Difference between revisions of "Critical Information Infrastructure"
Jump to navigation
Jump to search
(→South Africa) |
m (→National Definitions) |
||
| Line 14: | Line 14: | ||
=== National Definitions === | === National Definitions === | ||
==== Australia ==== | ==== Australia ==== | ||
| − | {{definition|The ICT component of Critical Infrastructure is referred to as Critical Information Infrastructure (CII).<ref>[http://www.digital.vic.gov.au/wp-content/uploads/2014/07/SEC-STD-02-Critical-Information-Infrastructure-Risk-Management1.pdf Critical Information Infrastructure Risk Management, VICTORIAN GOVERNMENT CIO COUNCIL, 2012 ]</ref>}} | + | {{definition|The ICT component of Critical Infrastructure is referred to as Critical Information Infrastructure (CII). <ref>[http://www.digital.vic.gov.au/wp-content/uploads/2014/07/SEC-STD-02-Critical-Information-Infrastructure-Risk-Management1.pdf Critical Information Infrastructure Risk Management, VICTORIAN GOVERNMENT CIO COUNCIL, 2012 ]</ref>}} |
<br /> | <br /> | ||
==== Colombia ==== | ==== Colombia ==== | ||
| − | {{definition|Critical Infrastructure is the set of computers, computer systems, telecommunication networks, data and information, the destruction or interference may weaken or impact the safety of the economy, public health, or combination thereof, in a nation (Infraestructura crítica: Es el conjunto de computadores, sistemas computacionales, redes de telecomunicaciones, datos e información, cuya destrucción o interferencia puede debilitar o impactar en la seguridad de la economía, salud pública, o la combinación de ellas, en una nación)<ref>[http://www.mintic.gov.co/portal/604/articles-3510_documento.pdf Lineamientos de política para la Ciberseguridad y Ciberdefensa, Conpes 3701 (2011) based on Resolución CRC 2258 from 2009.]</ref>}} | + | {{definition|Critical Infrastructure is the set of computers, computer systems, telecommunication networks, data and information, the destruction or interference may weaken or impact the safety of the economy, public health, or combination thereof, in a nation (Infraestructura crítica: Es el conjunto de computadores, sistemas computacionales, redes de telecomunicaciones, datos e información, cuya destrucción o interferencia puede debilitar o impactar en la seguridad de la economía, salud pública, o la combinación de ellas, en una nación). <ref>[http://www.mintic.gov.co/portal/604/articles-3510_documento.pdf Lineamientos de política para la Ciberseguridad y Ciberdefensa, Conpes 3701 (2011) based on Resolución CRC 2258 from 2009.]</ref>}} |
<br /> | <br /> | ||
==== Czech Republic ==== | ==== Czech Republic ==== | ||
| − | {{definition|Within the field of cyber security, a critical infrastructure means an element or system of elements of the critical infrastructure in the sector of communication and information systems.<ref>[http://www.govcert.cz/download/nodeid-1143/ Act No. 181 of 23 July 2014 On Cyber Security and Change of Related Acts (Act on Cyber Security)]</ref>}} | + | {{definition|Within the field of cyber security, a critical infrastructure means an element or system of elements of the critical infrastructure in the sector of communication and information systems. <ref>[http://www.govcert.cz/download/nodeid-1143/ Act No. 181 of 23 July 2014 On Cyber Security and Change of Related Acts (Act on Cyber Security)]</ref>}} |
Zákonem jasně vymezený komplex informačních systémů, jejichž nefunkčnost by měla závažný dopad na bezpečnost státu, ekonomiku, veřejnou správu a zabezpečení základních životních potřeb obyvatelstva.<br /> | Zákonem jasně vymezený komplex informačních systémů, jejichž nefunkčnost by měla závažný dopad na bezpečnost státu, ekonomiku, veřejnou správu a zabezpečení základních životních potřeb obyvatelstva.<br /> | ||
==== Estonia ==== | ==== Estonia ==== | ||
| − | {{definition|Critical information infrastructure ([CII]) means information and communication [[system|systems]] whose maintenance, [[reliability]] and [[safety]] are essential for the proper functioning of a country. The critical information infrastructure is a part of the [[Critical Infrastructure|critical infrastructure]]. <ref> [https://www.ria.ee/CIIP/ Critical Information Infrastructure Protection Estonia]</ref> }} | + | {{definition|Critical information infrastructure ([CII]) means information and communication [[system|systems]] whose maintenance, [[reliability]] and [[safety]] are essential for the proper functioning of a country. The critical information infrastructure is a part of the [[Critical Infrastructure|critical infrastructure]]. <ref> [https://www.ria.ee/CIIP/ Critical Information Infrastructure Protection Estonia]</ref>}} |
<br /> | <br /> | ||
==== Finland ==== | ==== Finland ==== | ||
| − | {{definition|Critical information infrastructure refers to the structures and functions behind the information systems of the vital functions of society which electronically transmit, transfer, receive, store or otherwise process information (data).<ref>[http://www.enisa.europa.eu/activities/Resilience-and-CIIP/national-cyber-security-strategies-ncsss/FinlandsCyberSecurityStrategy.pdf Finlands' Cyber Security Strategy]</ref>}} | + | {{definition|Critical information infrastructure refers to the structures and functions behind the information systems of the vital functions of society which electronically transmit, transfer, receive, store or otherwise process information (data). <ref>[http://www.enisa.europa.eu/activities/Resilience-and-CIIP/national-cyber-security-strategies-ncsss/FinlandsCyberSecurityStrategy.pdf Finlands' Cyber Security Strategy]</ref>}} |
<br /> | <br /> | ||
| Line 41: | Line 41: | ||
Critical ICT (information) infrastructure is defined as [[Critical Infrastructure|critical infrastructure]] for electronic communications. | Critical ICT (information) infrastructure is defined as [[Critical Infrastructure|critical infrastructure]] for electronic communications. | ||
<br /> | <br /> | ||
| + | |||
==== Republic of Trinidad & Tobago ==== | ==== Republic of Trinidad & Tobago ==== | ||
| − | {{definition|Critical (information) infrastructure means computer systems, devices, networks, computer programs, computer data, so vital to the country that the incapacity or destruction of or interference with such systems and assets would have a debilitating impact on [[security]], defence or international relations of the State; or provision of services directly related to national or economic security, banking and financial services, communications infrastructure, national public health and safety, public transportation, public key infrastructure or any combination of those matters.<ref>[http://www.nationalsecurity.gov.tt/Portals/0/Pdf%20Files/National_Cyber_Security%20Strategy_Final.pdf Government of the Republic of Trinidad & Tobago, National Cyber Security Strategy (December 2012)]</ref>}} | + | {{definition|Critical (information) infrastructure means computer systems, devices, networks, computer programs, computer data, so vital to the country that the incapacity or destruction of or interference with such systems and assets would have a debilitating impact on [[security]], defence or international relations of the State; or provision of services directly related to national or economic security, banking and financial services, communications infrastructure, national public health and safety, public transportation, public key infrastructure or any combination of those matters. <ref>[http://www.nationalsecurity.gov.tt/Portals/0/Pdf%20Files/National_Cyber_Security%20Strategy_Final.pdf Government of the Republic of Trinidad & Tobago, National Cyber Security Strategy (December 2012)]</ref>}} |
<br /> | <br /> | ||
==== South Africa ==== | ==== South Africa ==== | ||
| − | {{definition|Critical Information Infrastructure means all ICT systems, data systems, data bases, networks (incl. people, buildings, facilities and processes), that are fundamental to the effective operation of the State.<ref> [http://pmg-assets.s3-website-eu-west-1.amazonaws.com/docs/100219cybersecurity.pdf South Africa Cyber Security Policy, Staatskoerant No. 32963, 10 Feb 2010]</ref>.}} | + | {{definition|Critical Information Infrastructure means all ICT systems, data systems, data bases, networks (incl. people, buildings, facilities and processes), that are fundamental to the effective operation of the State. <ref> [http://pmg-assets.s3-website-eu-west-1.amazonaws.com/docs/100219cybersecurity.pdf South Africa Cyber Security Policy, Staatskoerant No. 32963, 10 Feb 2010]</ref>.}} |
<br /> | <br /> | ||
==== Turkey ==== | ==== Turkey ==== | ||
| − | {{definition|Critical (information) infrastructure is defined as the infrastructures which host the information systems that can cause: loss of lives, large scale economic damages, or security vulnerabilities and disturbance of public order at national level when the [[confidentiality]], [[integrity]] or [[accessibility]] of the information they process is compromised.<ref> [http://www.enisa.europa.eu/activities/Resilience-and-CIIP/national-cyber-security-strategies-ncsss/TUR_NCSS.pdf Turkey's National Cyber Security Strategy and 2013-2014 Action Plan]</ref> | + | {{definition|Critical (information) infrastructure is defined as the infrastructures which host the information systems that can cause: loss of lives, large scale economic damages, or security vulnerabilities and disturbance of public order at national level when the [[confidentiality]], [[integrity]] or [[accessibility]] of the information they process is compromised. <ref> [http://www.enisa.europa.eu/activities/Resilience-and-CIIP/national-cyber-security-strategies-ncsss/TUR_NCSS.pdf Turkey's National Cyber Security Strategy and 2013-2014 Action Plan]</ref>}} |
<br /> | <br /> | ||
<!--===Standard Definition=== | <!--===Standard Definition=== | ||
Revision as of 00:26, 2 June 2015
Contents
Definitions
International Definitions
OECD
Critical information infrastructures (“CII”) should be understood as referring to those interconnected information systems and networks, the disruption or destruction of which would have serious impact on the health, safety, security, or economic well-being of citizens, or on the effective functioning of government or the economy [1].
European Definitions
Council Communication COM(2011)163 final
No definition provided [2].
National Definitions
Australia
The ICT component of Critical Infrastructure is referred to as Critical Information Infrastructure (CII). [3]
Colombia
Critical Infrastructure is the set of computers, computer systems, telecommunication networks, data and information, the destruction or interference may weaken or impact the safety of the economy, public health, or combination thereof, in a nation (Infraestructura crítica: Es el conjunto de computadores, sistemas computacionales, redes de telecomunicaciones, datos e información, cuya destrucción o interferencia puede debilitar o impactar en la seguridad de la economía, salud pública, o la combinación de ellas, en una nación). [4]
Czech Republic
Within the field of cyber security, a critical infrastructure means an element or system of elements of the critical infrastructure in the sector of communication and information systems. [5]
Zákonem jasně vymezený komplex informačních systémů, jejichž nefunkčnost by měla závažný dopad na bezpečnost státu, ekonomiku, veřejnou správu a zabezpečení základních životních potřeb obyvatelstva.
Estonia
Critical information infrastructure ([CII]) means information and communication systems whose maintenance, reliability and safety are essential for the proper functioning of a country. The critical information infrastructure is a part of the critical infrastructure. [6]
Finland
Critical information infrastructure refers to the structures and functions behind the information systems of the vital functions of society which electronically transmit, transfer, receive, store or otherwise process information (data). [7]
Lithuania
Critical information infrastructure shall mean an electronic communications network, information system or a group of information systems where an incident that occurs causes or may cause grave damage to national security, national economy or social well-being. [8]
Norway
Kritisk IKT-infrastruktur defineres som kritisk infrastruktur for elektronisk kommunikasjon. [9]
Critical ICT (information) infrastructure is defined as critical infrastructure for electronic communications.
Republic of Trinidad & Tobago
Critical (information) infrastructure means computer systems, devices, networks, computer programs, computer data, so vital to the country that the incapacity or destruction of or interference with such systems and assets would have a debilitating impact on security, defence or international relations of the State; or provision of services directly related to national or economic security, banking and financial services, communications infrastructure, national public health and safety, public transportation, public key infrastructure or any combination of those matters. [10]
South Africa
Critical Information Infrastructure means all ICT systems, data systems, data bases, networks (incl. people, buildings, facilities and processes), that are fundamental to the effective operation of the State. [11].
Turkey
Critical (information) infrastructure is defined as the infrastructures which host the information systems that can cause: loss of lives, large scale economic damages, or security vulnerabilities and disturbance of public order at national level when the confidentiality, integrity or accessibility of the information they process is compromised. [12]
See also
- Critical Information Infrastructure Protection
- Critical Infrastructure
- Critical Infrastructure Protection
Notes
- ↑ [1] OECD Recommendation of the Council on the Protection of Critical Information Infrastructures C(2008)35]
- ↑ COMMUNICATION FROM THE COMMISSION TO THE EUROPEAN PARLIAMENT, THE COUNCIL, THE EUROPEAN ECONOMIC AND SOCIAL COMMITTEE AND THE COMMITTEE OF THE REGIONS on Critical Information Infrastructure Protection ‘Achievements and next steps: towards global cyber-security’
- ↑ Critical Information Infrastructure Risk Management, VICTORIAN GOVERNMENT CIO COUNCIL, 2012
- ↑ Lineamientos de política para la Ciberseguridad y Ciberdefensa, Conpes 3701 (2011) based on Resolución CRC 2258 from 2009.
- ↑ Act No. 181 of 23 July 2014 On Cyber Security and Change of Related Acts (Act on Cyber Security)
- ↑ Critical Information Infrastructure Protection Estonia
- ↑ Finlands' Cyber Security Strategy
- ↑ GOVERNMENT OF THE REPUBLIC OF LITHUANIA RESOLUTION NO 796 of 29 June 2011 ON THE APPROVAL OF THE PROGRAMME FOR THE DEVELOPMENT OF ELECTRONIC INFORMATION SECURITY (CYBER-SECURITY) FOR 2011–2019
- ↑ Nasjonal strategi for informasjonssikkerhet (2012)
- ↑ Government of the Republic of Trinidad & Tobago, National Cyber Security Strategy (December 2012)
- ↑ South Africa Cyber Security Policy, Staatskoerant No. 32963, 10 Feb 2010
- ↑ Turkey's National Cyber Security Strategy and 2013-2014 Action Plan
