The susceptibility of a nation or military force to any action by any means through which its war potential or combat effectiveness may be reduced or its will to fight diminished. (JP 3-01)
2. The characteristics of a system that cause it to suffer a definite degradation (incapability to perform the designated mission) as a result of having been subjected to a certain level of effects in an unnatural (man-made) hostile environment. (JP 3-60)
3. In information operations, a weakness in information system security design, procedures, implementation, or internal controls that could be exploited to gain unauthorized access to information or an information system (source: JP 3-13). [132]
US-CERT
Vietnam
Other Definitions
EM-DAT
Ontario (Canada)
Vulnérabilité: susceptibilité d’une collectivité, d’un système ou d’un bien à subir les effets dommageables d’un danger. [136]
Scotland
Vulnerability is a function of the character, magnitude, and rate of climate change and variation to which a system is exposed, its sensitivity, and its adaptive capacity.
Academic
Standard Definition
IETF
ISO 22300:2012(en)
ISO/IEC 27000:2014
ISO/IEC 29147:2014
Dictionary
See also
Notes
References
- ↑ Directive 2022/2555 Measures for a high common level of security of network and information systems across the Union, repealing Directive (EU) 2016/1148
- ↑ EC COM(2006) 787 final, Directive of the Council on the identification and designation of European Critical Infrastructure and the assessment of the need to improve their protection, EC, Brussels 12.12.2006.
- ↑ ENISA Risk Glossary
- ↑ European Climate Adaptation Platform (CLIMATE-ADAPT) Glossary
- ↑ http://www.ciprnet.eu/
- ↑ Caribbean Disaster Emergency Management Agency (CDEMA) Regional Comprehensive Disaster Management Strategy and Results Framework 2014-2024
- ↑ IAEA - Nuclear Security Series Glossary Version 1.3 (November 2015)
- ↑ IPCC
- ↑ ITU Security in Telecommunications and Information Technology: An overview of issues and the deployment of existing ITU-T Recommendations for secure telecommunications, ITU-T, Geneva (2012) - ITU-T X-800.
- ↑ Sécurité dans les télécommunications et les technologies de l’information: Aperçu des problèmes et présentation des Recommandations UIT-T existantes sur la sécurité dans les télécommunications, ITU-T, Geneva (2012) - ITU-T X.800.
- ↑ Seguridad de las telecomunicaciones y las tecnologías de la información: Exposición general de asuntos relacionados con la seguridad de las telecomunicaciones y la aplicación de las Recomendaciones vigentes del UIT-T, ITU-T, Geneva (2012) - ITU-T X.800.
- ↑ NATO EAPC(SCEPC) lexicon 2003.
- ↑ 2009 UNISDR Terminology on Disaster Risk Reduction - English Glossary
- ↑ UNISDR glossary in French
- ↑ UNISDR glossary in Russian
- ↑ UNISDR glossary in Spanish
- ↑ UNISDR glossary in Arab
- ↑ UNISDR glossary in Bahasa
- ↑ UNISDR glossary in Malay
- ↑ UNISDR glossary in Tagalog
- ↑ UNDRR Terminology on Disaster Risk Reduction in Chinese
- ↑ Internationally agreed glossary of basic terms related to Disaster Management in Farsi
- ↑ 23.0 23.1 23.2 Internationally agreed glossary of basic terms related to Disaster Management
- ↑ WHO: Glossary of Humanitarian Terms
- ↑ Oficina Nacional de Tecnologías de Información ADMINISTRACION PUBLICA NACIONAL Disposición 3/2013 - Apruébase la “Política de Seguridad de la Información Modelo” (2013)
- ↑ Glosario Comites Emergencia Argentina
- ↑ Protective Security Policy Framework - Glossary Oct 2017
- ↑ 28.0 28.1 Australian Emergency Management Glossary, Emergency Management Australia (1998)
- ↑ Health impacts of climate change: Adaptation strategies for western Australia (2008)
- ↑ ADAPTATION TO CLIMATE CHANGE: KEY TERMS, E. Levina and D. Terpak, OECD (2006) - derived from (Australian Greenhouse Office. 2003)
- ↑ on-line glossary Stay Safe On-line
- ↑ NSW Critical Infrastructure Resilience Strategy Partner, Prepare, Provide (2018)
- ↑ [https://www.gegevensbeschermingsautoriteit.be/sites/privacycommission/files/documents/nota_beveiliging_van_persoonsgegevens.pdf Gegevensbeschermingsautoriteit]
- ↑ RADNA VERZIJA OSOBLJA KOMISIJE: Procjena rizika i mapiranje smernice za upravljanje katastrofama
- ↑ GUIA DE REFERÊNCIA PARA A SEGURANÇA DAS INFRAESTRUTURAS CRÍTICAS DA INFORMAÇÃO Versão 01 (Nov. 2010)/ ABNT NBR ISO 31000:2009: Gestão de riscos - Princípios e diretrizes. Rio de Janeiro (2009)
- ↑ GLOSSÁRIO DE DEFESA CIVIL ESTUDOS DE RISCOS E MEDICINA DE DESASTRES, Ministério da Integração Nacional, Brazil
- ↑ CIRT-BF Glossary
- ↑ LOI N°2010/012 DU 21 DECEMBRE 2010 RELATIVE A LA CYBERSECURITE ET LA CYBERCRIMINALITE AU CAMEROUN
- ↑ An Emergency Management Framework for Canada (Second Edition)
- ↑ Vocabulaire de la gestion des urgencies/Emergency Management Emergency Management Vocabulary 281 (2012)
- ↑ Avaliação das Necessidades Pós- Desastre (PDNA) ERUPÇÃO VULCÂNICA NO FOGO 2014-2015, Cape Verde
- ↑ GUÍA ANÁLISIS DE RIESGOS NATURALES PARA EL ORDENAMIENTO TERRITORIAL Subsecretaría de Desarrollo Regional y Administrativo (SUBDERE) Primera Edición, Junio 2011
- ↑ Conpes 3854 POLÍTICA NACIONAL DE SEGURIDAD DIGITAL (2016)
- ↑ Glossary of Cyber terms/Glosario de términos, Centro de Seguridad del Ciberespacio
- ↑ Výkladový slovník kybernetické bezpečnosti (2013)
- ↑ Act No. 181 of 23 July 2014 On Cyber Security and Change of Related Acts (Act on Cyber Security)
- ↑ NATIONAL COUNCIL FOR CLIMATE CHANGE AND THE CLEAN DEVELOPMENT MECHANISM -CNCCMDL, Dominican Republic
- ↑ (Draft) Ley de ciberseguridad
- ↑ Glosario de Riesgo, Ministerio de Medio Ambiente y Recursos Naturales, El Salvador
- ↑ ESWATINI NATIONAL CYBERSECURITY STRATEGY 2020 - 2025 (2020)
- ↑ INSTRUCTION GENERALE INTERMINISTERIELLE RELATIVE A LA SECURITE DES ACTIVITES D’IMPORTANCE VITALE N°6600/SGDSN/PSE/PSN du 7 janvier 2014, PREMIER MINISTRE, SECRETARIAT GENERAL DE LA DEFENSE ET DE LA SECURITE NATIONALE, Direction Protection et Sécurité de l’Etat N° NOR: PRMD1400503J
- ↑ Changement climatique: glossaire des définitions
- ↑ ANSSI Glossaire
- ↑ Revue stratégique de cyberdéfense 12 février 2018
- ↑ Méthode de classification et mesures principales, ANSSI (2014)
- ↑ Classification Method and Key Measures, ANSSI (2014)
- ↑ THE GAMBIA NATIONAL CYBERSECURITY STRATEGY (2019)
- ↑ Deutsche Anpassungsstrategie an den Klimawandel, Bundeskabinett, 17. Dezember 2008
- ↑ Combating Climate Change: The German Adaptation Strategy
- ↑ Methode für die Risikoanalyse im Bevölkerungsschutz
- ↑ Glossar, Das Bundesamt für Bevölkerungsschutz und Katastrophenhilfe (BBK)
- ↑ Plan Estratégico de Seguridad de la Nación 2016-2020, Guatemala
- ↑ Glossary for Information Security Terms/資訊保安詞彙表
- ↑ India's DGQA Cyber Security Policy (2015)
- ↑ Glossary of Meteorological Terms in Tamil
- ↑ National Disaster Management Plan (NDMP)- (2016)
- ↑ Building Resilience to Climate Change, Department of the Environment,Community and Local Government (2012)
- ↑ CERT.IL Glossary
- ↑ Dipartimento della Protezione Civile Glossario
- ↑ Dipartimento della Protezione Civile Glossario
- ↑ PROTEZIONE DELLE INFRASTRUTTURE CRITICHE INFORMATIZZATE La realtà Italiana (2004)
- ↑ GLOSSARIO DI PROTEZIONE CIVILE Regione Sicilia
- ↑ Climate Change Policy Framework for Jamaica (2015)
- ↑ RFC2828 (Japanese translation)
- ↑ States of Jersey Future-proofing Jersey: Building Resilience for the 21st Century (2015)
- ↑ The National Climate Change Policy of the Hashemite Kingdom of Jordan 2013-2020
- ↑ Developing National Information Security Strategy for the Kingdom of Saudi Arabia NISS draft 7
- ↑ Glossary - Revision to Emergency Preparedness, Cabinet Office (2012)
- ↑ Cyber Security Framework Saudi Arabian Monetary Authority Version 1.0 May 2017
- ↑ Kiribati BI-LINGUAL GLOSSARY OF CLIMATE CHANGE TERMS, Original translations by Dr Temakei Tebano & Etita Teiabauri, 2008
- ↑ Glossary Communication and Information Technology Regulatory
- ↑ Lebanon Cyber Security Strategy v2
- ↑ From French Glossary
- ↑ Glossaire
- ↑ Stratégie Nationale de Gestion des Risques et des Catastrophes – Madagascar (2014)
- ↑ Estragia Nacional de Ciberseguridad (November 2017)
- ↑ GUÍA PARA LA PRESENTACIÓN DEL ESTUDIO DE RIESGO MODALIDAD ANALISIS DE RIESGO, Mexico
- ↑ Glosario IPCC, Mexico
- ↑ El Glosario Centro Nacional de prevencion de desastres (CENAPRED)
- ↑ STRATEGIE NATIONALE EN MATIERE DE CYBERSECURITE, Morocco, 2011
- ↑ Estratégia Nacional de Segurança Cibernética de Moçambique (2021-2024)
- ↑ Climate Change and Community Based Adaptation Planning Training Manual, Government of Nepal (2015)
- ↑ Cyber Security Beeld Nederland 2020
- ↑ Cyber Security Beeld Nederland 2018
- ↑ Cybersecuritybeeld Nederland 2016 NCSC, Cyber Security Beeld Nederland 5 (2015)
- ↑ Handreiking Cybercrime (2012)
- ↑ National Cyber Security Strategy Nigeria (2014)
- ↑ DRAFT ACTION PLAN FOR IMPLEMENTATION OF THE NATIONAL CYBERSECURITY STRATEGY 2019
- ↑ Nasjonal strategi for informasjonssikkerhet (2012)
- ↑ Cyber Security Strategy for Norway (2012)
- ↑ DSB, National Risikobild 2014
- ↑ DSB, National Risk Analysis 2014
- ↑ Oman CERT Glossary
- ↑ Glosario de Términos para la Formulación de Proyectos Ambientales, Peru, 2012 / Fuente: Guía de ERA – MINAM
- ↑ DND GLOSSARY OF CYBER SECURITY TERMS (v.4)
- ↑ NHS Cyber security glossary
- ↑ U S TAWA z dnia o krajowym systemie cyberbezpieczeństwa / Polish (draft) law on the national cybersecurity system (2018)
- ↑ Glossário Centro National de Cibersegurança Portugal
- ↑ Quadro Nacional de Referência para a Cibersegurança
- ↑ Comprehensive Disaster Management Policy Framework for Trinidad and Tobago
- ↑ GLOSAR de termeni din domeniul ordinii şi siguranţei publice, MINISTERUL ADMINISTRAŢIEI ŞI INTERNELOR DIRECŢIA GENERALĂ ORGANIZARE, PLANIFICARE MISIUNI ŞI RESURSE
- ↑ BASELINE CLIMATE CHANGE VULNERABILITY INDEX FOR RWANDA 2015
- ↑ Disaster Risk Reduction Country Profile for Saint Lucia: August 2012
- ↑ Government of Saint Lucia Disaster Management Policy Framework for Saint Lucia, 2004
- ↑ STRATÉGIE NATIONALE DE CYBERSÉCURITÉ DU SÉNÉGAL (SNC2022)
- ↑ BEZPEČNOSTNÁ RADA SLOVENSKEJ REPUBLIKY
- ↑ Disaster Management Definitions Western Cape Government
- ↑ CIBERSEGURIDAD. RETOS Y AMENAZAS A LA SEGURIDAD NACIONAL EN EL CIBERESPACIO, MINISTERIO DE DEFENSA (2010)
- ↑ CIBERSEGURIDAD. RETOS Y AMENAZAS A LA SEGURIDAD NACIONAL EN EL CIBERESPACIO, MINISTERIO DE DEFENSA (2010)
- ↑ Melani Glossary (n.d.)
- ↑ United Republic of Tanzania Guidelines for Management of Environmental Emergencies 2014
- ↑ Tonga climate change ministry glossary
- ↑ Abu Dhabi Safety and Security Planning Manual
- ↑ National Cyber Security Strategy 2016, HM Government
- ↑ Cabinet Office, Lexicon of UK Civil Protection Terminology, Version 2.1.1, February 2013
- ↑ UK Civil Protection Lexicon 2013
- ↑ ADAPTATION TO CLIMATE CHANGE: KEY TERMS, E. Levina and D. Terpak, OECD (2006) - derived from (UKCIP, 2003).
- ↑ Code of Practice Cyber Security for Ships, DSTL (2017)
- ↑ National Cyber Security Strategy 2018-2022
- ↑ DHS Risk Lexicon 2010 Edition, September 2010
- ↑ NISTIR 7298 rev 2: Glossary of Key Information Security Terms, May 2013/NIST SP 800 series
- ↑ Joint Publication 1-02: Department of Defense Dictionary of Military and Associated Terms (2016)
- ↑ Cyber Resilience Review (CRR): Method Description and Self-Assessment User Guide (2016)
- ↑ Văn phòng thuộc Ban chỉ đạo Ứng phó biến đổi khí hậu và nước biển dâng thành phố Đà Nẵng/Các khái niệm, thuật ngữ về biến đổi khí hậu
- ↑ EM-DAT disaster database glossary
- ↑ 136.0 136.1 Province of Ontario’s Emergency Management Glossary of Terms
- ↑ Preparing for a Changing Climate: Second Consultation to Inform Scotland's Climate Change Adaptation Framework
- ↑ ADAPTATION TO CLIMATE CHANGE: KEY TERMS, E. Levina and D. Terpak, OECD (2006) - derived from (Tompkins, E., 2005)
- ↑ IETF RFC449 Internet Security Glossary 2
- ↑ ISO 22300:2012(en) Societal security — Terminology
- ↑ ISO/IEC 27000:2014, Information technology -- Security techniques -- Information security management systems -- Overview and vocabulary
- ↑ ISO/IEC 29147:2014, Information technology -- Security techniques -- Vulnerability disclosure
- ↑ Cybersecurity Woordenboek 2021
|