Difference between revisions of "Cyber Security"

From CIPedia
Jump to navigation Jump to search
(Republic of Trinidad & Tobago)
(Turkey)
Line 94: Line 94:
 
<br />
 
<br />
  
 +
==== South Africa ====
 +
{{definition|Critical Information Infrastructure means all ICT systems, data systems, dxata bases, networks (incl. people, buildings, facilities and processes), that are fundamental to the effective operation of the State.<ref> [http://pmg-assets.s3-website-eu-west-1.amazonaws.com/docs/100219cybersecurity.pdf South Africa Cyber Security Policy, Staatskoerant No. 32963, 10 Feb 2010]</ref>.}}
 +
<br />
 
==== Turkey ====
 
==== Turkey ====
 
{{definition|Cyber Security is the protection of information systems that make up the cyber space from attacks, ensuring the [[confidentiality]], [[integrity]] and [[accessibility]] of the information being processed in this space, detection of attacks and [[Cyber Security|cyber security]] [[Incident|incidents]], putting into force the countermeasures against these incidents and then putting these systems back to their states previous to the cyber security incident.<ref> [http://www.enisa.europa.eu/activities/Resilience-and-CIIP/national-cyber-security-strategies-ncsss/TUR_NCSS.pdf Turkey's National Cyber Security Strategy and 2013-2014 Action Plan]</ref>.}}
 
{{definition|Cyber Security is the protection of information systems that make up the cyber space from attacks, ensuring the [[confidentiality]], [[integrity]] and [[accessibility]] of the information being processed in this space, detection of attacks and [[Cyber Security|cyber security]] [[Incident|incidents]], putting into force the countermeasures against these incidents and then putting these systems back to their states previous to the cyber security incident.<ref> [http://www.enisa.europa.eu/activities/Resilience-and-CIIP/national-cyber-security-strategies-ncsss/TUR_NCSS.pdf Turkey's National Cyber Security Strategy and 2013-2014 Action Plan]</ref>.}}

Revision as of 21:31, 25 April 2015

Definitions

European Definitions

Cyber-security commonly refers to the safeguards and actions that can be used to protect the cyber domain, both in the civilian and military fields, from those threats that are associated with or that may harm its interdependent networks and information infrastructure. Cyber-security strives to preserve the availability and integrity of the networks and infrastructure and the confidentiality of the information contained therein [1].


National Definitions

Australia

Measures relating to the confidentiality, availability and integrity of information that is processed, stored and communicated by electronic or similar means [2].


Austria

Cyber security describes the protection of a key legal asset through constitutional means against actor-related, technical, organisational and natural dangers posing a risk to the security of cyberspace (including infrastructure and data security) as well as the security of the users in cyberspace. Cyber security helps to identify, assess and follow up on threats as well as to strengthen the ability to cope with interferences in or from cyber space, to minimise the effects as well as to restore the capacity to act and functional capabilities of the respective stakeholders, infrastructures and services.[3]


Belgium

Cyber security is het vrij zijn van gevaar of schade veroorzaakt door verstoring of uitval van ICT of door misbruik van ICT (be free from danger or damage caused by disturbance or disruption of ICT or misuse of ICT).[4].


Colombia

Ciberseguridad: Capacidad del Estado para minimizar el nivel de riesgo al que están expuestos sus ciudadanos, ante amenazas o incidentes de naturaleza cibernética.[5]

Cyber security is the ability of the state to minimize the level of risk their citizens from threats or incidents of cyber nature are exposed to.

Cyprus

Cybersecurity is the broader security of networked systems that operate in cyberspace.[6]

I.e. in most cases connected to the Internet, and this term also covers the safe and secure usage of these systems by end users.

Czech Republic

Collection of legal, organizational, technological and educational means aimed at providing protection of cyberspace.[7]

Souhrn právních, organizačních, technických a vzdělávacích prostředků směřujících k zajištění ochrany kybernetického prostoru.

Denmark

Cybersikkerhed omfatter beskyttelse imod de sikkerhedsbrud, der opstår som følge af angreb mod data eller systemer via en for - bindelse til et eksternt net eller system. Arbejdet med cybersikker - hed fokuserer således på sårbarheder ved sammenkoblingen mellem systemer, herunder forbindelser til internettet.[8]


Finland

Cyber security means the desired end state in which the cyber domain is reliable and in which its functioning is ensured.[9]


France

The desired state of an information system in which it can resist events from cyberspace likely to compromise the availability, integrity or confidentiality of the data stored, processed or transmitted and of the related services that these systems offer or make accessible.[10]


Germany

(Global) cyber security is the desired condition of the IT security situation, in which the risks of the global cyberspace have been reduced to an acceptable minimum [11].

Cyber security in Germany is thus the desired condition of the IT security situation, in which the risks of the German cyberspace have been reduced to an acceptable minimum. Cyber security (in Germany) is developed through the sum of suitable and adequate safeguards.

Definition in German:

(Globale) Cyber-Sicherheit ist der anzustrebende Zustand der IT-Sicherheitslage, in welchem die Risiken des globalen Cyber-Raums auf ein tragbares Maß reduziert sind. Cyber-Sicherheit in Deutschland ist demnach der anzustrebende Zustand der IT-Sicherheitslage, in welchem die Risiken des deutschen Cyber-Raums auf ein tragbares Maß reduziert sind. Cyber-Sicherheit (in Deutschland) entsteht durch die Summe von geeigneten und angemessenen Maßnahmen. [12].


Hungary

Cyber security is the continuous and planned taking of political, legal, economic, educational, awareness-raising and technical measures to manage risks in cyberspace that transforms the cyberspace into a reliable environment for the smooth functioning and operation of societal and economic processes by ensuring an acceptable level of risks in cyberspace.[13]


Jamaica

Cyber Security is the implementation of measures to protect ICT infrastructure including critical infrastructure from intrusion, unauthorized access and includes the adoption of policies, protocols and good practices to better govern the use of cyberspace.[14]


Kenya

Cyber Security is defined as the processes and mechanisms by which computer-based equipment, information and services are protected from unintended or unauthorized access, change or destruction.[15]


Latvia

Cyber security is the collection of tools, policies, security concepts, security safeguards, guidelines, risk management approaches, actions, training, best practices, assurance and technologies that can be used to protect the cyber environment and organization and user’s assets.[16]

Organisation and user’s assets include connected computing devices, personnel, infrastructure, applications, services, telecommunications systems, and the totality of transmitted and/or stored information in the cyber environment.

Netherlands

Cyber security refers to efforts to prevent damage caused by disruptions to, breakdowns in or misuse of ICT and to repair damage if and when it has occurred [17].

Such damage may consist of any or all of the following: reduced reliability of ICT, limited availability and violation of the confidentiality and/or integrity of information stored in the ICT systems.

Cyber security is het vrij zijn van gevaar of schade veroorzaakt door verstoring of uitval van ICT of door misbruik van ICT.[18].


New Zealand

Cyber Security is the practice of making the networks that constitute cyber space as secure as possible against intrusions, maintaining confidentiality, availability and integrity of information, detecting intrusions and incidents that do occur, and responding to and recovering from them.[19]


Norway

Cyber Security is the protection of data and systems which are coupled to the Internet (Beskyttelse av data og systemer som er koblet til internettet).[20]


Republic of Trinidad & Tobago

See ITU-T definition below[21]


Romania

cyber security is a normality resulting from the application of a set of proactive and reactive measures that ensure the confidentiality, integrity, availability, authenticity and non-repudiation in electronic information, resources and services, public or private, in cyberspace [22]

Starea de normalitate rezultată în urma aplicării unui ansamblu de măsuri proactive şi reactive prin care se asigură confidenţialitatea, integritatea, disponibilitatea, autenticitatea şi nonrepudierea informaţiilor în format electronic, a resurselor şi serviciilor publice sau private, din spaţiul cybernetic. Măsurile proactive şi reactive pot include politici, concepte, standarde şi ghiduri de securitate, managementul riscului, activităţi de instruire şi conştientizare, implementarea de soluţii tehnice de protejare a infrastructurilor cibernetice, managementul identităţii, managementul consecinţelor.

South Africa

Critical Information Infrastructure means all ICT systems, data systems, dxata bases, networks (incl. people, buildings, facilities and processes), that are fundamental to the effective operation of the State.[23].


Turkey

Cyber Security is the protection of information systems that make up the cyber space from attacks, ensuring the confidentiality, integrity and accessibility of the information being processed in this space, detection of attacks and cyber security incidents, putting into force the countermeasures against these incidents and then putting these systems back to their states previous to the cyber security incident.[24].


United States

The prevention of damage to, unauthorized use of, or exploitation of, and, if needed, the restoration of electronic information and communications systems and the information contained therein to ensure confidentiality, integrity, and availability; includes protection and restoration, when needed, of information networks and wireline, wireless, satellite, public safety answering points, and 911 communications systems and control systems [25].

Alternatively,

The ability to protect or defend the use of cyberspace from cyber attacks [26].



Other Definitions

ITU-T

Cyber security is the collection of tools, policies, security concepts, security safeguards, guidelines, risk management approaches, actions, training, best practices, assurance and technologies that can be used to protect the cyber environment and organization and user’s assets. [27]

Organization and user’s assets include connected computing devices,personnel, infrastructure, applications, services, telecommunications systems, and the totality of transmitted and/or stored information in the cyber environment. Cyber security strives to ensure the attainment and maintenance of the security properties of the organization and user’s assets against relevant security risks in the cyber environment.

World Economic Forum

The analysis, warning, Information Sharing, vulnerability reduction, risk mitigation and recovery efforts for networked information systems. [28]

See also

Notes

  1. Joint Communication to the European Parliament, the Council, the European Economic and Social Committee and the Committee of the Regions - Cybersecurity Strategy of the European Union: An Open, Safe and Secure Cyberspace, 07/02/2013
  2. Rights and Protections on Cyber Security, Australian Attorney-General’s Department
  3. Austrian Cyber Security Strategy, Federal Chancellery of the Republic of Austria, Vienna, 2013
  4. Cyber Security Strategy.be
  5. Conpes 3510
  6. Cybersecurity Strategy of the Republic of Cyprus (23 April 2012)
  7. Act No. 181 of 23 July 2014 On Cyber Security and Change of Related Acts (Act on Cyber Security)
  8. Danish Cyber Security Strategy, 2014
  9. Finlands' Cyber Security Strategy
  10. Information systems defence and security: France's Strategy
  11. Unpublished working glossary of UP KRITIS and BSI, 2014
  12. http://www.kritis.bund.de/SubSites/Kritis/DE/Servicefunktionen/Glossar/Functions/glossar.html Protection of Critical Infrastructures, BMI.
  13. Government Decision No. 1139/2013 (21 March) on the National Cyber Security Strategy of Hungary
  14. Jamaica's National Cyber Security Strategy
  15. Kenya's National Cyber Security Strategy
  16. Kenya's National Cyber Security Strategy
  17. National Cyber Security Strategy 2: From Awareness to Capability, Ministry of Security and Justice, The Hague, The Netherlands
  18. Cyber Security Beeld Nederland 4, 2014, Ministry of Security and Justice, The Hague, The Netherlands
  19. New Zealand’s Cyber Security Strategy (2011)
  20. Nasjonal strategi for informasjonssikkerhet (2012)
  21. Government of the Republic of Trinidad & Tobago, National Cyber Security Strategy (December 2012)
  22. Hotărârea nr. 271/2013 pentru aprobarea Strategiei de securitate cibernetică
  23. South Africa Cyber Security Policy, Staatskoerant No. 32963, 10 Feb 2010
  24. Turkey's National Cyber Security Strategy and 2013-2014 Action Plan
  25. National Infrastructure Protection Plan, Partnering to enhance protection and resiliency, US Department of Homeland Security, 2009
  26. [http://www.ncix.gov/publications/policy/docs/CNSSI_4009.pdf National Information Assurance (IA) Glossary, Committee on National Security Systems, CNSS Instruction No. 4009, 26 April 2010.
  27. ITU-T
  28. WEF Partnering for Cyber Resilience Guidelines 2012
Retrieved from "https://websites.fraunhofer.de/CIPedia/index.php?title=Cyber_Security&oldid=2330"