Difference between revisions of "Critical Information Infrastructure"
(→GFCE-MERIDIAN) |
(→Notes) |
||
(36 intermediate revisions by the same user not shown) | |||
Line 6: | Line 6: | ||
{{definition|No definition provided <ref>[http://eur-lex.europa.eu/LexUriServ/LexUriServ.do?uri=COM:2011:0163:FIN:EN:PDF COMMUNICATION FROM THE COMMISSION TO THE EUROPEAN PARLIAMENT, THE COUNCIL, THE EUROPEAN ECONOMIC AND SOCIAL COMMITTEE AND THE COMMITTEE OF THE REGIONS on Critical Information Infrastructure Protection ‘Achievements and next steps: towards global cyber-security’] </ref>}} | {{definition|No definition provided <ref>[http://eur-lex.europa.eu/LexUriServ/LexUriServ.do?uri=COM:2011:0163:FIN:EN:PDF COMMUNICATION FROM THE COMMISSION TO THE EUROPEAN PARLIAMENT, THE COUNCIL, THE EUROPEAN ECONOMIC AND SOCIAL COMMITTEE AND THE COMMITTEE OF THE REGIONS on Critical Information Infrastructure Protection ‘Achievements and next steps: towards global cyber-security’] </ref>}} | ||
==== Council Directive 2016/1148 ==== | ==== Council Directive 2016/1148 ==== | ||
− | {{definition|No definition provided, but addresses the cyber security of "essential" network and information systems across the Union <ref>[http://eur-lex.europa.eu/legal-content/EN/TXT/?uri=uriserv%3AOJ.L_.2016.194.01.0001.01.ENG Directive (EU) 2016/1148 of the European Parliament and of the Council of 6 July 2016 Directive (EU) 2016/1148 of the European Parliament and of the Council of 6 July 2016 (NIS Directive]</ref>}} | + | {{definition|No definition provided, but addresses the cyber security of "essential" network and information systems across the Union. <ref>[http://eur-lex.europa.eu/legal-content/EN/TXT/?uri=uriserv%3AOJ.L_.2016.194.01.0001.01.ENG Directive (EU) 2016/1148 of the European Parliament and of the Council of 6 July 2016 Directive (EU) 2016/1148 of the European Parliament and of the Council of 6 July 2016 (NIS Directive]</ref>}} |
=== Other International Definitions === | === Other International Definitions === | ||
Line 14: | Line 14: | ||
==== [[OECD]] ==== | ==== [[OECD]] ==== | ||
+ | {{definition|Critical information infrastructure (CII) - OBSOLETE TERM per December 2019; to be replaced by 'Digital Security of Critical Activities'. <ref>[https://legalinstruments.oecd.org/api/print?ids=659&Lang=en Recommendation of the Council on Digital Security of Critical Activities]</ref> <ref>[https://legalinstruments.oecd.org/api/print?ids=659&lang=fr Recommandation du Conseil sur la sécurité numérique des activités critiques]</ref>}} | ||
+ | <br/> | ||
{{definition|Critical information infrastructures (“CII”) should be understood as referring to those interconnected information systems and networks, the disruption or destruction of which would have serious impact on the health, safety, security, or economic well-being of citizens, or on the effective functioning of government or the economy. <ref>[http://www.oecd.org/sti/40825404.pdf OECD Recommendation of the Council on the Protection of Critical Information Infrastructures C(2008)35]</ref>}}<br/> | {{definition|Critical information infrastructures (“CII”) should be understood as referring to those interconnected information systems and networks, the disruption or destruction of which would have serious impact on the health, safety, security, or economic well-being of citizens, or on the effective functioning of government or the economy. <ref>[http://www.oecd.org/sti/40825404.pdf OECD Recommendation of the Council on the Protection of Critical Information Infrastructures C(2008)35]</ref>}}<br/> | ||
Line 25: | Line 27: | ||
==== [[Austria]] ==== | ==== [[Austria]] ==== | ||
{{definition|Critical information infrastructures are those infrastructures or parts thereof which are of crucial importance for ensuring important social functions. Their failure or destruction has severe effects on the health, security or the economic and social wellbeing of the population or the functioning of governmental institutions. <ref>[http://www.bmi.gv.at/cms/BMI_Service/cycer_security/130415_strategie_cybersicherheit_en_web.pdf Austrian Cyber Security Strategy, Federal Chancellery of the Republic of Austria, Vienna (2013)]</ref>}}<br /> | {{definition|Critical information infrastructures are those infrastructures or parts thereof which are of crucial importance for ensuring important social functions. Their failure or destruction has severe effects on the health, security or the economic and social wellbeing of the population or the functioning of governmental institutions. <ref>[http://www.bmi.gv.at/cms/BMI_Service/cycer_security/130415_strategie_cybersicherheit_en_web.pdf Austrian Cyber Security Strategy, Federal Chancellery of the Republic of Austria, Vienna (2013)]</ref>}}<br /> | ||
+ | ==== [[Bangladesh]] ==== | ||
+ | {{definition|“Critical Information Infrastructure” means any physical or virtual [[Information Infrastructure|information infrastructure]] declared by the government which is capable of controlling, processing, circulating or preserving any information, data or electronic information and which if it is damaged or compromised may adversely affect<br/>(i) public safety or financial security or public health, <br/>(ii) national security or national integrity or sovereignty. <ref>[https://www.cirt.gov.bd/wp-content/uploads/2018/12/Digital-Security-Act-2018-English-version.pdf Digital Security Act (2018) Bangladesh]</ref>}}<br/><br/> | ||
+ | ====[[Botswana]]==== | ||
+ | {{definition|Critical Information Infrastructure refers to the digital infrastructure whose disruption or damage negatively affects the well-functioning of the economy. <ref>[https://www.bocra.org.bw/sites/default/files/documents/approved%20botswana-national-cybersecurity-strategy.pdf National Cybersecurity Strategy (2021)]</ref>}} | ||
+ | <br/><br/> | ||
+ | |||
==== [[Brazil]] ==== | ==== [[Brazil]] ==== | ||
{{definition|Infraestruturas Críticas da Informação: subconjunto de ativos de informação que afetam diretamente a consecução e a continuidade da missão do Estado e a segurança da sociedade. <ref>[http://dsic.planalto.gov.br/documentos/publicacoes/2_Guia_SICI.pdf GUIA DE REFERÊNCIA PARA A SEGURANÇA DAS INFRAESTRUTURAS CRÍTICAS DA INFORMAÇÃO Versão 01 (Nov. 2010)/ Portaria Nº 34, de 5 de agosto de 2009. Conselho de Defesa Nacional, Secretaria Executiva (2009).]</ref><br />Critical information Infrastructures are the subset of information [[Asset|assets]] that directly affect the achievement and continuity of state mission and the safety of society.}}<br /><br/> | {{definition|Infraestruturas Críticas da Informação: subconjunto de ativos de informação que afetam diretamente a consecução e a continuidade da missão do Estado e a segurança da sociedade. <ref>[http://dsic.planalto.gov.br/documentos/publicacoes/2_Guia_SICI.pdf GUIA DE REFERÊNCIA PARA A SEGURANÇA DAS INFRAESTRUTURAS CRÍTICAS DA INFORMAÇÃO Versão 01 (Nov. 2010)/ Portaria Nº 34, de 5 de agosto de 2009. Conselho de Defesa Nacional, Secretaria Executiva (2009).]</ref><br />Critical information Infrastructures are the subset of information [[Asset|assets]] that directly affect the achievement and continuity of state mission and the safety of society.}}<br /><br/> | ||
Line 50: | Line 58: | ||
==== [[Czech Republic]] ==== | ==== [[Czech Republic]] ==== | ||
+ | {{definition|Kritická informační infrastruktura: Zákonem jasně vymezený komplex informačních systémů, jejichž nefunkčnost by měla závažný dopad na bezpečnost státu, ekonomiku, veřejnou správu a zabezpečení základních životních potřeb obyvatelstva. <ref name=CZglos>[https://www.govcert.cz/download/slovnik/vykladovy_slovnik_KB_2_vydani.pdf]</ref><br/><br/>Critical information infrastructure: Complex of information systems clearly defined by law, whose unfunctionality would result in a serious impact on state security, economy, public administration and provision of the basic daily needs of population. <ref name=CZglos>[https://www.govcert.cz/download/slovnik/vykladovy_slovnik_KB_2_vydani.pdf]</ref>}}<br/> | ||
+ | |||
{{definition|Kritickou informační infrastrukturou prvek nebo systém prvků kritické infrastruktury v odvětví komunikační a informační systémy v oblasti kybernetické bezpečnosti. <ref>[http://www.nbu.cz/download/nodeid-1384/ Zákon č. 181/2014 Sb. o kybernetické bezpečnosti a o změně souvisejících zákonů (zákon o kybernetické bezpečnosti)]</ref><br/><br/>Within the field of cyber security, a critical infrastructure means an element or system of elements of the critical infrastructure in the sector of communication and information systems. <ref>[http://www.govcert.cz/download/nodeid-1143/ Act No. 181 of 23 July 2014 On Cyber Security and Change of Related Acts (Act on Cyber Security)]</ref>}} | {{definition|Kritickou informační infrastrukturou prvek nebo systém prvků kritické infrastruktury v odvětví komunikační a informační systémy v oblasti kybernetické bezpečnosti. <ref>[http://www.nbu.cz/download/nodeid-1384/ Zákon č. 181/2014 Sb. o kybernetické bezpečnosti a o změně souvisejících zákonů (zákon o kybernetické bezpečnosti)]</ref><br/><br/>Within the field of cyber security, a critical infrastructure means an element or system of elements of the critical infrastructure in the sector of communication and information systems. <ref>[http://www.govcert.cz/download/nodeid-1143/ Act No. 181 of 23 July 2014 On Cyber Security and Change of Related Acts (Act on Cyber Security)]</ref>}} | ||
Zákonem jasně vymezený komplex informačních systémů, jejichž nefunkčnost by měla závažný dopad na bezpečnost státu, ekonomiku, veřejnou správu a zabezpečení základních životních potřeb obyvatelstva.<br /> | Zákonem jasně vymezený komplex informačních systémů, jejichž nefunkčnost by měla závažný dopad na bezpečnost státu, ekonomiku, veřejnou správu a zabezpečení základních životních potřeb obyvatelstva.<br /> | ||
Line 65: | Line 75: | ||
==== [[India]] ==== | ==== [[India]] ==== | ||
{{definition|Critical Information Infrastructure (CII) is defined as those facilities, systems or functions whose incapacity or destruction would cause a debilitating impact on national security, governance, economy and social well-being of a nation. <ref>[http://deity.gov.in/sites/upload_files/dit/files/downloads/itact2000/it_amendment_act2008.pdf Section 70(1) of the Information Technology Act Ammendment (2008)] </ref>}}<br /> | {{definition|Critical Information Infrastructure (CII) is defined as those facilities, systems or functions whose incapacity or destruction would cause a debilitating impact on national security, governance, economy and social well-being of a nation. <ref>[http://deity.gov.in/sites/upload_files/dit/files/downloads/itact2000/it_amendment_act2008.pdf Section 70(1) of the Information Technology Act Ammendment (2008)] </ref>}}<br /> | ||
− | + | ==== [[Gambia]] ==== | |
+ | {{definition|''National'' Critical Information infrastructure (NCII): Assets, data, flows or networks which are vital for achieving the services provided by the National Critical Infrastructure. <ref>[http://www.moici.gov.gm/sites/default/files/2019-09/20160726%20Gambia%20Strategy%20-%20Cybersecurity%20Strategy_final_with_Gambia_cover_page.pdf THE GAMBIA NATIONAL CYBERSECURITY STRATEGY (2019)]</ref>}}<br /><br/> | ||
==== [[Indonesia]] ==== | ==== [[Indonesia]] ==== | ||
{{definition|Infrastruktur Informasi Kritis: adalah Informasi dan data pada Sistem Elektronik dan Jaringan Sistem Elektronik yang saling terinterkoneksi yang apabila mendapatkan gangguan dan/atau kerusakan akan berdampak serius terhadap kepentingan umum, pelayanan publik, kelancaran penyelenggaraan negara, pertahanan dan keamanan Negara dan/atau perekonomian nasional. <ref>[http://dephub.go.id/public/files/uploads/posts/posts/postbody/cyber-security-ciip-sector-transportasi-07122016.pdf (presentation), 2016]</ref>}}<br/> | {{definition|Infrastruktur Informasi Kritis: adalah Informasi dan data pada Sistem Elektronik dan Jaringan Sistem Elektronik yang saling terinterkoneksi yang apabila mendapatkan gangguan dan/atau kerusakan akan berdampak serius terhadap kepentingan umum, pelayanan publik, kelancaran penyelenggaraan negara, pertahanan dan keamanan Negara dan/atau perekonomian nasional. <ref>[http://dephub.go.id/public/files/uploads/posts/posts/postbody/cyber-security-ciip-sector-transportasi-07122016.pdf (presentation), 2016]</ref>}}<br/> | ||
Line 78: | Line 89: | ||
==== [[Japan]] ==== | ==== [[Japan]] ==== | ||
{{definition|Critical Information Infrastructure (CII) is the backbone of national life and economic activities formed by businesses providing services that are extremely difficult to be substituted. If the function of the services is suspended, deteriorates or becomes unavailable, it could have a significant impact on the national life and economic activities. <ref>[http://www.nisc.go.jp/eng/pdf/actionplan_ci_eng_v3_r1.pdf The Basic Policy of Critical Information Infrastructure Protection (3rd Edition), Japan (2015)]</ref>}} | {{definition|Critical Information Infrastructure (CII) is the backbone of national life and economic activities formed by businesses providing services that are extremely difficult to be substituted. If the function of the services is suspended, deteriorates or becomes unavailable, it could have a significant impact on the national life and economic activities. <ref>[http://www.nisc.go.jp/eng/pdf/actionplan_ci_eng_v3_r1.pdf The Basic Policy of Critical Information Infrastructure Protection (3rd Edition), Japan (2015)]</ref>}} | ||
− | Japan defined the set of 13 Japanese CII sectors as <ref>[ | + | Japan defined the set of 13 Japanese CII sectors as <ref>[https://www.nisc.go.jp/active/infra/pdf/infra_rt4.pdf 重要インフラの情報セキュリティ対策に係る 第4次行動計画 (2018)]</ref>, <ref>[https://www.nisc.go.jp/eng/pdf/cs_policy_cip_eng_v4.pdf The Cybersecurity Policy for Critical Infrastructure Protection (4th Edition) / (Tentative Translation) 2018]</ref>: |
− | # | + | # Information and communication services (情報通信) |
− | # | + | # Financial services (金融) |
− | # | + | # Aviation services (航空) |
− | # | + | # Railway services (鉄道) |
− | # | + | # Electric power supply services (電力) |
− | # | + | # Gas supply services (ガス) |
− | # | + | # Government and administrative services (including local public authorities) <br/>(政府・行政サービス(地方公共団体を含む)) |
− | # | + | # Medical services (医療) |
− | # | + | # Water services (水道) |
− | # | + | # Logistics services (物流) |
− | # | + | # Chemical industries (化学) |
− | # | + | # Credit card services (クレジット) |
− | # | + | # Petroleum industries (び「石油) |
<br /> | <br /> | ||
+ | |||
+ | ==== [[Kenya]] ==== | ||
+ | {{definition|‘Critical Information Infrastructure (CII)’ refers to interconnected information systems and networks, the disruption of which would have serious impact on the economic well-being of customers, or on the effective functioning of payment service provider and the economy. <ref>[https://www.centralbank.go.ke/wp-content/uploads/2018/08/DRAFT-CYBER-SECURITY-GUIDELINES-FOR-PSP-AUGUST-2018.pdf GUIDELINES ON CYBERSECURITY FOR PAYMENT SERVICE PROVIDERS, AUGUST 2018]</ref>}}<br/><br/> | ||
==== [[Kosovo]] ==== | ==== [[Kosovo]] ==== | ||
{{definition|Infrastruktura kritike e informacionit (IKI) Me infrastrukturë kritike të informacionit nënkuptojmë sistemet TIK që janë infrastruktura kritike për vetveten apo që janë thelbësore për funksionimin e infrastrukturave kritike (telekomunikacioni, kompjuterët/softuerët, Interneti, satelitët etj.). <ref>[http://stikk.org/fileadmin/user_upload/Strategjia_Shteterore_per_Sigurine_Kibernetike_dhe_Plani_i_Veprimit_2016-2019.pdf Strategjia Shtetërore për Sigurinë Kibernetike dhe Plani i Veprimit 2016 – 2019]</ref><br/><br/>Critical Information Infrastructure (CII): ICT systems that are critical infrastructures for themselves or that are essential for the operation of [[Critical Infrastructure|critical infrastructures]] (telecommunications, computers/software, Internet, satellites, etc.). <ref>[http://www.kryeministri-ks.net/repository/docs/National_Cyber_Security_Strategy_and_Action_Plan_2016-2019_per_publikim_1202.pdf National Cyber Security Strategy and Action Plan 2016 – 2019 (2016)]</ref>}}<br/><br/> | {{definition|Infrastruktura kritike e informacionit (IKI) Me infrastrukturë kritike të informacionit nënkuptojmë sistemet TIK që janë infrastruktura kritike për vetveten apo që janë thelbësore për funksionimin e infrastrukturave kritike (telekomunikacioni, kompjuterët/softuerët, Interneti, satelitët etj.). <ref>[http://stikk.org/fileadmin/user_upload/Strategjia_Shteterore_per_Sigurine_Kibernetike_dhe_Plani_i_Veprimit_2016-2019.pdf Strategjia Shtetërore për Sigurinë Kibernetike dhe Plani i Veprimit 2016 – 2019]</ref><br/><br/>Critical Information Infrastructure (CII): ICT systems that are critical infrastructures for themselves or that are essential for the operation of [[Critical Infrastructure|critical infrastructures]] (telecommunications, computers/software, Internet, satellites, etc.). <ref>[http://www.kryeministri-ks.net/repository/docs/National_Cyber_Security_Strategy_and_Action_Plan_2016-2019_per_publikim_1202.pdf National Cyber Security Strategy and Action Plan 2016 – 2019 (2016)]</ref>}}<br/><br/> | ||
+ | |||
+ | ====[[Kuwait]]==== | ||
+ | {{definition|Critical Information Infrastructure (CII): the systems, services, networks and infrastructures that form a vital part of a nation's economy and society, providing essential goods and services. Their disruption or destruction would have a serious impact on vital societal functions. <ref>[https://citra.gov.kw/sites/en/Pages/Glossary.aspx Glossary Communication and Information Technology Regulatory]</ref>}}<br/><br/> | ||
+ | ====[[Kyrgyztan]]==== | ||
+ | {{definition|критическая информационная инфраструктура Кыргызской Республики - совокупность государственных информационных систем, государственных информационно-телекоммуникационных сетей и автоматизированных систем управления технологическими процессами, функционирующих в секторе государственного управления и государственных электронных услуг, области здравоохранения, транспорта, телекоммуникаций и связи, кредитно-финансовой сфере, оборонном секторе, топливной промышленности, отрасли генерации и распределения электроэнергии, пищевой промышленности и горнодобывающей промышленности. <ref>[http://cbd.minjust.gov.kg/act/view/ru-ru/15479 СТРАТЕГИЯ кибербезопасности Кыргызской Республики на 2019-2023 годы]</ref><br/><br/>Critical information infrastructure of the Kyrgyz Republic: a set of state information systems, state information and telecommunication networks and automated process control systems operating in the public administration and state electronic services, healthcare, transport, telecommunications and communications, credit and financial sector, defence sector, fuel industry, power generation and distribution, food processing industry and mining industry.}}<br/><br/> | ||
==== [[Lithuania]] ==== | ==== [[Lithuania]] ==== | ||
Line 102: | Line 121: | ||
{{definition|Critical National ''Information'' Infrastructure (CNII) is defined as those [[Asset|assets]] (real and virtual), systems and functions that are vital to the nations that their incapacity or destruction would have a devastating impact on: (1) National economic strength; Confidence that the nation's key growth area can successfully compete in global market while maintaining favourable standards of living; (2) National image; Projection of national image towards enhancing stature and sphere of influence. (3) National defence and security; guarantee sovereignty and independence whilst maintaining internal security. (4) Government capability to functions; maintain order to perform and deliver minimum essential public services. (5) Public health and safety; delivering and managing optimal health care to the citizen. <ref>[http://cnii.cybersecurity.org.my/main/index.html Malaysia (2009)]</ref>}} | {{definition|Critical National ''Information'' Infrastructure (CNII) is defined as those [[Asset|assets]] (real and virtual), systems and functions that are vital to the nations that their incapacity or destruction would have a devastating impact on: (1) National economic strength; Confidence that the nation's key growth area can successfully compete in global market while maintaining favourable standards of living; (2) National image; Projection of national image towards enhancing stature and sphere of influence. (3) National defence and security; guarantee sovereignty and independence whilst maintaining internal security. (4) Government capability to functions; maintain order to perform and deliver minimum essential public services. (5) Public health and safety; delivering and managing optimal health care to the citizen. <ref>[http://cnii.cybersecurity.org.my/main/index.html Malaysia (2009)]</ref>}} | ||
<br /> | <br /> | ||
+ | |||
==== [[Mexico]] ==== | ==== [[Mexico]] ==== | ||
{{definition|Infraestructura(s) Crítica(s) de Información (ICI). Las infraestructuras de información esenciales consideradas estratégicasporestarrelacionadasconlaprovisiónde bienes y de prestación de servicios públicos esenciales y cuya afectación pudiera comprometer la Seguridad Nacional en términos de la ley de la material. <ref>[https://www.gob.mx/cms/uploads/attachment/file/271884/Estrategia_Nacional_Ciberseguridad.pdf Estragia Nacional de Ciberseguridad (November 2017)] </ref>}}<br/><br/> | {{definition|Infraestructura(s) Crítica(s) de Información (ICI). Las infraestructuras de información esenciales consideradas estratégicasporestarrelacionadasconlaprovisiónde bienes y de prestación de servicios públicos esenciales y cuya afectación pudiera comprometer la Seguridad Nacional en términos de la ley de la material. <ref>[https://www.gob.mx/cms/uploads/attachment/file/271884/Estrategia_Nacional_Ciberseguridad.pdf Estragia Nacional de Ciberseguridad (November 2017)] </ref>}}<br/><br/> | ||
+ | ====[[North Macedonia]]==== | ||
+ | {{definition|Критична информациска инфраструктура (КИИ) - кои би Критична информациска инфраструктура ло информацискокомуникациски системи чиешто одржување, сигурност и безбедност се критични за националната безбедност, економијата, јавната безбедност и здравје. Националната критична информациска инфраструктура е дел од критична инфраструктура (КИ). <ref>[http://www.mioa.gov.mk/sites/default/files/pbl_files/documents/strategies/ns_sajber_bezbednost_2018-2022.pdf НАЦИОНАЛНА СТРАТЕГИЈА ЗА САЈБЕР БЕЗБЕДНОСТ НА РЕПУБЛИКА МАКЕДОНИЈА 2018 -2022]</ref> <ref>[http://www.mioa.gov.mk/sites/default/files/pbl_files/documents/strategies/cyber_security_strategy_macedonia_2018-2022_-_eng.pdf National Cyber Security Strategy of the Republic of Macedonia (2018)]</ref>}}<br/><br/> | ||
==== [[Norway]] ==== | ==== [[Norway]] ==== | ||
{{definition|Critical ICT infrastructure is defined as [[Critical Infrastructure|critical infrastructure]] for electronic communications. <ref>[https://www.regjeringen.no/globalassets/upload/fad/vedlegg/ikt-politikk/cyber_security_strategy_norway.pdf Cyber Security Strategy for Norway (2012)]</ref><br />Kritisk IKT-infrastruktur defineres som kritisk infrastruktur for elektronisk kommunikasjon. <ref>[https://www.regjeringen.no/globalassets/upload/fad/vedlegg/ikt-politikk/nasjonal_strategi_infosikkerhet.pdf Nasjonal strategi for informasjonssikkerhet (2012)]</ref>}}<br /><br/> | {{definition|Critical ICT infrastructure is defined as [[Critical Infrastructure|critical infrastructure]] for electronic communications. <ref>[https://www.regjeringen.no/globalassets/upload/fad/vedlegg/ikt-politikk/cyber_security_strategy_norway.pdf Cyber Security Strategy for Norway (2012)]</ref><br />Kritisk IKT-infrastruktur defineres som kritisk infrastruktur for elektronisk kommunikasjon. <ref>[https://www.regjeringen.no/globalassets/upload/fad/vedlegg/ikt-politikk/nasjonal_strategi_infosikkerhet.pdf Nasjonal strategi for informasjonssikkerhet (2012)]</ref>}}<br /><br/> | ||
+ | ==== [[Pakistan]] ==== | ||
+ | {{definition|"Critical infrastructure information system or data” means an [[Information System|information system]], program or data that supports or performs a function with respect to a [[Critical Infrastructure|critical infrastructure]]. <ref>[http://www.na.gov.pk/uploads/documents/1462252100_756.pdf AS PASSED BY THE NATIONAL ASSEMBLY A Bill to make provisions for prevention of electronic crimes]</ref>}}<br/><br/> | ||
+ | |||
==== [[Philippines]] ==== | ==== [[Philippines]] ==== | ||
{{definition|Critical ''(information)'' infrastructure refers to the computer systems, and/or networks, whether physical or virtual, and/or the computer programs, computer data and/or traffic data so vital to this country that the incapacity or destruction of or interference with such system and assets would have a debilitating impact on security, national or economic security, national public health and safety, or any combination of those matters. <ref>[http://www.gov.ph/2012/09/12/republic-act-no-10175/ Republic Act No. 10175, 2012]</ref>}}<br /> | {{definition|Critical ''(information)'' infrastructure refers to the computer systems, and/or networks, whether physical or virtual, and/or the computer programs, computer data and/or traffic data so vital to this country that the incapacity or destruction of or interference with such system and assets would have a debilitating impact on security, national or economic security, national public health and safety, or any combination of those matters. <ref>[http://www.gov.ph/2012/09/12/republic-act-no-10175/ Republic Act No. 10175, 2012]</ref>}}<br /> | ||
Line 120: | Line 145: | ||
# Identify the organization’s key core business processes and their dependency on assets owned and managed by the organization (e.g., power plant, refinery, general ledger, etc.); | # Identify the organization’s key core business processes and their dependency on assets owned and managed by the organization (e.g., power plant, refinery, general ledger, etc.); | ||
# Use impact severity table to determine an impact score for the loss/non-functioning of each key asset; and | # Use impact severity table to determine an impact score for the loss/non-functioning of each key asset; and | ||
− | # Classify all assets as critical when the criticality score is greater than twenty (20) according to the impact criteria table in <ref name=Qatar>[http://www.ictqatar.qa/en/ | + | # Classify all assets as critical when the criticality score is greater than twenty (20) according to the impact criteria table in <ref name=Qatar>[http://www.ictqatar.qa/en/cyber-security/national-cyber-security-strategy QATAR National Cyber Security Strategy (May 2014)]</ref> <ref name=Q2>[http://www.ictqatar.qa/ar/cyber-security/national-cyber-security-strategy الاستراتيجية الوطنية للأمن السيبراني QATAR National Cyber Security Strategy - Arabic version (May 2014)]</ref>. |
<br /> | <br /> | ||
+ | |||
==== [[Republic of Korea]] ==== | ==== [[Republic of Korea]] ==== | ||
{{definition|"정보통신기반시설"이라 함은 국가안전보장·행정·국방·치안·금융·통신·운송·에너지 등의 업무와 관련된 전자적 제어·관리시스템 및 「정보통신망 이용촉진 및 정보보호 등에 관한 법률」 제2조제1항제1호의 규정에 의한 정보통신망을 말한다. <ref>[http://elaw.klri.re.kr/kor_service%2FlawView.do%3Fhseq%3D17155%26lang%3DENG Act on the protection of information and communications, no. 13590 (2015)]</ref><br/><br/>The term "information and communications infrastructure" means electronic control and management system related to the national security, administration, defense, public security, finance, communications, transportation, energy, etc. and information and communications network under Article 2 (1) 1 of the Act on Promotion of Information and Communications Network Utilization and Information Protection, etc.. <ref>[http://elaw.klri.re.kr/eng_mobile%2Fviewer.do%3Fhseq%3D28812%26type%3Dpart%26key%3D43 Act on the protection of information and communications, no. 13590 (2015)]</ref>}}<br /> | {{definition|"정보통신기반시설"이라 함은 국가안전보장·행정·국방·치안·금융·통신·운송·에너지 등의 업무와 관련된 전자적 제어·관리시스템 및 「정보통신망 이용촉진 및 정보보호 등에 관한 법률」 제2조제1항제1호의 규정에 의한 정보통신망을 말한다. <ref>[http://elaw.klri.re.kr/kor_service%2FlawView.do%3Fhseq%3D17155%26lang%3DENG Act on the protection of information and communications, no. 13590 (2015)]</ref><br/><br/>The term "information and communications infrastructure" means electronic control and management system related to the national security, administration, defense, public security, finance, communications, transportation, energy, etc. and information and communications network under Article 2 (1) 1 of the Act on Promotion of Information and Communications Network Utilization and Information Protection, etc.. <ref>[http://elaw.klri.re.kr/eng_mobile%2Fviewer.do%3Fhseq%3D28812%26type%3Dpart%26key%3D43 Act on the protection of information and communications, no. 13590 (2015)]</ref>}}<br /> | ||
Line 135: | Line 161: | ||
==== [[Spain]] ==== | ==== [[Spain]] ==== | ||
''The Spanish CIP law does not make any kind of distinction between [Critical Infrastructure|CI]] and CII. The law establishes the concept of a comprehensive and integral security approach uniting the physical and [[Cyber Security|cyber security]] in one single strategy.''<br/><br/> | ''The Spanish CIP law does not make any kind of distinction between [Critical Infrastructure|CI]] and CII. The law establishes the concept of a comprehensive and integral security approach uniting the physical and [[Cyber Security|cyber security]] in one single strategy.''<br/><br/> | ||
+ | ==== [[Sri Lanka]]==== | ||
+ | {{definition|CII: the computer or computer system is necessary for the continuous delivery of essential services for the public health, public safety, privacy, economic stability, national security, international stability and for the sustainability and restoration of critical cyberspace or for any other criteria as may be prescribed and the disruption or destruction of which would likely to have serious impact on the public health, public safety, privacy, national security, international stability or on the effective functioning of the government or the economy; and the computer or computer system is located wholly or partly in Sri Lanka. <ref>[https://www.cert.gov.lk/Downloads/Cyber_Security_Bill_2019-05-22_LD_Final_Version.pdf Cyber Security bill 2019]</ref>}}<br/><br/> | ||
==== [[Turkey]] ==== | ==== [[Turkey]] ==== | ||
Line 144: | Line 172: | ||
{{definition|критична інформаційна інфраструктура - сукупність об’єктів критичної інформаційної інфраструктури; об’єкт критичної інформаційної інфраструктури - комунікаційна або технологічна система об’єкта критичної інфраструктури, кібератака на яку безпосередньо вплине на стале функціонування такого об’єкта критичної інфраструктури.<br/><br/>{machine translation} critical information infrastructure - a set of objects of critical information infrastructure; the object of critical information infrastructure - a communication or technological system of the critical infrastructure object, the cyber attack of which will directly affect the sustainable functioning of such an [[Critical Infrastructure|object of critical infrastructure]]. <ref>[http://zakon3.rada.gov.ua/laws/show/2163-viii ЗАКОН УКРАЇНИ - Про основні засади забезпечення кібербезпеки України / THE LAW OF UKRAINE: About the basic principles of providing cyber security of Ukraine 2163-19]</ref>}}<br><br> | {{definition|критична інформаційна інфраструктура - сукупність об’єктів критичної інформаційної інфраструктури; об’єкт критичної інформаційної інфраструктури - комунікаційна або технологічна система об’єкта критичної інфраструктури, кібератака на яку безпосередньо вплине на стале функціонування такого об’єкта критичної інфраструктури.<br/><br/>{machine translation} critical information infrastructure - a set of objects of critical information infrastructure; the object of critical information infrastructure - a communication or technological system of the critical infrastructure object, the cyber attack of which will directly affect the sustainable functioning of such an [[Critical Infrastructure|object of critical infrastructure]]. <ref>[http://zakon3.rada.gov.ua/laws/show/2163-viii ЗАКОН УКРАЇНИ - Про основні засади забезпечення кібербезпеки України / THE LAW OF UKRAINE: About the basic principles of providing cyber security of Ukraine 2163-19]</ref>}}<br><br> | ||
+ | ==== [[United Arab Emirates]] ==== | ||
+ | The United Arab Emirates' national information infrastructure is currently categorised by nine critical sectors <ref>[https://www.tra.gov.ae/userfiles/assets/IJP6zPkDr3.pdf الاستراتيجية الوطنية للأمن السيبراني]</ref> <ref>[https://www.tra.gov.ae/userfiles/assets/Lw3seRUaIMd.pdf Cyber Security Strategy 2019]</ref>: | ||
+ | # Energy (الطاقة) | ||
+ | # ICT (المعلومات الاتصالات وتقنية) | ||
+ | # Government (القطاع الحكومي) | ||
+ | # Electricy & Water (الكهرباء والمياه) | ||
+ | # Finance & Insurance (القطاع المالي والتأمين) | ||
+ | # Emergency Services (خدمات الطوارئ) | ||
+ | # Health Services (الخدمات الصحية) | ||
+ | # Transportation (المواصلات) | ||
+ | # Food & Agriculture (الغذاء والزراعة) | ||
+ | <br/> | ||
==== [[United Kingdom]] ==== | ==== [[United Kingdom]] ==== | ||
{{definition|Critical information infrastructure (CII) may refer to any IT systems which support key assets and services within the [[Critical National Infrastructure|national infrastructure]]. <ref>[http://www.parliament.uk/documents/post/postpn389_cyber-security-in-the-UK.pdf Cyber Security in the UK, Postnote Number 389, September 2011]</ref>}}<br/> | {{definition|Critical information infrastructure (CII) may refer to any IT systems which support key assets and services within the [[Critical National Infrastructure|national infrastructure]]. <ref>[http://www.parliament.uk/documents/post/postpn389_cyber-security-in-the-UK.pdf Cyber Security in the UK, Postnote Number 389, September 2011]</ref>}}<br/> | ||
Line 153: | Line 193: | ||
==== [[Uruguay]]==== | ==== [[Uruguay]]==== | ||
{{definition|Activos de información críticos del Estado: Son aquellos activos de información necesarios para asegurar y mantener el correcto funcionamiento de los servicios vitales para la operación del gobierno y la economía del país. <ref>[https://www.cert.uy/wps/wcm/connect/certuy/2b1721ca-ef15-4020-9dae-0b76da5fee78/Decreto+No.+451_009.pdf?MOD=AJPERES Decreto No. 451/009 item No. 3]</ref>}}<br/> | {{definition|Activos de información críticos del Estado: Son aquellos activos de información necesarios para asegurar y mantener el correcto funcionamiento de los servicios vitales para la operación del gobierno y la economía del país. <ref>[https://www.cert.uy/wps/wcm/connect/certuy/2b1721ca-ef15-4020-9dae-0b76da5fee78/Decreto+No.+451_009.pdf?MOD=AJPERES Decreto No. 451/009 item No. 3]</ref>}}<br/> | ||
+ | ==== [[Zimbabwe]]==== | ||
+ | {{definition|Critical information infrastructure means computer systems, devices, networks, computer programmes, computer data, so vital to the country that the incapacity or destruction of or interference with such systems and assets would have a debilitating impact on security, defence, economic and international affairs, public health and safety, or to essential services as defined in section 19 of the Criminal Law Code including the banking system and “critical data” shall be construed accordingly. <ref>[http://www.ictministry.gov.zw/sites/default/files/downloads/Cybercrime%20and%20%20Cybersecurity%20Bill%202017%20%20Third%20draft.%20with%20CN%27s%20additions%20Printed%20for%20CHAIRMAN%20%26%20MINISTER%20dd%209%20June%202017%20-%20MICTPCS%20comments-4.pdf Draft Cybercrime and Cyber security bill (2017)]</ref>}}<br/> | ||
+ | |||
=== Regional Definition === | === Regional Definition === | ||
Line 177: | Line 220: | ||
[[Category:Information]] | [[Category:Information]] | ||
[[Category:Infrastructure]] | [[Category:Infrastructure]] | ||
− | {{#set:defined by=EU|defined by=OECD|defined by=Albania|defined by=Australia|defined by=Austria|defined by=Brazil|defined by=Bulgaria|defined by=Chile|defined by=China|defined by=Colombia|defined by=Costa Rica|defined by=Croatia|defined by=Czech Republic|defined by=Estonia|defined by=Finland|defined by=France|defined by=Iceland|defined by=India|defined by=Indonesia|defined by=Islamic Republic of Afghanistan|defined by=Israel|defined by=Italy|defined by=Japan|defined by=Kosovo|defined by=Lithuania|defined by=Malaysia|defined by=Mexico|defined by=Norway|defined by=Philippines|defined by=Portugal|defined by=Qatar|defined by=Republic of Korea|defined by=Republic of Trinidad & Tobago|defined by=Russian Federation|defined by=Singapore|defined by=South Africa|defined by=Spain|defined by=Turkey|defined by=Uganda|defined by=Ukraine|defined by=United Kingdom|defined by=United States|defined by=DHS|defined by=Uruguay|defined by=IETF|defined by=African Union|defined by=Victoria}} | + | {{#set:defined by=EU|defined by=OECD|defined by=Albania|defined by=Australia|defined by=Austria|defined by=Bangladesh|defined by=Botswana|defined by=Brazil|defined by=Bulgaria|defined by=Chile|defined by=China|defined by=Colombia|defined by=Costa Rica|defined by=Croatia|defined by=Czech Republic|defined by=Estonia|defined by=Finland|defined by=France|defined by=Gambia|defined by=Iceland|defined by=India|defined by=Indonesia|defined by=Islamic Republic of Afghanistan|defined by=Israel|defined by=Italy|defined by=Japan|defined by=Kenya|defined by=Kosovo|defined by=Kuwait|defined by=Kyrgyztan|defined by=Lithuania|defined by=North Macedonia|defined by=Malaysia|defined by=Mexico|defined by=Norway|defined by=Pakistan|defined by=Philippines|defined by=Portugal|defined by=Qatar|defined by=Republic of Korea|defined by=Republic of Trinidad & Tobago|defined by=Russian Federation|defined by=Singapore|defined by=South Africa|defined by=Spain|defined by=Sri Lanka|defined by=Turkey|defined by=Uganda|defined by=Ukraine|defined by=United Arab Emirates|defined by=United Kingdom|defined by=United States|defined by=DHS|defined by=Uruguay|defined by=IETF|defined by=African Union|defined by=Victoria|defined by=GFCE|defined by=Zimbabwe}} |
[[Category:RESIN-Glossary]] | [[Category:RESIN-Glossary]] | ||
{{#set:defined by=OECD}} | {{#set:defined by=OECD}} | ||
+ | {{#set: Showmainpage=Yes}} |
Revision as of 23:22, 5 March 2021
Contents
- 1 Abbreviation
- 2 Definitions
- 2.1 European Definitions
- 2.2 Other International Definitions
- 2.3 National Definitions
- 2.3.1 Albania
- 2.3.2 Austria
- 2.3.3 Bangladesh
- 2.3.4 Botswana
- 2.3.5 Brazil
- 2.3.6 Bulgaria
- 2.3.7 Cambodia
- 2.3.8 Chile
- 2.3.9 China
- 2.3.10 Colombia
- 2.3.11 Costa Rica
- 2.3.12 Croatia
- 2.3.13 Czech Republic
- 2.3.14 Estonia
- 2.3.15 Finland
- 2.3.16 France
- 2.3.17 Iceland
- 2.3.18 India
- 2.3.19 Gambia
- 2.3.20 Indonesia
- 2.3.21 Islamic Republic of Afghanistan
- 2.3.22 Israel
- 2.3.23 Italy
- 2.3.24 Japan
- 2.3.25 Kenya
- 2.3.26 Kosovo
- 2.3.27 Kuwait
- 2.3.28 Kyrgyztan
- 2.3.29 Lithuania
- 2.3.30 Malaysia
- 2.3.31 Mexico
- 2.3.32 North Macedonia
- 2.3.33 Norway
- 2.3.34 Pakistan
- 2.3.35 Philippines
- 2.3.36 Portugal
- 2.3.37 Qatar
- 2.3.38 Republic of Korea
- 2.3.39 Republic of Trinidad & Tobago
- 2.3.40 Russian Federation
- 2.3.41 Singapore
- 2.3.42 South Africa
- 2.3.43 Spain
- 2.3.44 Sri Lanka
- 2.3.45 Turkey
- 2.3.46 Uganda
- 2.3.47 Ukraine
- 2.3.48 United Arab Emirates
- 2.3.49 United Kingdom
- 2.3.50 United States
- 2.3.51 Uruguay
- 2.3.52 Zimbabwe
- 2.4 Regional Definition
- 2.5 Standard Definition
- 3 See also
- 4 Notes
Abbreviation
Definitions
European Definitions
Council Communication COM(2011)163 final
Council Directive 2016/1148
Other International Definitions
African Union
OECD
GFCE-MERIDIAN
National Definitions
Albania
Austria
Bangladesh
(i) public safety or financial security or public health,
(ii) national security or national integrity or sovereignty. [10]
Botswana
Brazil
Critical information Infrastructures are the subset of information assets that directly affect the achievement and continuity of state mission and the safety of society.
Bulgaria
Критична информационна инфраструктура са както мрежите, каналите и системите за управлението и поддържането им.
Cambodia
Chile
China
The national critical information infrastructure refers to the information facilities concerning the national security, the national economy and the people's livelihood, which may seriously damage the national security and the public interest if the data is divulged, destroyed or lost, including but not limited to providing public communications, broadcasting and television transmission and other services, information networks, energy, finance, transportation, education, scientific research, water conservancy, industrial manufacturing, medical and health, social security, public utilities and other important information systems and important Internet applications.
Colombia
Infraestructura crítica: Es el conjunto de computadores, sistemas computacionales, redes de telecomunicaciones, datos e información, cuya destrucción o interferencia puede debilitar o impactar en la seguridad de la economía, salud pública, o la combinación de ellas, en una nación). [19]
Costa Rica
Croatia
Kritična komunikacijska i informacijska infrastruktura – komunikacijski i informacijski sustavi čiji bi poremećaj u funkcioniranju bitno poremetio rad pojedine ili više identificiranih nacionalnih kritičnih infrastruktura. [21]
Czech Republic
Critical information infrastructure: Complex of information systems clearly defined by law, whose unfunctionality would result in a serious impact on state security, economy, public administration and provision of the basic daily needs of population. [22]
Within the field of cyber security, a critical infrastructure means an element or system of elements of the critical infrastructure in the sector of communication and information systems. [24]
Zákonem jasně vymezený komplex informačních systémů, jejichž nefunkčnost by měla závažný dopad na bezpečnost státu, ekonomiku, veřejnou správu a zabezpečení základních životních potřeb obyvatelstva.
Estonia
The purpose of the critical information infrastructure protection (CIIP) is to maintain a trouble-free functioning of the country's essential information and communication systems under ordinary circumstances and to ensure their continuity on a minimum level during critical situations.
Finland
France
Iceland
The National Commissioner of Police further define those systems considered to be critical infrastructure.
India
Gambia
Indonesia
Islamic Republic of Afghanistan
Israel
Italy
Japan
Japan defined the set of 13 Japanese CII sectors as [37], [38]:
- Information and communication services (情報通信)
- Financial services (金融)
- Aviation services (航空)
- Railway services (鉄道)
- Electric power supply services (電力)
- Gas supply services (ガス)
- Government and administrative services (including local public authorities)
(政府・行政サービス(地方公共団体を含む)) - Medical services (医療)
- Water services (水道)
- Logistics services (物流)
- Chemical industries (化学)
- Credit card services (クレジット)
- Petroleum industries (び「石油)
Kenya
Kosovo
Critical Information Infrastructure (CII): ICT systems that are critical infrastructures for themselves or that are essential for the operation of critical infrastructures (telecommunications, computers/software, Internet, satellites, etc.). [41]
Kuwait
Kyrgyztan
Critical information infrastructure of the Kyrgyz Republic: a set of state information systems, state information and telecommunication networks and automated process control systems operating in the public administration and state electronic services, healthcare, transport, telecommunications and communications, credit and financial sector, defence sector, fuel industry, power generation and distribution, food processing industry and mining industry.
Lithuania
Ypatingos svarbos informacinė infrastruktūra – elektroninių ryšių tinklas ar jo dalis, informacinė sistema ar jos dalis, informacinių sistemų grupė ar pramoninių procesų valdymo sistema ar jos dalis, nepaisant to, ar jos valdytojas yra privatus ar viešojo administravimo subjektas, kuriuose įvykęs kibernetinis incidentas gali padaryti didelę žalą nacionaliniam saugumui, šalies ūkiui, valstybės ir visuomenės interesams. [45]
Malaysia
Mexico
North Macedonia
Norway
Kritisk IKT-infrastruktur defineres som kritisk infrastruktur for elektronisk kommunikasjon. [51]
Pakistan
Philippines
It covers any type of computer device including devices with data processing capabilities like mobile phones, smart phones, computer networks and other devices connected to the internet.
Portugal
Qatar
Criteria for being critical are:
- Identify the organization’s key core business processes and their dependency on assets owned and managed by the organization (e.g., power plant, refinery, general ledger, etc.);
- Use impact severity table to determine an impact score for the loss/non-functioning of each key asset; and
- Classify all assets as critical when the criticality score is greater than twenty (20) according to the impact criteria table in [57] [58].
Republic of Korea
The term "information and communications infrastructure" means electronic control and management system related to the national security, administration, defense, public security, finance, communications, transportation, energy, etc. and information and communications network under Article 2 (1) 1 of the Act on Promotion of Information and Communications Network Utilization and Information Protection, etc.. [60]
Republic of Trinidad & Tobago
Russian Federation
критическая информационная инфраструктура Российской Федерации - совокупность автоматизированных систем управления КВО и обеспечивающих их взаимодействие информационно- телекоммуникационных сетей, предназначенных для решения задач государственного управления, обеспечения обороноспособности, безопасности и правопорядка, нарушение (или прекращение) функционирования которых может стать причиной наступления тяжких последствий. [62]
Singapore
South Africa
Spain
The Spanish CIP law does not make any kind of distinction between [Critical Infrastructure|CI]] and CII. The law establishes the concept of a comprehensive and integral security approach uniting the physical and cyber security in one single strategy.
Sri Lanka
Turkey
Kritik altyapılar: İşlediği bilginin gizliliği, bütünlüğü veya erişilebilirliği bozulduğunda, can kaybına, büyük ölçekli ekonomik zarara, ulusal güvenlik açıklarına veya kamu düzeninin bozulmasına, yol açabilecek bilişim sistemlerini barındıran altyapıları. [67] [68]
Uganda
Ukraine
{machine translation} critical information infrastructure - a set of objects of critical information infrastructure; the object of critical information infrastructure - a communication or technological system of the critical infrastructure object, the cyber attack of which will directly affect the sustainable functioning of such an object of critical infrastructure. [70]
United Arab Emirates
The United Arab Emirates' national information infrastructure is currently categorised by nine critical sectors [71] [72]:
- Energy (الطاقة)
- ICT (المعلومات الاتصالات وتقنية)
- Government (القطاع الحكومي)
- Electricy & Water (الكهرباء والمياه)
- Finance & Insurance (القطاع المالي والتأمين)
- Emergency Services (خدمات الطوارئ)
- Health Services (الخدمات الصحية)
- Transportation (المواصلات)
- Food & Agriculture (الغذاء والزراعة)
United Kingdom
United States
DHS
Uruguay
Zimbabwe
Regional Definition
Victoria, Australia
Standard Definition
IETF
See also
- Critical Information Infrastructure Protection
- Critical Infrastructure
- Critical Infrastructure Protection
Notes
- ↑ COMMUNICATION FROM THE COMMISSION TO THE EUROPEAN PARLIAMENT, THE COUNCIL, THE EUROPEAN ECONOMIC AND SOCIAL COMMITTEE AND THE COMMITTEE OF THE REGIONS on Critical Information Infrastructure Protection ‘Achievements and next steps: towards global cyber-security’
- ↑ Directive (EU) 2016/1148 of the European Parliament and of the Council of 6 July 2016 Directive (EU) 2016/1148 of the European Parliament and of the Council of 6 July 2016 (NIS Directive
- ↑ AFRICAN UNION CONVENTION ON CYBER SECURITY AND PERSONAL DATA PROTECTION, LC12490, 27th June 2014
- ↑ Recommendation of the Council on Digital Security of Critical Activities
- ↑ Recommandation du Conseil sur la sécurité numérique des activités critiques
- ↑ OECD Recommendation of the Council on the Protection of Critical Information Infrastructures C(2008)35
- ↑ The GFCE-MERIDIAN Good Practice Guide on Critical Information Infrastructure Protection for governmental policy-makers, November 2016
- ↑ Dokumenti i Politikave për Sigurinë Kibernetike 2015 - 2017
- ↑ Austrian Cyber Security Strategy, Federal Chancellery of the Republic of Austria, Vienna (2013)
- ↑ Digital Security Act (2018) Bangladesh
- ↑ National Cybersecurity Strategy (2021)
- ↑ GUIA DE REFERÊNCIA PARA A SEGURANÇA DAS INFRAESTRUTURAS CRÍTICAS DA INFORMAÇÃO Versão 01 (Nov. 2010)/ Portaria Nº 34, de 5 de agosto de 2009. Conselho de Defesa Nacional, Secretaria Executiva (2009).
- ↑ „Кибер устойчива България 2020” - Republic of Bulgaria: national cyber security strategy "Cyber Resilient Bulgaria 2020"(2016)
- ↑ Understanding of Korean CIIP
- ↑ BASES PARA UNA POLÍTICA NACIONAL DE CIBERSEGURIDAD, MARZO DE 2015, Chile
- ↑ Chile Política Nacional de Ciberseguridad (2017)
- ↑ Chilean National Cybersecurity Policy (2017)
- ↑ 网络空间安全战略 "National cyberspace security strategy" (full text) December 2016
- ↑ Lineamientos de política para la Ciberseguridad y Ciberdefensa, Conpes 3701 (2011) based on Resolución CRC 2258 from 2009.
- ↑ Estrategia Nacional de Ciberseguridad de Costa Rica (2017)
- ↑ National Cyber Security Strategy draft (2015)
- ↑ 22.0 22.1 [1]
- ↑ Zákon č. 181/2014 Sb. o kybernetické bezpečnosti a o změně souvisejících zákonů (zákon o kybernetické bezpečnosti)
- ↑ Act No. 181 of 23 July 2014 On Cyber Security and Change of Related Acts (Act on Cyber Security)
- ↑ Critical Information Infrastructure Protection Estonia
- ↑ Finlands' Cyber Security Strategy
- ↑ ANSSI Glossaire
- ↑ Network and information security webpage
- ↑ Section 70(1) of the Information Technology Act Ammendment (2008)
- ↑ THE GAMBIA NATIONAL CYBERSECURITY STRATEGY (2019)
- ↑ (presentation), 2016
- ↑ Z.A. Hasibuan, Indonesia National Cyber Security Strategy: Security and Sovereignty in Indonesia Cyberspace (presentation), 2013
- ↑ National Cyber Security Strategy of Afghanistan (2014)
- ↑ CERT.IL Glossary
- ↑ PROTEZIONE DELLE INFRASTRUTTURE CRITICHE INFORMATIZZATE La realtà Italiana (2004)
- ↑ The Basic Policy of Critical Information Infrastructure Protection (3rd Edition), Japan (2015)
- ↑ 重要インフラの情報セキュリティ対策に係る 第4次行動計画 (2018)
- ↑ The Cybersecurity Policy for Critical Infrastructure Protection (4th Edition) / (Tentative Translation) 2018
- ↑ GUIDELINES ON CYBERSECURITY FOR PAYMENT SERVICE PROVIDERS, AUGUST 2018
- ↑ Strategjia Shtetërore për Sigurinë Kibernetike dhe Plani i Veprimit 2016 – 2019
- ↑ National Cyber Security Strategy and Action Plan 2016 – 2019 (2016)
- ↑ Glossary Communication and Information Technology Regulatory
- ↑ СТРАТЕГИЯ кибербезопасности Кыргызской Республики на 2019-2023 годы
- ↑ GOVERNMENT OF THE REPUBLIC OF LITHUANIA RESOLUTION NO 796 of 29 June 2011 ON THE APPROVAL OF THE PROGRAMME FOR THE DEVELOPMENT OF ELECTRONIC INFORMATION SECURITY (CYBER-SECURITY) FOR 2011–2019
- ↑ LIETUVOS RESPUBLIKOS KIBERNETINIO SAUGUMO ĮSTATYMAS 2014 m. gruodžio 11 d. Nr. XII-1428 Vilnius
- ↑ Malaysia (2009)
- ↑ Estragia Nacional de Ciberseguridad (November 2017)
- ↑ НАЦИОНАЛНА СТРАТЕГИЈА ЗА САЈБЕР БЕЗБЕДНОСТ НА РЕПУБЛИКА МАКЕДОНИЈА 2018 -2022
- ↑ National Cyber Security Strategy of the Republic of Macedonia (2018)
- ↑ Cyber Security Strategy for Norway (2012)
- ↑ Nasjonal strategi for informasjonssikkerhet (2012)
- ↑ AS PASSED BY THE NATIONAL ASSEMBLY A Bill to make provisions for prevention of electronic crimes
- ↑ Republic Act No. 10175, 2012
- ↑ DND GLOSSARY OF CYBER SECURITY TERMS (v.4)
- ↑ National Cyber Security Plan 2022 (May 2017)
- ↑ Glossário Centro National de Cibersegurança Portugal
- ↑ 57.0 57.1 QATAR National Cyber Security Strategy (May 2014)
- ↑ 58.0 58.1 الاستراتيجية الوطنية للأمن السيبراني QATAR National Cyber Security Strategy - Arabic version (May 2014)
- ↑ Act on the protection of information and communications, no. 13590 (2015)
- ↑ Act on the protection of information and communications, no. 13590 (2015)
- ↑ Government of the Republic of Trinidad & Tobago, National Cyber Security Strategy (December 2012)
- ↑ NATIONAL SECURITY OF RUSSIA - Information security (February 3, 2012, № 803)
- ↑ (draft) Cybersecurity Bill 2017
- ↑ South Africa Cyber Security Policy, Staatskoerant No. 32963, 10 Feb 2010
- ↑ Cyber Security bill 2019
- ↑ Turkey's National Cyber Security Strategy and 2013-2014 Action Plan
- ↑ UlUSAL SİBER GÜVENLİk STRATEJİSİ VE
- ↑ 2016-2019 ULUSAL SİBER GÜVENLİK STRATEJİSİ
- ↑ National Information Security Policy (2011)
- ↑ ЗАКОН УКРАЇНИ - Про основні засади забезпечення кібербезпеки України / THE LAW OF UKRAINE: About the basic principles of providing cyber security of Ukraine 2163-19
- ↑ الاستراتيجية الوطنية للأمن السيبراني
- ↑ Cyber Security Strategy 2019
- ↑ Cyber Security in the UK, Postnote Number 389, September 2011
- ↑ Blueprint for a secure cyber future, DHS Nov 2011
- ↑ Decreto No. 451/009 item No. 3
- ↑ Draft Cybercrime and Cyber security bill (2017)
- ↑ Critical Information Infrastructure Risk Management, VICTORIAN GOVERNMENT CIO COUNCIL, 2012
- ↑ IETF RFC449 Internet Security Glossary 2