Difference between revisions of "Critical Infrastructure Information"

From CIPedia
Jump to navigation Jump to search
(Notes)
 
(10 intermediate revisions by 3 users not shown)
Line 1: Line 1:
 
==Definitions==
 
==Definitions==
 
=== European Definitions ===
 
=== European Definitions ===
==== Council Directive 2008/114/EC ====  
+
==== [[EU|Council Directive 2008/114/EC]] ====  
 
{{definition|Facts about a [[Critical Infrastructure|critical infrastructure]], which if disclosed could be used to plan and act with a view to causing [[disruption]] or [[destruction]] of critical infrastructure installations.<ref> [http://eur-lex.europa.eu/LexUriServ/LexUriServ.do?uri=OJ:L:2008:345:0075:0082:EN:PDF Council Directive 2008/114/EC of 8 December 2008 on the identification and designation of European critical infrastructures and the assessment of the need to improve their protection.]</ref>}}
 
{{definition|Facts about a [[Critical Infrastructure|critical infrastructure]], which if disclosed could be used to plan and act with a view to causing [[disruption]] or [[destruction]] of critical infrastructure installations.<ref> [http://eur-lex.europa.eu/LexUriServ/LexUriServ.do?uri=OJ:L:2008:345:0075:0082:EN:PDF Council Directive 2008/114/EC of 8 December 2008 on the identification and designation of European critical infrastructures and the assessment of the need to improve their protection.]</ref>}}
  
  
<!-- === Other International Definitions ===
+
<!-- === Other International Definitions ===  
Test test test. -->
+
--->
 +
 
 
=== National Definitions ===
 
=== National Definitions ===
<!--Test test test.-->
+
==== [[Cyprus]] ====
==== United States====
+
{{definition|Ως «ευαίσθητες πληροφορίες σχετικά με την προστασία υποδομών ζωτικής σημασίας» νοούνται στοιχεία που αφορούν υποδομές ζωτικής σημασίας, τα οποία σε περίπτωση αποκάλυψής τους θα μπορούσαν να χρησιμοποιηθούν για τον σχεδιασμό και την εκτέλεση ενεργειών με σκοπό τη διακοπή λειτουργίας ή την καταστροφή εγκαταστάσεων υποδομών ζωτικής σημασίας.<ref>[http://www.moi.gov.cy/moi/cd/cd.nsf/35BC650D97EC9A1BC2257A30002942C7/$file/%CE%9A%CE%91%CE%9D%CE%9F%CE%9D%CE%99%CE%A3%CE%9C%CE%9F%CE%99%20%CE%93%CE%99%CE%91%20%CE%95%CE%A5%CE%A1%CE%A9%CE%A0%CE%91%CE%AA%CE%9A%CE%95%CE%A3%20%CE%A5%CE%A0%CE%9F%CE%94%CE%9F%CE%9C%CE%95%CE%A3%20%CE%96%CE%A9%CE%A4%CE%99%CE%9A%CE%97%CE%A3%20%CE%A3%CE%97%CE%9C%CE%91%CE%A3%CE%99%CE%91%CE%A3%20%CE%A4%CE%9F%CE%A5%202012.pdf ΕΠΙΣΗΜΗ ΕΦΗΜΕΡΙΔΑ  ΤΗΣ ΚΥΠΡΙΑΚΗΣ ΔΗΜΟΚΡΑΤΙΑΣ]</ref>}}<br />
 +
==== [[Ethiopia]]====
 +
{{definition|''Computer based critical infrastructure'' includes [[Industrial Automation Control System|industrial control systems]], information management systems and infrastructures, cyber and telecom infrastructures, electromagnetic systems, geospatial infrastructures, military command and control infrastructures and any other infrastructures or systems that analyze, disseminate, store and retrieve information. <ref>[http://www.hopr.gov.et/c/document_library/get_file?p_l_id=114322&folderId=108383&name=DLFE-4016.pdf Federal Nagarit Gazette  Ethiopia, 2 Jan, 2014]</ref>}}<br/><br/>
 +
 
 +
==== [[Greece]] ====
 +
{{definition|Ως «ευαίσθητες πληροφορίες σχετικά με την προστασία υποδομών ζωτικής σημασίας» νοούνται στοιχεία που αφορούν υποδομές ζωτικής σημασίας, τα οποία σε περίπτωση αποκάλυψής τους θα μπορούσαν να χρησιμοποιηθούν για τον σχεδιασμό και την εκτέλεση ενεργειών με σκοπό τη διακοπή λειτουργίας ή την καταστροφή εγκαταστάσεων υποδομών ζωτικής σημασίας.<ref>[http://www.kemea.gr/documents/pd39-2011.pdf Προεδρικό Διάταγμα 39/2011 της Ελληνικής Δημοκρατίας που αφορά την προσαρμογή της ελληνικής νομοθεσίας προς τις διατάξεις τις οδηγίας 2008/114/ΕΚ του Συμβουλίου της Ευρωπαϊκής Ένωσης.]</ref><br /><br />(equals EU definition) }}<br /><br />
 +
==== [[United States]]====
 
{{definition|Information that is not customarily in the public domain and is related to the [[security]] of [[Critical Infrastructure|critical infrastructure]] or protected [[system]]s.<ref> Homeland Security Act of 2002: Critical Infrastructure Information Act, 6 U.S.C. § 131)</ref>}}
 
{{definition|Information that is not customarily in the public domain and is related to the [[security]] of [[Critical Infrastructure|critical infrastructure]] or protected [[system]]s.<ref> Homeland Security Act of 2002: Critical Infrastructure Information Act, 6 U.S.C. § 131)</ref>}}
 
CII consists of records and information concerning any of the following:  
 
CII consists of records and information concerning any of the following:  
* Actual, potential, or threatened interference with, attack on, compromise of, or incapacitation of [[critical infrastructure]] or protected systems by either physical or computer-based attack or other similar conduct (including the misuse of or unauthorized access to all types of communications and data transmission systems) that violates Federal, State, or local law; harms the interstate commerce of the United States; or threatens public health or safety.  
+
* Actual, potential, or threatened interference with, attack on, compromise of, or incapacitation of [[Critical Infrastructure|critical infrastructure]] or protected systems by either physical or computer-based attack or other similar conduct (including the misuse of or unauthorized access to all types of communications and data transmission systems) that violates Federal, State, or local law; harms the interstate commerce of the United States; or threatens public health or safety.  
* The ability of any critical infrastructure or protected system to resist such interference, compromise, or incapacitation, including any planned or past assessment, projection, or estimate of the vulnerability of [[critical infrastructure]] or a protected system, including security testing, risk evaluation, risk management planning, or risk audit.
+
* The ability of any critical infrastructure or protected system to resist such interference, compromise, or incapacitation, including any planned or past assessment, projection, or estimate of the vulnerability of [[Critical Infrastructure|critical infrastructure]] or a protected system, including security testing, risk evaluation, risk management planning, or risk audit.
* Any planned or past operational problem or solution regarding [[critical infrastructure]] or protected systems, including repair, recovery, insurance, or continuity, to the extent that it is related to such interference, compromise, or incapacitation.  
+
* Any planned or past operational problem or solution regarding [[Critical Infrastructure|critical infrastructure]] or protected systems, including repair, recovery, insurance, or continuity, to the extent that it is related to such interference, compromise, or incapacitation.  
  
  
Line 27: Line 34:
  
 
==Notes==
 
==Notes==
 +
==References==
 
<references />
 
<references />
 
<!--
 
==References==
 
* Test reference. -->
 
  
 
[[Category:Infrastructure]][[Category:Protection]][[Category:Security]]
 
[[Category:Infrastructure]][[Category:Protection]][[Category:Security]]
{{#set:defined by=EU|defined by=United States}}
+
{{#set:defined by=EU|defined by=Cyprus|defined by=Ethiopia|defined by=Greece|defined by=United States}}
 +
{{#set: Showmainpage=Yes}}

Latest revision as of 11:56, 15 August 2022

Definitions

European Definitions

Council Directive 2008/114/EC

Facts about a critical infrastructure, which if disclosed could be used to plan and act with a view to causing disruption or destruction of critical infrastructure installations.[1]


National Definitions

Cyprus

Ως «ευαίσθητες πληροφορίες σχετικά με την προστασία υποδομών ζωτικής σημασίας» νοούνται στοιχεία που αφορούν υποδομές ζωτικής σημασίας, τα οποία σε περίπτωση αποκάλυψής τους θα μπορούσαν να χρησιμοποιηθούν για τον σχεδιασμό και την εκτέλεση ενεργειών με σκοπό τη διακοπή λειτουργίας ή την καταστροφή εγκαταστάσεων υποδομών ζωτικής σημασίας.[2]


Ethiopia

Computer based critical infrastructure includes industrial control systems, information management systems and infrastructures, cyber and telecom infrastructures, electromagnetic systems, geospatial infrastructures, military command and control infrastructures and any other infrastructures or systems that analyze, disseminate, store and retrieve information. [3]



Greece

Ως «ευαίσθητες πληροφορίες σχετικά με την προστασία υποδομών ζωτικής σημασίας» νοούνται στοιχεία που αφορούν υποδομές ζωτικής σημασίας, τα οποία σε περίπτωση αποκάλυψής τους θα μπορούσαν να χρησιμοποιηθούν για τον σχεδιασμό και την εκτέλεση ενεργειών με σκοπό τη διακοπή λειτουργίας ή την καταστροφή εγκαταστάσεων υποδομών ζωτικής σημασίας.[4]

(equals EU definition)



United States

Information that is not customarily in the public domain and is related to the security of critical infrastructure or protected systems.[5]

CII consists of records and information concerning any of the following:

  • Actual, potential, or threatened interference with, attack on, compromise of, or incapacitation of critical infrastructure or protected systems by either physical or computer-based attack or other similar conduct (including the misuse of or unauthorized access to all types of communications and data transmission systems) that violates Federal, State, or local law; harms the interstate commerce of the United States; or threatens public health or safety.
  • The ability of any critical infrastructure or protected system to resist such interference, compromise, or incapacitation, including any planned or past assessment, projection, or estimate of the vulnerability of critical infrastructure or a protected system, including security testing, risk evaluation, risk management planning, or risk audit.
  • Any planned or past operational problem or solution regarding critical infrastructure or protected systems, including repair, recovery, insurance, or continuity, to the extent that it is related to such interference, compromise, or incapacitation.


See also

Notes

References