Difference between revisions of "Cyber Security"
Jump to navigation
Jump to search
(→Norway) |
|||
| Line 92: | Line 92: | ||
==== Norway ==== | ==== Norway ==== | ||
| − | {{definition|Cyber Security is the protection of data and systems which are coupled to the Internet (Beskyttelse av data og systemer som er koblet til internettet).<ref>[http://www.enisa.europa.eu/activities/Resilience-and-CIIP/national-cyber-security-strategies-ncsss/Norway_Cyber_Security_StrategyNO.pdf Nasjonal strategi for informasjonssikkerhet (2012)]</ref>}} | + | {{definition|Cyber Security is the protection of data and systems which are coupled to the Internet.<br />(Beskyttelse av data og systemer som er koblet til internettet). <ref>[http://www.enisa.europa.eu/activities/Resilience-and-CIIP/national-cyber-security-strategies-ncsss/Norway_Cyber_Security_StrategyNO.pdf Nasjonal strategi for informasjonssikkerhet (2012)]</ref>}} |
| + | <br /> | ||
| + | |||
| + | ==== Qatar ==== | ||
| + | {{definition|The collection of tools, policies, security concepts, security safeguards, guidelines, risk management approaches, actions, training, best practices, assurance, and technologies that can be used to protect the cyber environment and organization and user’s assets. <ref>[http://www.ictqatar.qa/en/file/14706/download?token=TP3dhTml QATAR National Cyber Security Strategy (May 2014)]</ref> <ref>[http://www.ictqatar.qa/en/file/14711/download?token=3QAJdSyz الاستراتيجية الوطنية للأمن السيبراني QATAR NCSS - Arabic version (May 2014)]</ref>}} | ||
| + | Organization and user’s assets include connected computing devices, personnel, infrastructure, applications, services, telecommunications systems, and the totality of transmitted and/or stored information in the cyber environment. Cyber security strives to ensure the attainment and maintenance of the security properties of the organization and user’s assets against relevant security risks in the cyber environment. The general security objectives comprise the following: [[confidentiality]], [[integrity]] (which may include [[authenticity]] and non-repudiation), and [[availability]]. | ||
<br /> | <br /> | ||
Revision as of 23:31, 11 June 2015
Contents
- 1 Definitions
- 1.1 European Definitions
- 1.2 National Definitions
- 1.2.1 Australia
- 1.2.2 Austria
- 1.2.3 Belgium
- 1.2.4 Canada
- 1.2.5 Colombia
- 1.2.6 Cyprus
- 1.2.7 Czech Republic
- 1.2.8 Denmark
- 1.2.9 Finland
- 1.2.10 France
- 1.2.11 Germany
- 1.2.12 Hungary
- 1.2.13 Islamic Republic of Afghanistan
- 1.2.14 Jamaica
- 1.2.15 Kenya
- 1.2.16 Kingdom of Saudi Arabia
- 1.2.17 Latvia
- 1.2.18 Netherlands
- 1.2.19 New Zealand
- 1.2.20 Norway
- 1.2.21 Qatar
- 1.2.22 Republic of Trinidad & Tobago
- 1.2.23 Romania
- 1.2.24 Saudi Arabia
- 1.2.25 South Africa
- 1.2.26 Sweden
- 1.2.27 Turkey
- 1.2.28 United States
- 1.3 International organisations
- 1.4 International standards
- 1.5 Other Definitions
- 2 See also
- 3 Notes
Definitions
European Definitions
Cyber-security commonly refers to the safeguards and actions that can be used to protect the cyber domain, both in the civilian and military fields, from those threats that are associated with or that may harm its interdependent networks and information infrastructure. Cyber-security strives to preserve the availability and integrity of the networks and infrastructure and the confidentiality of the information contained therein [1].
National Definitions
Australia
Measures relating to the confidentiality, availability and integrity of information that is processed, stored and communicated by electronic or similar means. [2]
Austria
Cyber security describes the protection of a key legal asset through constitutional means against actor-related, technical, organisational and natural dangers posing a risk to the security of cyberspace (including infrastructure and data security) as well as the security of the users in cyberspace. Cyber security helps to identify, assess and follow up on threats as well as to strengthen the ability to cope with interferences in or from cyber space, to minimise the effects as well as to restore the capacity to act and functional capabilities of the respective stakeholders, infrastructures and services. [3]
Belgium
Cyber security is het vrij zijn van gevaar of schade veroorzaakt door verstoring of uitval van ICT of door misbruik van ICT (be free from danger or damage caused by disturbance or disruption of ICT or misuse of ICT). [4]
Canada
The body of technologies, processes, practices and response and mitigation measures designed to protect networks, computers, programs and data from attack, damage or unauthorized access so as to ensure confidentiality, integrity and availability.
Ensemble des technologies, des processus, des pratiques et des mesures d’atténuation et d’intervention conçus pour protéger les réseaux, les ordinateurs, les programmes et les données contre les attaques, les dommages ou les accès non autorisés afin d’assurer la confidentialité, l’intégrité et la disponibilité. [5]
Ensemble des technologies, des processus, des pratiques et des mesures d’atténuation et d’intervention conçus pour protéger les réseaux, les ordinateurs, les programmes et les données contre les attaques, les dommages ou les accès non autorisés afin d’assurer la confidentialité, l’intégrité et la disponibilité. [5]
Colombia
Ciberseguridad: Capacidad del Estado para minimizar el nivel de riesgo al que están expuestos sus ciudadanos, ante amenazas o incidentes de naturaleza cibernética.[6]
Cyber security is the ability of the state to minimize the level of risk their citizens from threats or incidents of cyber nature are exposed to.
Cyprus
Cybersecurity is the broader security of networked systems that operate in cyberspace.[7]
I.e. in most cases connected to the Internet, and this term also covers the safe and secure usage of these systems by end users.
Czech Republic
Collection of legal, organizational, technological and educational means aimed at providing protection of cyberspace. [8]
Souhrn právních, organizačních, technických a vzdělávacích prostředků směřujících k zajištění ochrany kybernetického prostoru.
Denmark
Cybersikkerhed omfatter beskyttelse imod de sikkerhedsbrud, der opstår som følge af angreb mod data eller systemer via en for - bindelse til et eksternt net eller system. Arbejdet med cybersikker - hed fokuserer således på sårbarheder ved sammenkoblingen mellem systemer, herunder forbindelser til internettet.[9]
Finland
Cyber security means the desired end state in which the cyber domain is reliable and in which its functioning is ensured.[10]
France
The desired state of an information system in which it can resist events from cyberspace likely to compromise the availability, integrity or confidentiality of the data stored, processed or transmitted and of the related services that these systems offer or make accessible.[11]
Germany
(Global) cyber security is the desired condition of the IT security situation, in which the risks of the global cyberspace have been reduced to an acceptable minimum. [12]
Cyber security in Germany is thus the desired condition of the IT security situation, in which the risks of the German cyberspace have been reduced to an acceptable minimum. Cyber security (in Germany) is developed through the sum of suitable and adequate safeguards.
Definition in German:
(Globale) Cyber-Sicherheit ist der anzustrebende Zustand der IT-Sicherheitslage, in welchem die Risiken des globalen Cyber-Raums auf ein tragbares Maß reduziert sind. Cyber-Sicherheit in Deutschland ist demnach der anzustrebende Zustand der IT-Sicherheitslage, in welchem die Risiken des deutschen Cyber-Raums auf ein tragbares Maß reduziert sind. Cyber-Sicherheit (in Deutschland) entsteht durch die Summe von geeigneten und angemessenen Maßnahmen. [13]
Hungary
Cyber security is the continuous and planned taking of political, legal, economic, educational, awareness-raising and technical measures to manage risks in cyberspace that transforms the cyberspace into a reliable environment for the smooth functioning and operation of societal and economic processes by ensuring an acceptable level of risks in cyberspace. [14]
Islamic Republic of Afghanistan
Protection of information systems that protect the cyber space from attacks, ensuring the confidentiality, integrity and accessibility of the information being processed in this space, detection of attacks and cyber security incidents; putting into force the countermeasures against these incidents and then putting these systems back to their original states prior to the cyber security incident. [15]
Jamaica
Cyber Security is the implementation of measures to protect ICT infrastructure including critical infrastructure from intrusion, unauthorized access and includes the adoption of policies, protocols and good practices to better govern the use of cyberspace.[16]
Kenya
Cyber Security is defined as the processes and mechanisms by which computer-based equipment, information and services are protected from unintended or unauthorized access, change or destruction.[17]
Kingdom of Saudi Arabia
Cybersecurity is the ability to protect or defend the use of cyberspace from cyber-attacks.[18]
Latvia
Cyber security is the collection of tools, policies, security concepts, security safeguards, guidelines, risk management approaches, actions, training, best practices, assurance and technologies that can be used to protect the cyber environment and organization and user’s assets. [19]
Organisation and user’s assets include connected computing devices, personnel, infrastructure, applications, services, telecommunications systems, and the totality of transmitted and/or stored information in the cyber environment.
Netherlands
Cyber security refers to efforts to prevent damage caused by disruptions to, breakdowns in or misuse of ICT and to repair damage if and when it has occurred. [20]
Such damage may consist of any or all of the following: reduced reliability of ICT, limited availability and violation of the confidentiality and/or integrity of information stored in the ICT systems.
Cyber security is het vrij zijn van gevaar of schade veroorzaakt door verstoring of uitval van ICT of door misbruik van ICT. [21]
New Zealand
Cyber Security is the practice of making the networks that constitute cyber space as secure as possible against intrusions, maintaining confidentiality, availability and integrity of information, detecting intrusions and incidents that do occur, and responding to and recovering from them. [22]
Norway
Cyber Security is the protection of data and systems which are coupled to the Internet.
(Beskyttelse av data og systemer som er koblet til internettet). [23]
(Beskyttelse av data og systemer som er koblet til internettet). [23]
Qatar
The collection of tools, policies, security concepts, security safeguards, guidelines, risk management approaches, actions, training, best practices, assurance, and technologies that can be used to protect the cyber environment and organization and user’s assets. [24] [25]
Organization and user’s assets include connected computing devices, personnel, infrastructure, applications, services, telecommunications systems, and the totality of transmitted and/or stored information in the cyber environment. Cyber security strives to ensure the attainment and maintenance of the security properties of the organization and user’s assets against relevant security risks in the cyber environment. The general security objectives comprise the following: confidentiality, integrity (which may include authenticity and non-repudiation), and availability.
Republic of Trinidad & Tobago
See ITU-T definition below [26]
Romania
Cyber security is a normality resulting from the application of a set of proactive and reactive measures that ensure the confidentiality, integrity, availability, authenticity and non-repudiation in electronic information, resources and services, public or private, in cyberspace. [27]
Starea de normalitate rezultată în urma aplicării unui ansamblu de măsuri proactive şi reactive prin care se asigură confidenţialitatea, integritatea, disponibilitatea, autenticitatea şi nonrepudierea informaţiilor în format electronic, a resurselor şi serviciilor publice sau private, din spaţiul cybernetic. Măsurile proactive şi reactive pot include politici, concepte, standarde şi ghiduri de securitate, managementul riscului, activităţi de instruire şi conştientizare, implementarea de soluţii tehnice de protejare a infrastructurilor cibernetice, managementul identităţii, managementul consecinţelor.
Saudi Arabia
Cyber Security is the ability to protect or defend the use of cyberspace from cyber-attacks. [28]
South Africa
Cyber Security is the collection of tools, policies, security concepts, security safeguards, guidelines, risk management approaches, actions, training, best practices, assurance and technologies that can be used to protect the cyber environment and organization and user assets. [29]
Sweden
See ITU-T definition below. [30]
Turkey
Cyber Security is the protection of information systems that make up the cyber space from attacks, ensuring the confidentiality, integrity and accessibility of the information being processed in this space, detection of attacks and cyber security incidents, putting into force the countermeasures against these incidents and then putting these systems back to their states previous to the cyber security incident. [31]
United States
The prevention of damage to, unauthorized use of, or exploitation of, and, if needed, the restoration of electronic information and communications systems and the information contained therein to ensure confidentiality, integrity, and availability; includes protection and restoration, when needed, of information networks and wireline, wireless, satellite, public safety answering points, and 911 communications systems and control systems. [32]
Alternatively,
The ability to protect or defend the use of cyberspace from cyber attacks. [33]
International organisations
ITU-T
Cyber security is the collection of tools, policies, security concepts, security safeguards, guidelines, risk management approaches, actions, training, best practices, assurance and technologies that can be used to protect the cyber environment and organization and user’s assets. [34]
Organization and user’s assets include connected computing devices,personnel, infrastructure, applications, services, telecommunications systems, and the totality of transmitted and/or stored information in the cyber environment. Cyber security strives to ensure the attainment and maintenance of the security properties of the organization and user’s assets against relevant security risks in the cyber environment.
World Economic Forum
The analysis, warning, Information Sharing, vulnerability reduction, risk mitigation and recovery efforts for networked information systems. [35]
International standards
ISO/IEC
Cyber security is defined as the “preservation of confidentiality, integrity and availability of information in the Cyberspace. [36]
Other Definitions
Scotland
Cyber security is the collection of tools, policies, security concepts, security safeguards, guidelines, risk management approaches, actions, training, best practices, assurance and technologies that can be used to protect the cyber environment and organization and user’s assets. [37]
See also
Notes
- ↑ Joint Communication to the European Parliament, the Council, the European Economic and Social Committee and the Committee of the Regions - Cybersecurity Strategy of the European Union: An Open, Safe and Secure Cyberspace, 07/02/2013
- ↑ Rights and Protections on Cyber Security, Australian Attorney-General’s Department
- ↑ Austrian Cyber Security Strategy, Federal Chancellery of the Republic of Austria, Vienna, 2013
- ↑ Cyber Security Strategy.be
- ↑ Vocabulaire de la gestion des urgencies/Emergency Management Emergency Management Vocabulary 281 (2012)
- ↑ Conpes 3510
- ↑ Cybersecurity Strategy of the Republic of Cyprus (23 April 2012)
- ↑ Act No. 181 of 23 July 2014 On Cyber Security and Change of Related Acts (Act on Cyber Security)
- ↑ Danish Cyber Security Strategy, 2014
- ↑ Finlands' Cyber Security Strategy
- ↑ Information systems defence and security: France's Strategy
- ↑ Unpublished working glossary of UP KRITIS and BSI, 2014
- ↑ http://www.kritis.bund.de/SubSites/Kritis/DE/Servicefunktionen/Glossar/Functions/glossar.html Protection of Critical Infrastructures, BMI.
- ↑ Government Decision No. 1139/2013 (21 March) on the National Cyber Security Strategy of Hungary
- ↑ National Cyber Security Strategy of Afghanistan (2014)
- ↑ Jamaica's National Cyber Security Strategy
- ↑ Kenya's National Cyber Security Strategy
- ↑ Developing National Information Security Strategy for the Kingdom of Saudi Arabia NISS draft 7
- ↑ http://www.enisa.europa.eu/activities/Resilience-and-CIIP/national-cyber-security-strategies-ncsss/lv-ncss Kenya's National Cyber Security Strategy]
- ↑ National Cyber Security Strategy 2: From Awareness to Capability, Ministry of Security and Justice, The Hague, The Netherlands
- ↑ Cyber Security Beeld Nederland 4, 2014, Ministry of Security and Justice, The Hague, The Netherlands
- ↑ New Zealand’s Cyber Security Strategy (2011)
- ↑ Nasjonal strategi for informasjonssikkerhet (2012)
- ↑ QATAR National Cyber Security Strategy (May 2014)
- ↑ الاستراتيجية الوطنية للأمن السيبراني QATAR NCSS - Arabic version (May 2014)
- ↑ Government of the Republic of Trinidad & Tobago, National Cyber Security Strategy (December 2012)
- ↑ Hotărârea nr. 271/2013 pentru aprobarea Strategiei de securitate cibernetică
- ↑ Drafting National Information Security Strategy for the Kingdom of Saudi Arabia (Draft 7 - 2011)
- ↑ South Africa Cyber Security Policy, Staatskoerant No. 32963, 10 Feb 2010
- ↑ Informations- och cybersäkerhet i Sverige Strategi och åtgärder för säker information i staten(2015)
- ↑ Turkey's National Cyber Security Strategy and 2013-2014 Action Plan
- ↑ National Infrastructure Protection Plan, Partnering to enhance protection and resiliency, US Department of Homeland Security, 2009
- ↑ [http://www.ncix.gov/publications/policy/docs/CNSSI_4009.pdf National Information Assurance (IA) Glossary, Committee on National Security Systems, CNSS Instruction No. 4009, 26 April 2010.
- ↑ ITU-T
- ↑ WEF Partnering for Cyber Resilience Guidelines 2012
- ↑ ISO/IEC 27032:2012 Information technology — Security techniques — Guidelines for cybersecurity
- ↑ [http://news.scotland.gov.uk/imagelibrary/downloadmedia.ashx?MediaDetailsID=3708&SizeId=-1 Scottish Government Consultation on proposal for a Cyber Resilience Strategy for Scotland]
