Difference between revisions of "Critical Infrastructure Information"
Jump to navigation
Jump to search
| Line 2: | Line 2: | ||
=== European Definitions === | === European Definitions === | ||
==== Council Directive 2008/114/EC ==== | ==== Council Directive 2008/114/EC ==== | ||
| − | {{definition|Facts about a critical infrastructure, which if disclosed could be used to plan and act with a view to causing disruption or destruction of critical infrastructure installations.<ref> [http://eur-lex.europa.eu/LexUriServ/LexUriServ.do?uri=OJ:L:2008:345:0075:0082:EN:PDF Council Directive 2008/114/EC of 8 December 2008 on the identification and designation of European critical infrastructures and the assessment of the need to improve their protection.]</ref>}} | + | {{definition|Facts about a [[critical infrastructure]], which if disclosed could be used to plan and act with a view to causing [[disruption]] or [[destruction]] of critical infrastructure installations.<ref> [http://eur-lex.europa.eu/LexUriServ/LexUriServ.do?uri=OJ:L:2008:345:0075:0082:EN:PDF Council Directive 2008/114/EC of 8 December 2008 on the identification and designation of European critical infrastructures and the assessment of the need to improve their protection.]</ref>}} |
| Line 10: | Line 10: | ||
<!--Test test test.--> | <!--Test test test.--> | ||
==== USA==== | ==== USA==== | ||
| − | {{definition|Information that is not customarily in the public domain and is related to the security of critical infrastructure or protected | + | {{definition|Information that is not customarily in the public domain and is related to the [[security]] of [[critical infrastructure]] or protected [[system]]s. |
CII consists of records and information concerning any of the following: | CII consists of records and information concerning any of the following: | ||
| Line 23: | Line 23: | ||
==See also== | ==See also== | ||
| + | * [[Protection]] | ||
| + | * [[Resilience]] | ||
| + | * [[Threat]] | ||
Revision as of 10:30, 17 June 2014
Contents
Definitions
European Definitions
Council Directive 2008/114/EC
Facts about a critical infrastructure, which if disclosed could be used to plan and act with a view to causing disruption or destruction of critical infrastructure installations.[1]
National Definitions
USA
Information that is not customarily in the public domain and is related to the security of critical infrastructure or protected systems.
CII consists of records and information concerning any of the following:
- Actual, potential, or threatened interference with, attack on, compromise of, or incapacitation of critical infrastructure or protected systems by either physical or computer-based attack or other similar conduct (including the misuse of or unauthorized access to all types of communications and data transmission systems) that violates Federal, State, or local law; harms the interstate commerce of the United States; or threatens public health or safety.
- The ability of any critical infrastructure or protected system to resist such interference, compromise, or incapacitation, including any planned or past assessment, projection, or estimate of the vulnerability of critical infrastructure or a protected system, including security testing, risk evaluation, risk management planning, or risk audit.
- Any planned or past operational problem or solution regarding critical infrastructure or protected systems, including repair, recovery, insurance, or continuity, to the extent that it is related to such interference, compromise, or incapacitation. (Source: CII Act of 2002, 6 U.S.C. § 131)
See also
