Difference between revisions of "Cyber Security"
(→Norway) |
(→International organisations) |
||
Line 138: | Line 138: | ||
===International organisations === | ===International organisations === | ||
====ITU-T==== | ====ITU-T==== | ||
− | {{definition|Cyber security is the collection of tools, policies, security concepts, security safeguards, guidelines, risk management approaches, actions, training, best practices, assurance and technologies that can be used to protect the cyber environment and organization and user’s assets. <ref>[http://www.itu.int/en/ITU-T/studygroups/com17/Pages/cybersecurity.aspx ITU-T]</ref>}} | + | {{definition|Cyber security is the collection of tools, policies, security concepts, security safeguards, guidelines, risk management approaches, actions, training, best practices, assurance and technologies that can be used to protect the cyber environment and organization and user’s assets. <ref>[http://www.itu.int/en/ITU-T/studygroups/com17/Pages/cybersecurity.aspx ITU Security in Telecommunications and Information Technology: An overview of issues and the deployment of existing ITU-T Recommendations for secure telecommunications, ITU-T, Geneva (2012) - ITU-T X.1205]</ref>}} |
Organization and user’s assets include connected computing devices,personnel, infrastructure, applications, services, telecommunications systems, and the totality of transmitted and/or stored information in the cyber environment. Cyber security strives to ensure the attainment and maintenance of the security properties of the organization and user’s assets against relevant security risks in the cyber environment. | Organization and user’s assets include connected computing devices,personnel, infrastructure, applications, services, telecommunications systems, and the totality of transmitted and/or stored information in the cyber environment. Cyber security strives to ensure the attainment and maintenance of the security properties of the organization and user’s assets against relevant security risks in the cyber environment. | ||
<br /> | <br /> | ||
====World Economic Forum==== | ====World Economic Forum==== | ||
{{definition|The analysis, warning, [[Information Sharing]], vulnerability reduction, [[risk]] mitigation and recovery efforts for networked information systems. <ref>[http://www3.weforum.org/docs/WEF_IT_PartneringCyberResilience_Guidelines_2012.pdf WEF Partnering for Cyber Resilience Guidelines 2012]</ref>}}<br /> | {{definition|The analysis, warning, [[Information Sharing]], vulnerability reduction, [[risk]] mitigation and recovery efforts for networked information systems. <ref>[http://www3.weforum.org/docs/WEF_IT_PartneringCyberResilience_Guidelines_2012.pdf WEF Partnering for Cyber Resilience Guidelines 2012]</ref>}}<br /> | ||
+ | |||
===International standards === | ===International standards === | ||
====ISO/IEC==== | ====ISO/IEC==== |
Revision as of 17:26, 14 June 2015
Contents
- 1 Definitions
- 1.1 European Definitions
- 1.2 National Definitions
- 1.2.1 Australia
- 1.2.2 Austria
- 1.2.3 Belgium
- 1.2.4 Canada
- 1.2.5 Colombia
- 1.2.6 Cyprus
- 1.2.7 Czech Republic
- 1.2.8 Denmark
- 1.2.9 Finland
- 1.2.10 France
- 1.2.11 Germany
- 1.2.12 Hungary
- 1.2.13 Islamic Republic of Afghanistan
- 1.2.14 Jamaica
- 1.2.15 Kenya
- 1.2.16 Kingdom of Saudi Arabia
- 1.2.17 Latvia
- 1.2.18 Montenegro
- 1.2.19 Netherlands
- 1.2.20 New Zealand
- 1.2.21 Norway
- 1.2.22 Pakistan
- 1.2.23 Qatar
- 1.2.24 Republic of Trinidad & Tobago
- 1.2.25 Romania
- 1.2.26 Saudi Arabia
- 1.2.27 South Africa
- 1.2.28 Sweden
- 1.2.29 Turkey
- 1.2.30 United States
- 1.3 International organisations
- 1.4 International standards
- 1.5 Other Definitions
- 2 See also
- 3 Notes
Definitions
European Definitions
National Definitions
Australia
Austria
Belgium
Canada
Ensemble des technologies, des processus, des pratiques et des mesures d’atténuation et d’intervention conçus pour protéger les réseaux, les ordinateurs, les programmes et les données contre les attaques, les dommages ou les accès non autorisés afin d’assurer la confidentialité, l’intégrité et la disponibilité. [5]
Colombia
Cyber security is the ability of the state to minimize the level of risk their citizens from threats or incidents of cyber nature are exposed to.
Cyprus
I.e. in most cases connected to the Internet, and this term also covers the safe and secure usage of these systems by end users.
Czech Republic
Souhrn právních, organizačních, technických a vzdělávacích prostředků směřujících k zajištění ochrany kybernetického prostoru.
Denmark
Finland
France
Germany
Cyber security in Germany is thus the desired condition of the IT security situation, in which the risks of the German cyberspace have been reduced to an acceptable minimum. Cyber security (in Germany) is developed through the sum of suitable and adequate safeguards.
Definition in German:
Hungary
Islamic Republic of Afghanistan
Jamaica
Kenya
Kingdom of Saudi Arabia
Latvia
Organisation and user’s assets include connected computing devices, personnel, infrastructure, applications, services, telecommunications systems, and the totality of transmitted and/or stored information in the cyber environment.
Montenegro
Netherlands
Such damage may consist of any or all of the following: reduced reliability of ICT, limited availability and violation of the confidentiality and/or integrity of information stored in the ICT systems.
New Zealand
Norway
(Beskyttelse av data og systemer som er koblet til internettet). [24]
Pakistan
Qatar
Organization and user’s assets include connected computing devices, personnel, infrastructure, applications, services, telecommunications systems, and the totality of transmitted and/or stored information in the cyber environment. Cyber security strives to ensure the attainment and maintenance of the security properties of the organization and user’s assets against relevant security risks in the cyber environment. The general security objectives comprise the following: confidentiality, integrity (which may include authenticity and non-repudiation), and availability.
Republic of Trinidad & Tobago
Romania
Starea de normalitate rezultată în urma aplicării unui ansamblu de măsuri proactive şi reactive prin care se asigură confidenţialitatea, integritatea, disponibilitatea, autenticitatea şi nonrepudierea informaţiilor în format electronic, a resurselor şi serviciilor publice sau private, din spaţiul cybernetic. Măsurile proactive şi reactive pot include politici, concepte, standarde şi ghiduri de securitate, managementul riscului, activităţi de instruire şi conştientizare, implementarea de soluţii tehnice de protejare a infrastructurilor cibernetice, managementul identităţii, managementul consecinţelor.
Saudi Arabia
South Africa
Sweden
Turkey
United States
Alternatively,
International organisations
ITU-T
Organization and user’s assets include connected computing devices,personnel, infrastructure, applications, services, telecommunications systems, and the totality of transmitted and/or stored information in the cyber environment. Cyber security strives to ensure the attainment and maintenance of the security properties of the organization and user’s assets against relevant security risks in the cyber environment.
World Economic Forum
International standards
ISO/IEC
Other Definitions
Scotland
See also
Notes
- ↑ Joint Communication to the European Parliament, the Council, the European Economic and Social Committee and the Committee of the Regions - Cybersecurity Strategy of the European Union: An Open, Safe and Secure Cyberspace, 07/02/2013
- ↑ Rights and Protections on Cyber Security, Australian Attorney-General’s Department
- ↑ Austrian Cyber Security Strategy, Federal Chancellery of the Republic of Austria, Vienna, 2013
- ↑ Cyber Security Strategy.be
- ↑ Vocabulaire de la gestion des urgencies/Emergency Management Emergency Management Vocabulary 281 (2012)
- ↑ Conpes 3510
- ↑ Cybersecurity Strategy of the Republic of Cyprus (23 April 2012)
- ↑ Act No. 181 of 23 July 2014 On Cyber Security and Change of Related Acts (Act on Cyber Security)
- ↑ Danish Cyber Security Strategy, 2014
- ↑ Finlands' Cyber Security Strategy
- ↑ Information systems defence and security: France's Strategy
- ↑ Unpublished working glossary of UP KRITIS and BSI, 2014
- ↑ http://www.kritis.bund.de/SubSites/Kritis/DE/Servicefunktionen/Glossar/Functions/glossar.html Protection of Critical Infrastructures, BMI.
- ↑ Government Decision No. 1139/2013 (21 March) on the National Cyber Security Strategy of Hungary
- ↑ National Cyber Security Strategy of Afghanistan (2014)
- ↑ Jamaica's National Cyber Security Strategy
- ↑ Kenya's National Cyber Security Strategy
- ↑ Developing National Information Security Strategy for the Kingdom of Saudi Arabia NISS draft 7
- ↑ http://www.enisa.europa.eu/activities/Resilience-and-CIIP/national-cyber-security-strategies-ncsss/lv-ncss Kenya's National Cyber Security Strategy]
- ↑ NATIONAL CYBER SECURITY STRATEGY FOR MONTENEGRO 2013-2017
- ↑ National Cyber Security Strategy 2: From Awareness to Capability, Ministry of Security and Justice, The Hague, The Netherlands
- ↑ Cyber Security Beeld Nederland 4, 2014, Ministry of Security and Justice, The Hague, The Netherlands
- ↑ New Zealand’s Cyber Security Strategy (2011)
- ↑ Nasjonal strategi for informasjonssikkerhet (2012)
- ↑ definition still under development
- ↑ QATAR National Cyber Security Strategy (May 2014)
- ↑ الاستراتيجية الوطنية للأمن السيبراني QATAR NCSS - Arabic version (May 2014)
- ↑ Government of the Republic of Trinidad & Tobago, National Cyber Security Strategy (December 2012)
- ↑ Hotărârea nr. 271/2013 pentru aprobarea Strategiei de securitate cibernetică
- ↑ Drafting National Information Security Strategy for the Kingdom of Saudi Arabia (Draft 7 - 2011)
- ↑ South Africa Cyber Security Policy, Staatskoerant No. 32963, 10 Feb 2010
- ↑ Informations- och cybersäkerhet i Sverige Strategi och åtgärder för säker information i staten(2015)
- ↑ Turkey's National Cyber Security Strategy and 2013-2014 Action Plan
- ↑ National Infrastructure Protection Plan, Partnering to enhance protection and resiliency, US Department of Homeland Security, 2009
- ↑ [http://www.ncix.gov/publications/policy/docs/CNSSI_4009.pdf National Information Assurance (IA) Glossary, Committee on National Security Systems, CNSS Instruction No. 4009, 26 April 2010.
- ↑ ITU Security in Telecommunications and Information Technology: An overview of issues and the deployment of existing ITU-T Recommendations for secure telecommunications, ITU-T, Geneva (2012) - ITU-T X.1205
- ↑ WEF Partnering for Cyber Resilience Guidelines 2012
- ↑ ISO/IEC 27032:2012 Information technology — Security techniques — Guidelines for cybersecurity
- ↑ [http://news.scotland.gov.uk/imagelibrary/downloadmedia.ashx?MediaDetailsID=3708&SizeId=-1 Scottish Government Consultation on proposal for a Cyber Resilience Strategy for Scotland]