Difference between revisions of "Information Security"

From CIPedia
Jump to navigation Jump to search
(Serbia)
(Notes)
(26 intermediate revisions by the same user not shown)
Line 1: Line 1:
 
==Definitions==
 
==Definitions==
=== European Definitions ===
+
===European Definitions===
{{definition|Information Security is the protection of information against unauthorised disclosure, transfer, modification or destruction, whether accidental or intentional. <ref>[http://www.cimic-coe.org/wp-content/uploads/2014/06/NATO-EU-UN-glossary-on-DCB-and-CP.pdf NATO - EU - UN glossary]</ref>}}  <br />
+
{{definition|Information Security is the protection of information against unauthorised disclosure, transfer, modification or destruction, whether accidental or intentional. <ref>[http://www.cimic-coe.org/wp-content/uploads/2014/06/NATO-EU-UN-glossary-on-DCB-and-CP.pdf NATO - EU - UN glossary]</ref>}} <br />
 +
==== [[ECA]] ====
 +
{{definition|Information security: The set of processes and tools protecting physical and digital data from unauthorised access, use, disclosure, disruption, modification, recording or destruction. <ref name="ECA">[https://www.eca.europa.eu/Lists/ECADocuments/BRP_CYBERSECURITY/BRP_CYBERSECURITY_EN.pdf European Court of Auditors, Challenges to effective EU cybersecurity policy, Briefing Paper, March 2019]</ref><br/><br/>[BG] Кибератака: Опит за подкопаване или унищожаване на поверителността, целостта и наличието на данни или на компютърна система чрез киберпространството.<br/><br/>[CS] Bezpečnost informací: Soubor postupů a nástrojů chránících fyzické a digitální údaje před neoprávněným přístupem, použitím, zveřejněním, narušením, pozměněním, zaznamenáním nebo zničením.<br/><br/>[DE] Informationssicherheit: Reihe von Prozessen und Instrumenten zum Schutz von physischen und digitalen Daten vor Zugriff, Verwendung, Preisgabe, Störung, Änderung, Erfassung oder Zerstörung durch Unbefugte. <br/><br/>[DK] Informationssikkerhed: Det sæt af processer og værktøjer, der beskytter fysiske og digitale data mod uautoriseret adgang, anvendelse, videregivelse, afbrydelse, ændring, registrering eller ødelæggelse.<br/><br/>[ES] Seguridad de la información: Conjunto de procesos y herramientas que protegen los datos físicos y digitales del acceso no autorizado, el uso, la divulgación, la perturbación, la modificación, el registro o la destrucción.<br/><br/>[NE] Informatiebeveiliging: Een reeks processen en instrumenten voor de bescherming van fysieke en digitale gegevens tegen onbevoegd(e) toegang, gebruik, vrijgave, verstoring, wijziging, opname of vernietiging.}}<br/><br/>
  
=== Other International Definitions ===
+
===Other International Definitions===
==== [[IAEA]] ====
+
====[[IAEA]]====
{{definition|Information security is the preservation of the [[confidentiality]], [[integrity]] and [[availability]] of information.  <ref>[https://www-ns.iaea.org/downloads/security/nuclear-security-series-glossary-v1-3.pdf IAEA - Nuclear Security Series Glossary Version 1.3 (November 2015)]</ref>}}Note: In addition, other properties such as [[authenticity]], accountability, [[non-repudiation]] and [[reliability]] can also be involved. <br/><br/>
+
{{definition|Information security is the preservation of the [[confidentiality]], [[integrity]] and [[availability]] of information.  <ref>[https://www-ns.iaea.org/downloads/security/nuclear-security-series-glossary-v1-3.pdf IAEA - Nuclear Security Series Glossary Version 1.3 (November 2015)]</ref>}}Note: In addition, other properties such as [[authenticity]], accountability, [[non-repudiation]] and [[reliability]] can also be involved. <br /><br />
  
 
====[[NATO]]====
 
====[[NATO]]====
Line 12: Line 14:
 
====[[UN|United Nations]]====
 
====[[UN|United Nations]]====
 
{{definition|''Information security'' is the protection of information systems against unauthorized access to or modification of information, whether in storage, processing or transit, and against the denial of service to authorized users or the provision of service to unauthorized users, including those measures necessary to detect, document, and counter such threats. <ref>[http://www.cimic-coe.org/wp-content/uploads/2014/06/NATO-EU-UN-glossary-on-DCB-and-CP.pdf NATO - EU - UN glossary]</ref>}}<br />
 
{{definition|''Information security'' is the protection of information systems against unauthorized access to or modification of information, whether in storage, processing or transit, and against the denial of service to authorized users or the provision of service to unauthorized users, including those measures necessary to detect, document, and counter such threats. <ref>[http://www.cimic-coe.org/wp-content/uploads/2014/06/NATO-EU-UN-glossary-on-DCB-and-CP.pdf NATO - EU - UN glossary]</ref>}}<br />
==== [[World Bank]] ====
+
====[[World Bank]]====
{{definition|Information security, refers to the practice of defending information from unauthorized access, use, disclosure, disruption, modification, perusal, inspection, recording or destruction. <ref>[https://collaboration.worldbank.org/servlet/JiveServlet/downloadBody/18791-102-1-24249/Glossary%20of%20terms.docx Cyber Security Glossary, World Bank (2015)]</ref>}}In a computing context, the term security implies cybersecurity.<br/>
+
{{definition|Information security, refers to the practice of defending information from unauthorized access, use, disclosure, disruption, modification, perusal, inspection, recording or destruction. <ref>[https://collaboration.worldbank.org/servlet/JiveServlet/downloadBody/18791-102-1-24249/Glossary%20of%20terms.docx Cyber Security Glossary, World Bank (2015)]</ref>}}In a computing context, the term security implies cybersecurity.<br />
  
=== National Definitions ===
+
===National Definitions===
==== [[Albania]] ====
+
====[[Albania]]====
 
{{definition|Siguria e informacionit, do të thotë sigurimi i konfidencialitetit, integritetit dhe disponueshmërisë së informacionit. <ref>[http://www.inovacioni.gov.al/files/pages_files/Projektligj_Per_sigurine_kibernetike__ver.final.docx PROJEKT LIGJ PËR SIGURINË KIBERNETIKE]</ref>}}<br />
 
{{definition|Siguria e informacionit, do të thotë sigurimi i konfidencialitetit, integritetit dhe disponueshmërisë së informacionit. <ref>[http://www.inovacioni.gov.al/files/pages_files/Projektligj_Per_sigurine_kibernetike__ver.final.docx PROJEKT LIGJ PËR SIGURINË KIBERNETIKE]</ref>}}<br />
  
==== [[Argentina]] ====
+
====[[Argentina]]====
{{definition|Seguridad: contemplas los requisitos de Integridad, Confidencialidad y Disponibilidad de las Aplicaciones, por ejemplo asegurando que las aplicaciones disponibles a través de redes de acceso público (ej.: Internet) no puedan ser alteradas en su contenido, infectadas con código ni susceptibles a vulnerabilidades derivadas de malas prácticas de desarrollo. <ref>[http://servicios.infoleg.gob.ar/infolegInternet/anexos/215000-219999/219163/norma.htm Oficina Nacional de Tecnologías de Información ADMINISTRACION PUBLICA NACIONAL Disposición 3/2013 - Apruébase la “Política de Seguridad de la Información Modelo” (2013)]</ref>}}<br/><br/>
+
{{definition|Seguridad: contemplas los requisitos de Integridad, Confidencialidad y Disponibilidad de las Aplicaciones, por ejemplo asegurando que las aplicaciones disponibles a través de redes de acceso público (ej.: Internet) no puedan ser alteradas en su contenido, infectadas con código ni susceptibles a vulnerabilidades derivadas de malas prácticas de desarrollo. <ref>[http://servicios.infoleg.gob.ar/infolegInternet/anexos/215000-219999/219163/norma.htm Oficina Nacional de Tecnologías de Información ADMINISTRACION PUBLICA NACIONAL Disposición 3/2013 - Apruébase la “Política de Seguridad de la Información Modelo” (2013)]</ref>}}<br /><br />
==== [[Australia]] ====  
+
====[[Australia]]====  
{{definition|Information security (INFOSEC): All measures used to protect official information from compromise, loss of integrity or unavailability.  <ref>[https://www.protectivesecurity.gov.au/resources/Pages/PSPF-Glossary-of-terms.aspx  Protective Security Policy Framework - Glossary Oct 2017]</ref>}}<br/><br/>
+
{{definition|Information security (INFOSEC): All measures used to protect official information from compromise, loss of integrity or unavailability.  <ref>[https://www.protectivesecurity.gov.au/resources/Pages/PSPF-Glossary-of-terms.aspx  Protective Security Policy Framework - Glossary Oct 2017]</ref>}}<br /><br />
==== [[Austria]] ====
+
====[[Austria]]====
 
{{definition|Information security or network security are umbrella terms for ICT security, referring to the entire relevant information of an organisation or an enterprise, including information that has not been processed electronically. Hence, it describes the entirety of characteristics of an organisation ensuring the confidentiality, availability and integrity of information.  <ref>[http://www.bmi.gv.at/cms/BMI_Service/cycer_security/130415_strategie_cybersicherheit_en_web.pdf Austrian Cyber Security Strategy, Federal Chancellery of the Republic of Austria, Vienna (2013)]</ref><br/><br/>Informationssicherheit / Netzwerksicherheit ist ein Überbegriff zu IKT-Sicherheit und bezieht sich auf alle relevanten Informationen einer Organisation oder eines Unternehmens einschließlich von nicht elektronisch verarbeiteten Informationen. Es bezeichnet somit die Summe der Eigenschaften einer Organisation, die dem Schutz der Vertraulichkeit, Verfügbarkeit und Integrität der Informationen dienen.  <ref>[https://www.bka.gv.at/DocView.axd?CobId=50748 Österreichische Strategie für Cyber Sicherheit (2013)]</ref>}}
 
{{definition|Information security or network security are umbrella terms for ICT security, referring to the entire relevant information of an organisation or an enterprise, including information that has not been processed electronically. Hence, it describes the entirety of characteristics of an organisation ensuring the confidentiality, availability and integrity of information.  <ref>[http://www.bmi.gv.at/cms/BMI_Service/cycer_security/130415_strategie_cybersicherheit_en_web.pdf Austrian Cyber Security Strategy, Federal Chancellery of the Republic of Austria, Vienna (2013)]</ref><br/><br/>Informationssicherheit / Netzwerksicherheit ist ein Überbegriff zu IKT-Sicherheit und bezieht sich auf alle relevanten Informationen einer Organisation oder eines Unternehmens einschließlich von nicht elektronisch verarbeiteten Informationen. Es bezeichnet somit die Summe der Eigenschaften einer Organisation, die dem Schutz der Vertraulichkeit, Verfügbarkeit und Integrität der Informationen dienen.  <ref>[https://www.bka.gv.at/DocView.axd?CobId=50748 Österreichische Strategie für Cyber Sicherheit (2013)]</ref>}}
 
Information may be available as spoken text, paper documents or other directly readable media or as electronically processed data in ICT systems.<br />
 
Information may be available as spoken text, paper documents or other directly readable media or as electronically processed data in ICT systems.<br />
 
<br />
 
<br />
==== [[Belarus]] ====
+
====[[Belarus]]====
 
{{definition|информационная безопасность – состояние защищенности сбалансированных интересов личности, общества и государства от внешних и внутренних угроз в информационной сфере. <ref>[http://kgb.by/ru/ukaz575/ Концепция Националъной Безопасности, Министерство Внутренних Дел Рецпублики Беларусъ, 2010]</ref><br/>(The state of the protection of balanced interests of the individual, society, and the state from external and internal threats in the information space)}}<br />
 
{{definition|информационная безопасность – состояние защищенности сбалансированных интересов личности, общества и государства от внешних и внутренних угроз в информационной сфере. <ref>[http://kgb.by/ru/ukaz575/ Концепция Националъной Безопасности, Министерство Внутренних Дел Рецпублики Беларусъ, 2010]</ref><br/>(The state of the protection of balanced interests of the individual, society, and the state from external and internal threats in the information space)}}<br />
==== [[Brazil]] ====
+
====[[Brazil]]====
{{definition| Segurança da Informação: proteção dos sistemas de informação contra a negação de serviço a usuários autorizados, assim como contra a intrusão, e a modificação desautorizada de dados ou informações, armazenados, em processamento ou em trânsito, abrangendo, inclusive, a segurança dos recursos humanos, da documentação e do material, das áreas e instalações das comunicações e computacional, assim como as destinadas a prevenir, detectar, deter e documentar eventuais ameaças a seu desenvolvimento. <ref>[http://www.biblioteca.presidencia.gov.br/publicacoes-oficiais-1/catalogo/orgao-essenciais/gabinete-de-seguranca-institucional/guia-de-referencia-para-seguranca-de-infraestruturas-criticas-da-informacao/at_download/file GUIA DE REFERÊNCIA PARA A SEGURANÇA DAS INFRAESTRUTURAS CRÍTICAS DA INFORMAÇÃO Versão 01 (Nov. 2010)/ Decreto Nº 3.505, de 13 de junho de 2000. Presidência da República, Casa Civil, Subchefia para Assuntos Jurídicos. Institui a Política de Segurança da Informação nos órgãos e entidades da Administração Pública Federal. Brasília, 2000.]</ref><br /><br />Information Security is the protection of information systems against denial of service to authorised users, as well as against intrusion and unauthorised modification of data or information stored in processing or in transit, covering even the safety of human resources, documentation and material, of the areas and facilities of communications and computing, as well as to prevent, detect, deter and document any [[Threat|threats]] to its development.}} <br /><br/>
+
{{definition| Segurança da Informação: proteção dos sistemas de informação contra a negação de serviço a usuários autorizados, assim como contra a intrusão, e a modificação desautorizada de dados ou informações, armazenados, em processamento ou em trânsito, abrangendo, inclusive, a segurança dos recursos humanos, da documentação e do material, das áreas e instalações das comunicações e computacional, assim como as destinadas a prevenir, detectar, deter e documentar eventuais ameaças a seu desenvolvimento. <ref>[http://www.biblioteca.presidencia.gov.br/publicacoes-oficiais-1/catalogo/orgao-essenciais/gabinete-de-seguranca-institucional/guia-de-referencia-para-seguranca-de-infraestruturas-criticas-da-informacao/at_download/file GUIA DE REFERÊNCIA PARA A SEGURANÇA DAS INFRAESTRUTURAS CRÍTICAS DA INFORMAÇÃO Versão 01 (Nov. 2010)/ Decreto Nº 3.505, de 13 de junho de 2000. Presidência da República, Casa Civil, Subchefia para Assuntos Jurídicos. Institui a Política de Segurança da Informação nos órgãos e entidades da Administração Pública Federal. Brasília, 2000.]</ref><br /><br />Information Security is the protection of information systems against denial of service to authorised users, as well as against intrusion and unauthorised modification of data or information stored in processing or in transit, covering even the safety of human resources, documentation and material, of the areas and facilities of communications and computing, as well as to prevent, detect, deter and document any [[Threat|threats]] to its development.}} <br /><br />
==== [[Costa Rica]] ====
+
====[[Costa Rica]]====
{{definition|Seguridad de información: La protección de la información y sistemas de información del acceso, uso, divulgación, alteración, modificación o destrucción no autorizada, con el fin de garantizar la confidencialidad, integridad y disponibilidad.  <ref>[https://micit.go.cr/images/imagenes_noticias/10-11-2017__Ciberseguridad/Estrategia-Nacional-de-Ciberseguridad-de-Costa-Rica-11-10-17.pdf Estrategia Nacional de Ciberseguridad de Costa Rica (2017)]</ref>}}<br/><br/>
+
{{definition|Seguridad de información: La protección de la información y sistemas de información del acceso, uso, divulgación, alteración, modificación o destrucción no autorizada, con el fin de garantizar la confidencialidad, integridad y disponibilidad.  <ref>[https://micit.go.cr/images/imagenes_noticias/10-11-2017__Ciberseguridad/Estrategia-Nacional-de-Ciberseguridad-de-Costa-Rica-11-10-17.pdf Estrategia Nacional de Ciberseguridad de Costa Rica (2017)]</ref>}}<br /><br />
 
====[[Croatia]]====
 
====[[Croatia]]====
 
{{definition|Informacijska sigurnost – stanje povjerljivosti, cjelovitosti i raspoloživosti podataka koje se postiže primjenom odgovarajućih sigurnosnih mjera.<br/><br/>Information security is the state of [[confidentiality]], [[integrity]] and [[availability]] of information, which is achieved by implementation of stipulated information security measures and standards and by organisational support for jobs of planning, implementation, assessment and update of measures and standards. <ref> [http://www.uvns.hr/en/about-us/glossary/information-security Article 2 of the Information Security Act]</ref> <ref> [https://esavjetovanja.gov.hr/ECon/MainScreen?entityId=1072 National Cyber Security Strategy draft (2015)]</ref>}}
 
{{definition|Informacijska sigurnost – stanje povjerljivosti, cjelovitosti i raspoloživosti podataka koje se postiže primjenom odgovarajućih sigurnosnih mjera.<br/><br/>Information security is the state of [[confidentiality]], [[integrity]] and [[availability]] of information, which is achieved by implementation of stipulated information security measures and standards and by organisational support for jobs of planning, implementation, assessment and update of measures and standards. <ref> [http://www.uvns.hr/en/about-us/glossary/information-security Article 2 of the Information Security Act]</ref> <ref> [https://esavjetovanja.gov.hr/ECon/MainScreen?entityId=1072 National Cyber Security Strategy draft (2015)]</ref>}}
 
<br />
 
<br />
 
====[[Cuba]]====
 
====[[Cuba]]====
{{definition|Seguridad de la información: Preservación de la confidencialidad, integridad y disponibilidad de la información.  <ref>[http://www.cscuba.cu/es/glosario-de-terminos/A Glossary of Cyber terms/Glosario de términos, Centro de Seguridad del Ciberespacio]</ref>}}<br/><br/>
+
{{definition|Seguridad de la información: Preservación de la confidencialidad, integridad y disponibilidad de la información.  <ref>[http://www.cscuba.cu/es/glosario-de-terminos/A Glossary of Cyber terms/Glosario de términos, Centro de Seguridad del Ciberespacio]</ref>}}<br /><br />
  
 
====[[Czech Republic]]====
 
====[[Czech Republic]]====
 +
{{definition|Bezpečnost informací: Zajištění (ochrana) důvěrnosti, integrity a dostupnosti informací.  <ref name=CZglos>[https://www.govcert.cz/download/slovnik/vykladovy_slovnik_KB_2_vydani.pdf]</ref><br/><br/>Information security: Security (protection) of [[confidentiality]], [[integrity]] and [[availability]] of information.  <ref name=CZglos>[https://www.govcert.cz/download/slovnik/vykladovy_slovnik_KB_2_vydani.pdf]</ref>}}
 +
<br />
 +
 
{{definition|Bezpečností informací zajištění důvěrnosti, integrity a dostupnosti informací. <ref>[http://www.nbu.cz/download/nodeid-1384/ Zákon č. 181/2014 Sb. o kybernetické bezpečnosti a o změně souvisejících zákonů (zákon o kybernetické bezpečnosti)]</ref><br/><br/>Security (protection) of [[confidentiality]], [[integrity]] and [[availability]] of information. <ref>[http://www.govcert.cz/download/nodeid-3555/ Cyber Security Explanatory Glossary (2013)]</ref>}}<br />
 
{{definition|Bezpečností informací zajištění důvěrnosti, integrity a dostupnosti informací. <ref>[http://www.nbu.cz/download/nodeid-1384/ Zákon č. 181/2014 Sb. o kybernetické bezpečnosti a o změně souvisejících zákonů (zákon o kybernetické bezpečnosti)]</ref><br/><br/>Security (protection) of [[confidentiality]], [[integrity]] and [[availability]] of information. <ref>[http://www.govcert.cz/download/nodeid-3555/ Cyber Security Explanatory Glossary (2013)]</ref>}}<br />
  
==== [[Denmark]] ====
+
====[[Denmark]]====
 
{{definition|Informationssikkerhed er en bred betegnelse for de samlede for - anstaltninger til at sikre informationer i forhold til fortrolighed, integritet (ændring af data) og tilgængelighed. I arbejdet indgår blandt andet organisering af sikkerhedsarbejdet, påvirkning af adfærd, processer for behandling af data, styring af leverandører samt tekniske sikringsforanstaltninger. <ref>[http://www.enisa.europa.eu/activities/Resilience-and-CIIP/national-cyber-security-strategies-ncsss/DK_NCSS.pdf Danish Cyber Security Strategy, 2014]</ref>}}
 
{{definition|Informationssikkerhed er en bred betegnelse for de samlede for - anstaltninger til at sikre informationer i forhold til fortrolighed, integritet (ændring af data) og tilgængelighed. I arbejdet indgår blandt andet organisering af sikkerhedsarbejdet, påvirkning af adfærd, processer for behandling af data, styring af leverandører samt tekniske sikringsforanstaltninger. <ref>[http://www.enisa.europa.eu/activities/Resilience-and-CIIP/national-cyber-security-strategies-ncsss/DK_NCSS.pdf Danish Cyber Security Strategy, 2014]</ref>}}
 
<br />
 
<br />
====[[Egypt]] ====  
+
====[[Egypt]]====  
{{definition|Information security: The protection of information against unauthorized disclosure, transfer, modification, or destruction, whether accidental or intentional.  <ref>[http://old.tra.gov.eg/glossary/i.pdf Glossary of the National Telecom Authority (NTA),  Egypt]</ref>}}<br /><br/>
+
{{definition|Information security: The protection of information against unauthorized disclosure, transfer, modification, or destruction, whether accidental or intentional.  <ref>[http://old.tra.gov.eg/glossary/i.pdf Glossary of the National Telecom Authority (NTA),  Egypt]</ref>}}<br /><br />
  
 
====[[Finland]]====
 
====[[Finland]]====
 
{{definition|Tietoturva, tietoturvallisuus: järjestelyt, joilla pyritään varmistamaan tiedon saatavuus, eheys ja luottamuksellisuus.<br/><br/>Information Security are arrangements aiming at ensuring the [[availability]], [[integrity]] and [[confidentiality]] of information. -''unofficial translation''- <ref name=TSK>[http://www.spek.fi/loader.aspx?id=1c66e01d-a75e-4a9a-80ec-9816340ce752 Vocabulary of Comprehensive Security. Helsinki (TSK 47) (2014)]</ref>}}<br />
 
{{definition|Tietoturva, tietoturvallisuus: järjestelyt, joilla pyritään varmistamaan tiedon saatavuus, eheys ja luottamuksellisuus.<br/><br/>Information Security are arrangements aiming at ensuring the [[availability]], [[integrity]] and [[confidentiality]] of information. -''unofficial translation''- <ref name=TSK>[http://www.spek.fi/loader.aspx?id=1c66e01d-a75e-4a9a-80ec-9816340ce752 Vocabulary of Comprehensive Security. Helsinki (TSK 47) (2014)]</ref>}}<br />
{{definition|Tietoturvallisuus: Tietoturvallisuudella tarkoitetaan tietojen, palvelujen, järjestelmien ja tietoliikenteen suojaamista ja varmistamista niihin kohdistuvien riskien hallitsemiseksi kaikissa turvallisuustilanteissa hallinnollisilla, teknisillä ja muilla toimenpiteillä.  <ref>[http://www.yhteiskunnanturvallisuus.fi/fi/materiaalit/doc_download/24-yhteiskunnan-turvallisuusstrategia Yhteikunnan Turvallisuusstrategia, Valtioneuvoston periaatepäätös 16.12.2010]</ref><br/><br/>Information security refers to the administrative, technical and other measures that protect and secure information,  services,  systems  and  telecommunications  and  manage  their risks in all security situations. <ref>[http://www.yhteiskunnanturvallisuus.fi/en/materials/doc_download/26-security-strategy-for-society Security Strategy for Society, Government Resolution 16.12.2010]</ref>}}Tietoturvallisuus on myös asiantila, jossa tietojen, tietojärjestelmien ja tietoliikenteen luottamuksellisuuteen, eheyteen ja käytettävyyteen kohdistuvat uhkat eivät aiheuta merkittävää riskiä (Information security is  also a condition in which [[threat|threats]] against the [[confidentiality]]  and  [[integrity]]  of  information,  information  systems  and  telecommunications security do not pose a significant [[risk]]).<br/><br/>
+
{{definition|Tietoturvallisuus: Tietoturvallisuudella tarkoitetaan tietojen, palvelujen, järjestelmien ja tietoliikenteen suojaamista ja varmistamista niihin kohdistuvien riskien hallitsemiseksi kaikissa turvallisuustilanteissa hallinnollisilla, teknisillä ja muilla toimenpiteillä.  <ref>[http://www.yhteiskunnanturvallisuus.fi/fi/materiaalit/doc_download/24-yhteiskunnan-turvallisuusstrategia Yhteikunnan Turvallisuusstrategia, Valtioneuvoston periaatepäätös 16.12.2010]</ref><br/><br/>Information security refers to the administrative, technical and other measures that protect and secure information,  services,  systems  and  telecommunications  and  manage  their risks in all security situations. <ref>[http://www.yhteiskunnanturvallisuus.fi/en/materials/doc_download/26-security-strategy-for-society Security Strategy for Society, Government Resolution 16.12.2010]</ref>}}Tietoturvallisuus on myös asiantila, jossa tietojen, tietojärjestelmien ja tietoliikenteen luottamuksellisuuteen, eheyteen ja käytettävyyteen kohdistuvat uhkat eivät aiheuta merkittävää riskiä (Information security is  also a condition in which [[threat|threats]] against the [[confidentiality]]  and  [[integrity]]  of  information,  information  systems  and  telecommunications security do not pose a significant [[risk]]).<br /><br />
  
==== [[France]] ====
+
====[[France]]====
 
{{definition|Information systems security: All technical and non-technical protective measures enabling an information system to withstand events likely to compromise the [[availability]], [[integrity]] or [[confidentiality]] of stored, processed or transmitted data and of the related services that these systems offer or make accessible. <ref>[http://www.ssi.gouv.fr/uploads/IMG/pdf/2011-02-15_Information_system_defence_and_security_-_France_s_strategy.pdf Information systems defence and security: France's Strategy]</ref><br/><br/>Sécurité des systèmes d’information: Ensemble des mesures techniques et non techniques de protection permettant à un système d’information de résister à des événements susceptibles de compromettre la [[Availability|disponibilité]], [[Integrity|l’intégrité]] ou la [[Confidentiality|confidentialité]] des données stockées, traitées ou transmises et des services connexes que ces systèmes offrent ou qu’ils rendent accessibles. <ref>[http://www.ssi.gouv.fr/uploads/IMG/pdf/2011-02-15_Defense_et_securite_des_systemes_d_information_strategie_de_la_France.pdf La Stratégie de la France en matière de défense et de sécurité des systèmes d’information (2011)]</ref>}}
 
{{definition|Information systems security: All technical and non-technical protective measures enabling an information system to withstand events likely to compromise the [[availability]], [[integrity]] or [[confidentiality]] of stored, processed or transmitted data and of the related services that these systems offer or make accessible. <ref>[http://www.ssi.gouv.fr/uploads/IMG/pdf/2011-02-15_Information_system_defence_and_security_-_France_s_strategy.pdf Information systems defence and security: France's Strategy]</ref><br/><br/>Sécurité des systèmes d’information: Ensemble des mesures techniques et non techniques de protection permettant à un système d’information de résister à des événements susceptibles de compromettre la [[Availability|disponibilité]], [[Integrity|l’intégrité]] ou la [[Confidentiality|confidentialité]] des données stockées, traitées ou transmises et des services connexes que ces systèmes offrent ou qu’ils rendent accessibles. <ref>[http://www.ssi.gouv.fr/uploads/IMG/pdf/2011-02-15_Defense_et_securite_des_systemes_d_information_strategie_de_la_France.pdf La Stratégie de la France en matière de défense et de sécurité des systèmes d’information (2011)]</ref>}}
 
<br />
 
<br />
 +
====[[Gambia]]====
 +
{{definition|Information security: Preservation of [[confidentiality]], [[integrity]] and [[availability]] of information.  <ref>[http://www.moici.gov.gm/sites/default/files/2019-09/20160726%20Gambia%20Strategy%20-%20Cybersecurity%20Strategy_final_with_Gambia_cover_page.pdf  THE GAMBIA NATIONAL CYBERSECURITY STRATEGY (2019)]</ref>}}<br /><br />
 +
 +
====[[Germany]]====
 +
{{definition|Informationssicherheit hat den Schutz von Informationen als Ziel. Dabei können Informationen sowohl auf Papier, in Rechnern oder auch in Köpfen gespeichert sein. <ref>[https://www.bmi.bund.de/SharedDocs/downloads/DE/veroeffentlichungen/2021/09/cybersicherheitsstrategie-2021.pdf Cyber-Sicherheitsstrategie für Deutschland 2021]</ref>}}<br/>
  
==== [[Germany]] ====
 
 
{{definition| IT-Sicherheit (oder Informationssicherheit) ist die Unversehrtheit der [[Authenticity|Authentizität]], [[Confidentiality|
 
{{definition| IT-Sicherheit (oder Informationssicherheit) ist die Unversehrtheit der [[Authenticity|Authentizität]], [[Confidentiality|
 
Vertraulichkeit]], [[Integrity|Integrität]] und [[Availability|Verfügbarkeit]] eines informationstechnischen Systems und der darin verarbeiteten und gespeicherten Daten. (2016) <ref>[http://www.bmi.bund.de/SharedDocs/Downloads/DE/Themen/OED_Verwaltung/Informationsgesellschaft/cybersicherheitsstrategie-2016.pdf?__blob%3DpublicationFile Cyber-Sicherheitsstrategie für Deutschland 2016]</ref><br/><br/>''IT security'' is the condition in which [[availability]], [[integrity]] and [[confidentiality]] of information and [[Information Technology]] are ensured by appropriate [[safeguard|safeguards]]. <ref>Unpublished working glossary of UP KRITIS and BSI, 2014 </ref>}}<br />
 
Vertraulichkeit]], [[Integrity|Integrität]] und [[Availability|Verfügbarkeit]] eines informationstechnischen Systems und der darin verarbeiteten und gespeicherten Daten. (2016) <ref>[http://www.bmi.bund.de/SharedDocs/Downloads/DE/Themen/OED_Verwaltung/Informationsgesellschaft/cybersicherheitsstrategie-2016.pdf?__blob%3DpublicationFile Cyber-Sicherheitsstrategie für Deutschland 2016]</ref><br/><br/>''IT security'' is the condition in which [[availability]], [[integrity]] and [[confidentiality]] of information and [[Information Technology]] are ensured by appropriate [[safeguard|safeguards]]. <ref>Unpublished working glossary of UP KRITIS and BSI, 2014 </ref>}}<br />
  
==== [[Georgia]] ====
+
====[[Georgia]]====
{{definition|ინფორმაციული უსაფრთხოება – საქმიანობა, რომელიც იცავს ინფორმაციას და ინფორმაციულ სისტემებს მისაწვდომობის, ერთიანობის, აუთენტიფიკაციის, კონფიდენციალურობის და განგრძობადი მუშაობის უზრუნველყოფით.  <ref>[http://csbd.gov.ge/doc/cyber_security_politics.docx cyber_security_politics.docx (2012)]</ref><br/><br/>Information security - an activity that protects information and information systems' access, [[integrity]], [[authentication]], [[confidentiality]], and the [[availability|continuing of work]].  <br />(''raw translation - CIPedia looks for a proper translation in English'')}}<br/>
+
{{definition|ინფორმაციული უსაფრთხოება – საქმიანობა, რომელიც იცავს ინფორმაციას და ინფორმაციულ სისტემებს მისაწვდომობის, ერთიანობის, აუთენტიფიკაციის, კონფიდენციალურობის და განგრძობადი მუშაობის უზრუნველყოფით.  <ref>[http://csbd.gov.ge/doc/cyber_security_politics.docx cyber_security_politics.docx (2012)]</ref><br/><br/>Information security - an activity that protects information and information systems' access, [[integrity]], [[authentication]], [[confidentiality]], and the [[availability|continuing of work]].  <br />(''raw translation - CIPedia looks for a proper translation in English'')}}<br />
==== [[Guatemala]] ====
+
====[[Guatemala]]====
 
{{definition|Seguridad de la información: La seguridad de la información garantiza la [[Confidentiality|confidencialidad]], [[Availability|disponibilidad]] e [[Integrity|integridad]] de la información, por medio de la aplicación y gestión de controles apropiados que implican la consideración de una amplia gama de amenazas, con el objetivo de garantizar el éxito organizacional y la continuidad, minimizando las consecuencias de los incidentes de seguridad de la información. Fuente: ISO/IEC 27000:2016 <ref>[http://mingob.gob.gt/wp-content/uploads/2018/06/version-digital.pdf La Estrategia Nacional de Seguridad Cibernética (June 2018)]</ref>}}<br/><br/>
 
{{definition|Seguridad de la información: La seguridad de la información garantiza la [[Confidentiality|confidencialidad]], [[Availability|disponibilidad]] e [[Integrity|integridad]] de la información, por medio de la aplicación y gestión de controles apropiados que implican la consideración de una amplia gama de amenazas, con el objetivo de garantizar el éxito organizacional y la continuidad, minimizando las consecuencias de los incidentes de seguridad de la información. Fuente: ISO/IEC 27000:2016 <ref>[http://mingob.gob.gt/wp-content/uploads/2018/06/version-digital.pdf La Estrategia Nacional de Seguridad Cibernética (June 2018)]</ref>}}<br/><br/>
  
==== [[Italy]] ====
+
====[[Italy]]====
{{definition|Information Security: Often complex security measures to ensure integrity, confidentiality and availability of information classified as state secret or blankets and related information and communication systems, for example through user authentication.  <ref>[https://www.sicurezzanazionale.gov.it/sisr.nsf/wp-content/uploads/2013/12/Glossario-intelligence-2013.pdf IL LINGUAGGIO DEGLI ORGANISMI INFORMATIVI Glossario (2013)]</ref>}}It includes the necessary safeguards to detect and counter intrusions. <br/><br/>
+
{{definition|Information Security: Often complex security measures to ensure integrity, confidentiality and availability of information classified as state secret or blankets and related information and communication systems, for example through user authentication.  <ref>[https://www.sicurezzanazionale.gov.it/sisr.nsf/wp-content/uploads/2013/12/Glossario-intelligence-2013.pdf IL LINGUAGGIO DEGLI ORGANISMI INFORMATIVI Glossario (2013)]</ref>}}It includes the necessary safeguards to detect and counter intrusions. <br /><br />
==== [[Jamaica]] ====
+
====[[Jamaica]]====
 
{{definition|Information security is the protection of information and [[Information System|information systems]] from unauthorized access, use, disclosure, [[disruption]], modification, or destruction. <ref>[http://www.mstem.gov.jm/sites/default/files/documents/Jamaica%20National%20Cyber%20Security%20Strategy.pdf Jamaica's National Cyber Security Strategy]</ref>}}  
 
{{definition|Information security is the protection of information and [[Information System|information systems]] from unauthorized access, use, disclosure, [[disruption]], modification, or destruction. <ref>[http://www.mstem.gov.jm/sites/default/files/documents/Jamaica%20National%20Cyber%20Security%20Strategy.pdf Jamaica's National Cyber Security Strategy]</ref>}}  
 
Note: The terms information security, computer security and information assurance are understood for these purposes as being interchangeable. <br />
 
Note: The terms information security, computer security and information assurance are understood for these purposes as being interchangeable. <br />
==== [[Japan]] ====
+
====[[Japan]]====
{{definition|Information security is to make the IT infrastructure as to be "truly reliable and rigid” concerning 1) sustainable development through the use of IT, 2) achievement higher quality of life of people through the use of IT, 3) security against the threats related to the use of IT. <ref>[http://www.nisc.go.jp/eng/pdf/national_strategy_001_eng.pdf The Second National Strategy on Information Security, Japan, 2009]</ref>}}<br/><br/>
+
{{definition|Information security is to make the IT infrastructure as to be "truly reliable and rigid” concerning 1) sustainable development through the use of IT, 2) achievement higher quality of life of people through the use of IT, 3) security against the threats related to the use of IT. <ref>[http://www.nisc.go.jp/eng/pdf/national_strategy_001_eng.pdf The Second National Strategy on Information Security, Japan, 2009]</ref>}}<br /><br />
==== [[Jordan]] ====
+
====[[Jordan]]====
{{definition|Information Security (InfoSec) is the practice of defending information from unauthorised access, use, disclosure, disruption, modification, perusal, inspection, recording, or destruction. Information Security is a general term that can be used regardless of the form that the data may take (e.g. electronic, physical, etc.)  <ref>[http://moict.gov.jo/uploads/studies/National%20Cyber%20Security%20Strategy%202018-2023.pdf National Cyber Security Strategy (2018-2023)]</ref>}} <br/><br/>
+
{{definition|Information Security (InfoSec) is the practice of defending information from unauthorised access, use, disclosure, disruption, modification, perusal, inspection, recording, or destruction. Information Security is a general term that can be used regardless of the form that the data may take (e.g. electronic, physical, etc.)  <ref>[http://moict.gov.jo/uploads/studies/National%20Cyber%20Security%20Strategy%202018-2023.pdf National Cyber Security Strategy (2018-2023)]</ref>}} <br /><br />
 
====[[Kuwait]]====
 
====[[Kuwait]]====
{{definition|Information security is focused on protecting specific individual systems and the information within organizations. The model for information security defines three objectives: [[Confidentiality]], [[Integrity]], and [[Availability]].  <ref>[https://citra.gov.kw/sites/en/Pages/Glossary.aspx Glossary Communication and Information Technology Regulatory]</ref>}}<br/><br/>
+
{{definition|Information security is focused on protecting specific individual systems and the information within organizations. The model for information security defines three objectives: [[Confidentiality]], [[Integrity]], and [[Availability]].  <ref>[https://citra.gov.kw/sites/en/Pages/Glossary.aspx Glossary Communication and Information Technology Regulatory]</ref>}}<br /><br />
  
 
====[[Macedonia]]====
 
====[[Macedonia]]====
{{definition|Информациска безбедност Информациска безбедност - состојбата на доверливост, интегритет и достапност на информации, постигната со примена на соодветни безбедносни мерки.  <ref>[http://www.mioa.gov.mk/sites/default/files/pbl_files/documents/strategies/ns_sajber_bezbednost_2018-2022.pdf НАЦИОНАЛНА СТРАТЕГИЈА ЗА САЈБЕР БЕЗБЕДНОСТ НА РЕПУБЛИКА МАКЕДОНИЈА 2018 -2022]</ref> <ref>http://www.mioa.gov.mk/sites/default/files/pbl_files/documents/strategies/cyber_security_strategy_macedonia_2018-2022_-_eng.pdf National Cyber Security Strategy of the Republic of Macedonia (2018)]</ref>}}<br/>
+
{{definition|Информациска безбедност Информациска безбедност - состојбата на доверливост, интегритет и достапност на информации, постигната со примена на соодветни безбедносни мерки.  <ref>[http://www.mioa.gov.mk/sites/default/files/pbl_files/documents/strategies/ns_sajber_bezbednost_2018-2022.pdf НАЦИОНАЛНА СТРАТЕГИЈА ЗА САЈБЕР БЕЗБЕДНОСТ НА РЕПУБЛИКА МАКЕДОНИЈА 2018 -2022]</ref> <ref>[http://www.mioa.gov.mk/sites/default/files/pbl_files/documents/strategies/cyber_security_strategy_macedonia_2018-2022_-_eng.pdf National Cyber Security Strategy of the Republic of Macedonia (2018)]</ref>}}<br />
==== [[Mongolia]] ====
+
 
 +
====[[Mongolia]]====
 
{{definition|Information security means the situation where conditions are ensured for the Government to assess objectively the country’s actual internal and external situation and make correct decisions, for government organs and the people to have the necessary information for the exercise of their powers and rights provided by the Constitution and for the dissemination abroad of information about Mongolia. <ref>[http://www.nsc.gov.mn/sites/default/files/images/National Security Concept of Mongolia EN.pdf The Concept of National Security of Mongolia, Government of Mongolia]</ref>}}<br />
 
{{definition|Information security means the situation where conditions are ensured for the Government to assess objectively the country’s actual internal and external situation and make correct decisions, for government organs and the people to have the necessary information for the exercise of their powers and rights provided by the Constitution and for the dissemination abroad of information about Mongolia. <ref>[http://www.nsc.gov.mn/sites/default/files/images/National Security Concept of Mongolia EN.pdf The Concept of National Security of Mongolia, Government of Mongolia]</ref>}}<br />
  
 
====[[Montenegro]]====
 
====[[Montenegro]]====
 
{{definition| Informaciona bezbjednost podrazumijeva stanje povjerljivosti, cjelovitosti i dostupnosti podataka. Informaciona bezbjednost se fokusira na podatke bez obzira na njihovu formu: elektronski, štampani ili drugi oblici podataka. <ref>[http://www.mid.gov.me/ResourceManager/FileDownload.aspx?rid=146722&rType=2&file=Strategija%20o%20bezbjednosti%202013-2017.pdf Strategija o bezbjednosti 2013-2017 (2012)]</ref><br /><br />Information security means the condition of confidentiality, integrity and availability of data. Information security focuses on data, regardless of their form: electronic, print or other forms of data.}}<br />
 
{{definition| Informaciona bezbjednost podrazumijeva stanje povjerljivosti, cjelovitosti i dostupnosti podataka. Informaciona bezbjednost se fokusira na podatke bez obzira na njihovu formu: elektronski, štampani ili drugi oblici podataka. <ref>[http://www.mid.gov.me/ResourceManager/FileDownload.aspx?rid=146722&rType=2&file=Strategija%20o%20bezbjednosti%202013-2017.pdf Strategija o bezbjednosti 2013-2017 (2012)]</ref><br /><br />Information security means the condition of confidentiality, integrity and availability of data. Information security focuses on data, regardless of their form: electronic, print or other forms of data.}}<br />
==== [[Netherlands]] ====
+
====[[Netherlands]]====
 +
===== Cyber Security Centre =====
 
{{definition|Informatiebeveiliging is het proces van het vaststellen van de vereiste betrouwbaarheid van informatiesystemen in termen van vertrouwelijkheid, beschikbaarheid en integriteit, alsmede het treffen, onderhouden en controleren van een samenhangend pakket van bijbehorende maatregelen. <ref>[https://www.ncsc.nl/binaries/content/documents/ncsc-nl/actueel/cybersecuritybeeld-nederland/cybersecuritybeeld-nederland-2018/1/CSBN_2018.pdf Cyber Security Beeld Nederland 2018]</ref>}}<br/>
 
{{definition|Informatiebeveiliging is het proces van het vaststellen van de vereiste betrouwbaarheid van informatiesystemen in termen van vertrouwelijkheid, beschikbaarheid en integriteit, alsmede het treffen, onderhouden en controleren van een samenhangend pakket van bijbehorende maatregelen. <ref>[https://www.ncsc.nl/binaries/content/documents/ncsc-nl/actueel/cybersecuritybeeld-nederland/cybersecuritybeeld-nederland-2018/1/CSBN_2018.pdf Cyber Security Beeld Nederland 2018]</ref>}}<br/>
{{definition|''Informatiebeveiliging'' is het behouden van de vertrouwelijkheid, integriteit en beschikbaarheid van informatie. <ref>NEN-ISO/IEC-27001 en 27002</ref>}}  
+
===== NEN-ISO =====
* Integriteit is de eigenschap dat de nauwkeurigheid en volledigheid van bedrijfsmiddelen wordt beveiligd.  
+
{{definition|''Informatiebeveiliging'' is het behouden van de vertrouwelijkheid, integriteit en beschikbaarheid van informatie. (NEN-ISO/IEC-27001& 27002) <ref>NEN-ISO/IEC-27001 en 27002</ref>}}
* Vertrouwelijkheid is de eigenschap dat informatie niet beschikbaar wordt gesteld of wordt ontsloten aan onbevoegde personen, entiteiten of processen.  
+
*Integriteit is de eigenschap dat de nauwkeurigheid en volledigheid van bedrijfsmiddelen wordt beveiligd.
* Beschikbaarheid is het kenmerk dat iets toegankelijk en bruikbaar is op verzoek van een bevoegde entiteit.<br /><br/>
+
*Vertrouwelijkheid is de eigenschap dat informatie niet beschikbaar wordt gesteld of wordt ontsloten aan onbevoegde personen, entiteiten of processen.
 +
*Beschikbaarheid is het kenmerk dat iets toegankelijk en bruikbaar is op verzoek van een bevoegde entiteit.<br/>
 +
===== National security =====
 +
{{definition|Informatiebeveiliging is dat gedeelte van de beveiliging dat betrekking heeft op de verwerking van ''Bijzondere Informatie'' in ICT-systemen en netwerken. <ref>[https://www.defensie.nl/binaries/defensie/documenten/beleidsnota-s/2006/08/13/abdo-2006/abdo-2006.pdf Algemene Beveiligingseisen voor Defensieopdrachten (ABDO), 2006]</ref>}}''Bijzondere Informatie'' wordt onderscheiden in Staatsgeheimen en in niet-Staatsgeheime Bijzondere Informatie. Er is sprake van een Staatsgeheim als het belang van de Staat of zijn bondgenoten in het geding is en indien kennisname door niet-gerechtigden kan leiden tot schade aan deze belangen. Er is sprake van niet-Staatsgeheime Bijzondere Informatie indien kennisname door nietgerechtigden kan leiden tot nadeel aan het belang van één of meer ministeries.<br/>
 +
===== NEN 7510 - Health sector =====
 +
{{definition|''Informatiebeveiliging'' Behoud van de [[Availability|beschikbaarheid]], [[Integrity|integriteit]] en [[Confidentiality|vertrouwelijkheid]] (BIV) van informatie. (NEN 7510) <ref>[https://www.nen.nl/NEN-Shop/Norm/NEN-751012017A12020-nl.htm NEN 7510-1]</ref> <ref>[https://www.nen.nl/NEN-Shop/Norm/NEN-751022017-nl.htm NEN 7510-2]</ref>}}
 +
* Integriteit is hierbij de eigenschap van nauwkeurigheid en volledigheid.
 +
* Vertrouwelijkheid is hierbij de eigenschap dat informatie niet beschikbaar of niet bekend wordt gemaakt aan onbevoegde personen, entiteiten of processen.
 +
* Beschikbaarheid is hierbij de eigenschap van het toegankelijk en bruikbaar zijn op verzoek van een bevoegde entiteit.<br/>
 +
===== Other =====
 +
{{definition|Information security is taking and maintaining a coherent set of [[Measure|measures]] to guarantee the [[availability]], [[integrity]] and [[confidentiality]] of information.<br/><br/>Het treffen en onderhouden van een samenhangend pakket aan maatregelen om de beschikbaarheid, integriteit en vertrouwelijkheid te borgen. <ref>[http://www.pblq.nl/media/63123/HEC%20Zakboekje%20preventie%20cybercrime.pdf Zakboekje Preventie Cybercrime (2008]</ref>}}<br/>
 +
{{definition|Informatiebeveiliging is het proces van vaststellen van de vereiste kwaliteit van informatie(systemen) in termen van [[Confidentiality|vertrouwelijkheid]], [[Availability|beschikbaarheid]], [[Integrity|integriteit]], [[Non-repudiation|onweerlegbaarheid]] en controleerbaarheid alsook het treffen, onderhouden en controleren van een samenhangend packet van bijbehorende (fysieke, organisatorische en logische) beveiligingsmaatregelen. <ref>2016 Nationaal Cyber Security Beeld</ref>}}<br/><br/>
  
{{definition|Information security is taking and maintaining a coherent set of [[Measure|measures]] to guarantee the [[availability]], [[integrity]] and [[confidentiality]] of information.<br/><br/>Het treffen en onderhouden van een samenhangend pakket aan maatregelen om de beschikbaarheid, integriteit en vertrouwelijkheid te borgen. <ref>[http://www.pblq.nl/media/63123/HEC%20Zakboekje%20preventie%20cybercrime.pdf Zakboekje Preventie Cybercrime (2008]</ref>}}<br />
+
====[[Norway]]====
{{definition|Informatiebeveiliging is het proces van vaststellen van de vereiste kwaliteit van informatie(systemen) in termen van [[Confidentiality|vertrouwelijkheid]], [[Availability|beschikbaarheid]], [[Integrity|integriteit]], [[Non-repudiation|onweerlegbaarheid]] en controleerbaarheid alsook het treffen, onderhouden en controleren van een samenhangend packet van bijbehorende (fysieke, organisatorische en logische) beveiligingsmaatregelen. <ref>[https://www.ncsc.nl/actueel/Cybersecuritybeeld+Nederland/cybersecuritybeeld-nederland-2016.html Cybersecuritybeeld Nederland 2016]</ref>}}<br />
+
{{definition|Cyber security has to do with protecting “everything” that is vulnerable because it is connected to or otherwise dependent on information and communication technology. The term is used synonymously with the terms “ICT security” and “digital security”. <ref>[https://www.regjeringen.no/contentassets/c57a0733652f47688294934ffd93fc53/national-cyber-security-strategy-for-norway.pdf National Cyber Security Strategy for Norway (2019)]</ref><br/><br/>Digital sikkerhet handler om beskyttelse av «alt» som er sårbart fordi det er koblet til eller på annen måte avhengig av informasjons- og kommunikasjonsteknologi. Brukes synonymt med begrepene IKT-sikkerhet og cybersikkerhet. <ref>[https://www.regjeringen.no/contentassets/c57a0733652f47688294934ffd93fc53/nasjonal-strategi-for-digital-sikkerhet.pdf Nasjonal strategi for digital sikkerhet (2019)]</ref>}}<br />
{{definition|Informatiebeveiliging is dat gedeelte van de beveiliging dat betrekking heeft op de verwerking van ''Bijzondere Informatie'' in ICT-systemen en netwerken. <ref>[https://www.defensie.nl/binaries/defensie/documenten/beleidsnota-s/2006/08/13/abdo-2006/abdo-2006.pdf Algemene Beveiligingseisen voor Defensieopdrachten (ABDO), 2006]</ref>}}''Bijzondere Informatie'' wordt onderscheiden in Staatsgeheimen en in niet-Staatsgeheime Bijzondere Informatie. Er is sprake van een Staatsgeheim als het belang van de Staat of zijn bondgenoten in het geding is en indien kennisname door niet-gerechtigden kan leiden tot schade aan deze belangen. Er is sprake van niet-Staatsgeheime Bijzondere Informatie indien kennisname door nietgerechtigden kan leiden tot nadeel aan het belang van één of meer ministeries.<br /><br/>
+
{{definition|IKT-sikkerhet: Hvordan elektroniske nettverk og systemer som behandler data eller kommuniserer med hverandre, og som virksomhetene er avhengig av for å fungere effektivt, skal beskyttes. <ref>[https://www.regjeringen.no/globalassets/upload/fad/vedlegg/ikt-politikk/nasjonal_strategi_infosikkerhet.pdf Nasjonal strategi for informasjonssikkerhet (2012)]</ref><br/><br/>ICT security is how business-critical electronic networks and systems that process data or communicate with each other are protected. <ref>[https://www.regjeringen.no/globalassets/upload/fad/vedlegg/ikt-politikk/cyber_security_strategy_norway.pdf Cyber Security Strategy for Norway (2012)]</ref>}}<br /><br />
  
==== [[Norway]] ====
+
====[[Philippines]]====
{{definition|Cyber security has to do with protecting “everything” that is vulnerable because it is connected to or otherwise dependent on information and communication technology. The term is used synonymously with the terms “ICT security” and “digital security”. <ref>[https://www.regjeringen.no/contentassets/c57a0733652f47688294934ffd93fc53/national-cyber-security-strategy-for-norway.pdf National Cyber Security Strategy for Norway (2019)]</ref><br/><br/>Digital sikkerhet handler om beskyttelse av «alt» som er sårbart fordi det er koblet til eller på annen måte avhengig av informasjons- og kommunikasjonsteknologi. Brukes synonymt med begrepene IKT-sikkerhet og cybersikkerhet. <ref>[https://www.regjeringen.no/contentassets/c57a0733652f47688294934ffd93fc53/nasjonal-strategi-for-digital-sikkerhet.pdf Nasjonal strategi for digital sikkerhet (2019)]</ref>}}<br/>
+
{{definition|Information security is the protection of information and information systems from unauthorized access, use, disclosure, disruption, modification, or destruction in order to provide [[confidentiality]], [[integrity]], and [[availability]]. <ref>[http://www.dnd.gov.ph/miss/PDF/downloadables/Cybersecurity%20Glossary%20(Edited).pdf DND GLOSSARY OF CYBER SECURITY TERMS (v.4)]</ref>}}<br />
{{definition|IKT-sikkerhet: Hvordan elektroniske nettverk og systemer som behandler data eller kommuniserer med hverandre, og som virksomhetene er avhengig av for å fungere effektivt, skal beskyttes. <ref>[https://www.regjeringen.no/globalassets/upload/fad/vedlegg/ikt-politikk/nasjonal_strategi_infosikkerhet.pdf Nasjonal strategi for informasjonssikkerhet (2012)]</ref><br/><br/>ICT security is how business-critical electronic networks and systems that process data or communicate with each other are protected. <ref>[https://www.regjeringen.no/globalassets/upload/fad/vedlegg/ikt-politikk/cyber_security_strategy_norway.pdf Cyber Security Strategy for Norway (2012)]</ref>}}<br /><br/>
 
  
==== [[Philippines]] ====
+
{{definition|Information Security: A set of strategies for managing the processes, tools and policies necessary to prevent, detect, document and counter threats to digital and nondigital information. <ref>[https://digital.nhs.uk/services/data-and-cyber-security-protecting-information-and-data-in-health-and-care/cyber-and-data-security-policy-and-good-practice-in-health-and-care/cyber-and-data-security-resources/cyber-security-glossary NHS Cyber security glossary]</ref>}}<br /><br />
{{definition|Information security is the protection of information and information systems from unauthorized access, use, disclosure, disruption, modification, or destruction in order to provide [[confidentiality]], [[integrity]], and [[availability]]. <ref>[http://www.dnd.gov.ph/miss/PDF/downloadables/Cybersecurity%20Glossary%20(Edited).pdf DND GLOSSARY OF CYBER SECURITY TERMS (v.4)]</ref>}}<br/>
 
  
{{definition|Information Security: A set of strategies for managing the processes, tools and policies necessary to prevent, detect, document and counter threats to digital and nondigital information. <ref>[https://digital.nhs.uk/services/data-and-cyber-security-protecting-information-and-data-in-health-and-care/cyber-and-data-security-policy-and-good-practice-in-health-and-care/cyber-and-data-security-resources/cyber-security-glossary NHS Cyber security glossary]</ref>}}<br/><br/>
+
====[[Portugal]]====  
 
 
====[[Portugal]] ====  
 
 
{{definition|[Definição] INFOSEC: A aplicação de medidas de segurança para proteger a informação processada, armazenada ou transmitida em Sistemas de Tecnologia da Informação e Comunicações contra a perda de confidencialidade, integridade ou disponibilidade, acidental ou intencional, e para prevenir a perda de integridade ou disponibilidade dos sistemas. <ref>[https://www.cncs.gov.pt/recursos/glossario/ Glossário Centro National de Cibersegurança Portugal]</ref>}}<br />
 
{{definition|[Definição] INFOSEC: A aplicação de medidas de segurança para proteger a informação processada, armazenada ou transmitida em Sistemas de Tecnologia da Informação e Comunicações contra a perda de confidencialidade, integridade ou disponibilidade, acidental ou intencional, e para prevenir a perda de integridade ou disponibilidade dos sistemas. <ref>[https://www.cncs.gov.pt/recursos/glossario/ Glossário Centro National de Cibersegurança Portugal]</ref>}}<br />
{{definition|[Definição] Segurança da Informação: Proteção dos sistemas de informação contra o acesso ou a modificação não autorizados da informação, durante o seu armazenamento, processamento ou transmissão, e contra a negação de serviço a utilizadores autorizados ou o fornecimento de serviço a utilizadores não autorizados, incluindo as medidas necessárias para detetar, documentar e contrariar tais ameaças. <ref>[https://www.cncs.gov.pt/recursos/glossario/ Glossário Centro National de Cibersegurança Portugal]</ref>}}<br /><br/>
+
{{definition|[Definição] Segurança da Informação: Proteção dos sistemas de informação contra o acesso ou a modificação não autorizados da informação, durante o seu armazenamento, processamento ou transmissão, e contra a negação de serviço a utilizadores autorizados ou o fornecimento de serviço a utilizadores não autorizados, incluindo as medidas necessárias para detetar, documentar e contrariar tais ameaças. <ref>[https://www.cncs.gov.pt/recursos/glossario/ Glossário Centro National de Cibersegurança Portugal]</ref>}}<br /><br />
  
==== [[Russian Federation]] ====
+
====[[Russian Federation]]====
 
{{definition|информационная безопасность ''Российской Федерации'' (далее - информационная безопасность) - состояние защищенности личности, общества и государства от внутренних и внешних информационных угроз, при котором обеспечиваются реализация конституционных прав и свобод человека и гражданина, достойные качество и уровень жизни граждан, суверенитет, территориальная целостность и устойчивое социально-экономическое развитие ''Российской Федерации'', оборона и безопасность государства  <ref>[http://publication.pravo.gov.ru/Document/GetFile/0001201612060002?type&equals;pdf Указ Президента Российской Федерации от 05.12.2016 № 646 "Об утверждении Доктрины информационной безопасности Российской Федерации" <br/>(Presidential Decree of 12.5.2016 number 646 "On approval of the Doctrine of the Russian Federation Information Security")]</ref>}}(raw translation) Information security ''of the Russian Federation'' (hereinafter - information security) - the state of protection of the individual, society and state from internal and external IT threats, which provide realisation of constitutional rights and freedoms of man and citizen, decent quality and standard of living of citizens, sovereignty, territorial integrity and sustainable socio-economic development ''of the Russian Federation'', the defense and security of the state.
 
{{definition|информационная безопасность ''Российской Федерации'' (далее - информационная безопасность) - состояние защищенности личности, общества и государства от внутренних и внешних информационных угроз, при котором обеспечиваются реализация конституционных прав и свобод человека и гражданина, достойные качество и уровень жизни граждан, суверенитет, территориальная целостность и устойчивое социально-экономическое развитие ''Российской Федерации'', оборона и безопасность государства  <ref>[http://publication.pravo.gov.ru/Document/GetFile/0001201612060002?type&equals;pdf Указ Президента Российской Федерации от 05.12.2016 № 646 "Об утверждении Доктрины информационной безопасности Российской Федерации" <br/>(Presidential Decree of 12.5.2016 number 646 "On approval of the Doctrine of the Russian Federation Information Security")]</ref>}}(raw translation) Information security ''of the Russian Federation'' (hereinafter - information security) - the state of protection of the individual, society and state from internal and external IT threats, which provide realisation of constitutional rights and freedoms of man and citizen, decent quality and standard of living of citizens, sovereignty, territorial integrity and sustainable socio-economic development ''of the Russian Federation'', the defense and security of the state.
<br/>
+
<br />
 
{{definition|информационная безопасность – состояние защищенности личности, организации и государства и их интересов от угроз, деструктивных и иных негативных воздействий в информационном пространстве <ref>[http://council.gov.ru/media/files/41d4b3dfbdb25cea8a73.pdf КОНЦЕПЦИЯ СТРАТЕГИИ КИБЕРБЕЗОПАСНОСТИ РОССИЙСКОЙ ФЕДЕРАЦИИ (Draft Cyber Security Strategy 2016)]</ref><br/><br/>Information security (raw translation): the state of protection of the individual, the organization and the state and their interests from threats, destructive and other negative impacts in the [[Cyberspace|information space]]. }}  
 
{{definition|информационная безопасность – состояние защищенности личности, организации и государства и их интересов от угроз, деструктивных и иных негативных воздействий в информационном пространстве <ref>[http://council.gov.ru/media/files/41d4b3dfbdb25cea8a73.pdf КОНЦЕПЦИЯ СТРАТЕГИИ КИБЕРБЕЗОПАСНОСТИ РОССИЙСКОЙ ФЕДЕРАЦИИ (Draft Cyber Security Strategy 2016)]</ref><br/><br/>Information security (raw translation): the state of protection of the individual, the organization and the state and their interests from threats, destructive and other negative impacts in the [[Cyberspace|information space]]. }}  
 
<br />
 
<br />
==== [[Serbia]] ====
+
====[[Serbia]]====
 
{{definition|информациона безбедност представља скуп мера које омогућавају да подаци којима се рукује путем ИКТ система буду заштићени од неовлашћеног приступа, као и да се заштити интегритет, расположивост, аутентичност и непорецивост тих података, да би тај систем функционисао како је предвиђено, када је предвиђено и под контролом овлашћених лица. <ref>[http://www.parlament.gov.rs/upload/archive/files/cir/pdf/predlozi_zakona/3515-15.pdf ЗАКОН О ИНФОРМАЦИОНОЈ БЕЗБЕДНОСТИ (Law on Information Security), Serbia]</ref>}}<br><br>
 
{{definition|информациона безбедност представља скуп мера које омогућавају да подаци којима се рукује путем ИКТ система буду заштићени од неовлашћеног приступа, као и да се заштити интегритет, расположивост, аутентичност и непорецивост тих података, да би тај систем функционисао како је предвиђено, када је предвиђено и под контролом овлашћених лица. <ref>[http://www.parlament.gov.rs/upload/archive/files/cir/pdf/predlozi_zakona/3515-15.pdf ЗАКОН О ИНФОРМАЦИОНОЈ БЕЗБЕДНОСТИ (Law on Information Security), Serbia]</ref>}}<br><br>
==== [[Switzerland]]====
+
====[[Switzerland]]====
{{definition|Information security / ICT security: Information security (or ICT security) is the intactness of the authenticity, confidentiality, integrity and availability of an information and communication technology system and the data processed and stored therein. <ref>[https://www.isb.admin.ch/dam/isb/en/dokumente/ikt-vorgaben/strategien/ncs/Nationale_Strategie_Schutz_Schweiz_vor_Cyber-Risiken_NCS_2018-22_EN.pdf.download.pdf  SN002 - National strategy for Switzerland’s protection against cyber risks (NCS) 2018-2022 (2018)]</ref><br/><br/>Informationssicherheit / IKT-Sicherheit: Informationssicherheit (oder IKT-Sicherheit) ist die Unversehrtheit der Authentizität, Vertraulichkeit, Integrität und Verfügbarkeit eines informations- und kommunikationstechnischen Systems und der darin verarbeiteten und gespeicherten Daten. <ref> [https://www.isb.admin.ch/dam/isb/de/dokumente/ikt-vorgaben/strategien/ncs/Nationale_Strategie_Schutz_Schweiz_vor_Cyber-Risiken_NCS_2018-22_DE.pdf.download.pdf SN002 - Nationale Strategie zum Schutz der Schweiz vor Cyber-Risiken (NCS) 2018-2022 (2018)]</ref><br/><br/>Sécurité de l’information / sécurité informatique: La sécurité de l’information (ou sécurité informatique) vise à garantir l’authenticité, la confidentialité, l’intégrité et la disponibilité des données traitées par un système d’information et de communication ou enregistrées dans celui-ci. <ref>[https://www.isb.admin.ch/dam/isb/fr/dokumente/ikt-vorgaben/strategien/ncs/Nationale_Strategie_Schutz_Schweiz_vor_Cyber-Risiken_NCS_2018-22_FR.pdf.download.pdf SN002 - Stratégie nationale de protection de la Suisse contre les cyberrisques (SNPC) 2018-2022 (2018)]</ref><br/><br/>Sicurezza delle informazioni/ Sicurezza delle TIC: La sicurezza delle informazioni (o sicurezza delle TIC) è data dalla garanzia dell’autenticità, della confidenzialità, dell’integrità e della accessibilità di un sistema TIC e dei dati che vengono elaborati e salvati in questo sistema. <ref>[https://www.isb.admin.ch/dam/isb/it/dokumente/ikt-vorgaben/strategien/ncs/Nationale_Strategie_Schutz_Schweiz_vor_Cyber-Risiken_NCS_2018-22_IT.pdf.download.pdf SN002 - Strategia nazionale per la protezione della Svizzera contro i cyber-rischi (SNPC) 2018-2022 (2018)]</ref>}}<br/>
+
{{definition|Information security / ICT security: Information security (or ICT security) is the intactness of the authenticity, confidentiality, integrity and availability of an information and communication technology system and the data processed and stored therein. <ref>[https://www.isb.admin.ch/dam/isb/en/dokumente/ikt-vorgaben/strategien/ncs/Nationale_Strategie_Schutz_Schweiz_vor_Cyber-Risiken_NCS_2018-22_EN.pdf.download.pdf  SN002 - National strategy for Switzerland’s protection against cyber risks (NCS) 2018-2022 (2018)]</ref><br/><br/>Informationssicherheit / IKT-Sicherheit: Informationssicherheit (oder IKT-Sicherheit) ist die Unversehrtheit der Authentizität, Vertraulichkeit, Integrität und Verfügbarkeit eines informations- und kommunikationstechnischen Systems und der darin verarbeiteten und gespeicherten Daten. <ref> [https://www.isb.admin.ch/dam/isb/de/dokumente/ikt-vorgaben/strategien/ncs/Nationale_Strategie_Schutz_Schweiz_vor_Cyber-Risiken_NCS_2018-22_DE.pdf.download.pdf SN002 - Nationale Strategie zum Schutz der Schweiz vor Cyber-Risiken (NCS) 2018-2022 (2018)]</ref><br/><br/>Sécurité de l’information / sécurité informatique: La sécurité de l’information (ou sécurité informatique) vise à garantir l’authenticité, la confidentialité, l’intégrité et la disponibilité des données traitées par un système d’information et de communication ou enregistrées dans celui-ci. <ref>[https://www.isb.admin.ch/dam/isb/fr/dokumente/ikt-vorgaben/strategien/ncs/Nationale_Strategie_Schutz_Schweiz_vor_Cyber-Risiken_NCS_2018-22_FR.pdf.download.pdf SN002 - Stratégie nationale de protection de la Suisse contre les cyberrisques (SNPC) 2018-2022 (2018)]</ref><br/><br/>Sicurezza delle informazioni/ Sicurezza delle TIC: La sicurezza delle informazioni (o sicurezza delle TIC) è data dalla garanzia dell’autenticità, della confidenzialità, dell’integrità e della accessibilità di un sistema TIC e dei dati che vengono elaborati e salvati in questo sistema. <ref>[https://www.isb.admin.ch/dam/isb/it/dokumente/ikt-vorgaben/strategien/ncs/Nationale_Strategie_Schutz_Schweiz_vor_Cyber-Risiken_NCS_2018-22_IT.pdf.download.pdf SN002 - Strategia nazionale per la protezione della Svizzera contro i cyber-rischi (SNPC) 2018-2022 (2018)]</ref>}}<br />
  
==== [[Uganda]] ====
+
====[[Uganda]]====
 
{{definition|Information security is the protection information and information systems from unauthorized access, use, disclosure, disruption, modification or destruction. <ref>[http://www.nita.go.ug/sites/default/files/publications/National%20Information%20Security%20Policy%20v1.0_0.pdf National Information Security Policy (2011)]</ref>}}<br />
 
{{definition|Information security is the protection information and information systems from unauthorized access, use, disclosure, disruption, modification or destruction. <ref>[http://www.nita.go.ug/sites/default/files/publications/National%20Information%20Security%20Policy%20v1.0_0.pdf National Information Security Policy (2011)]</ref>}}<br />
==== [[Ukraine]] ====
+
====[[Ukraine]]====
 
{{definition|“information security” must be understood as the kind of protection of a State’s information space that allows the attainment of its national interests and observance of the rights of the individual, society and the State. <ref>[https://disarmament-library.un.org/UNODA/Library.nsf/c793d171848bac2b85256d7500700384/b69c21ea9dcbb95785256dc10058b4c9/$FILE/sg58.373.pdf Ukraine, Submission to the United Nations General Assembly Resolution A/58/373, 2003]</ref>}}<br><br>
 
{{definition|“information security” must be understood as the kind of protection of a State’s information space that allows the attainment of its national interests and observance of the rights of the individual, society and the State. <ref>[https://disarmament-library.un.org/UNODA/Library.nsf/c793d171848bac2b85256d7500700384/b69c21ea9dcbb95785256dc10058b4c9/$FILE/sg58.373.pdf Ukraine, Submission to the United Nations General Assembly Resolution A/58/373, 2003]</ref>}}<br><br>
  
 
====[[United States]]====
 
====[[United States]]====
===== FISMA =====
+
=====FISMA=====
{{definition|Information security means protecting information and information systems from unauthorized access, use, disclosure, disruption, modification, or destruction in order to provide - (A) [[integrity]], which means guarding against improper information modification or destruction, and includes ensuring information nonrepudiation and authenticity; (B) [[confidentiality]], which means preserving authorized restrictions on access and disclosure, including means for protecting personal privacy and proprietary information; and (C) [[availability]], which means ensuring timely and reliable access to and use of information. <ref>[http://uscode.house.gov/view.xhtml?req=granuleid:USC-prelim-title44-section3552&num=0&edition=prelim The Federal Information Security Modernization Act of 2014 (FISMA)44 U.S.C. § 3552(b)(2). ]</ref>}}<br/>
+
{{definition|Information security means protecting information and information systems from unauthorized access, use, disclosure, disruption, modification, or destruction in order to provide - (A) [[integrity]], which means guarding against improper information modification or destruction, and includes ensuring information nonrepudiation and authenticity; (B) [[confidentiality]], which means preserving authorized restrictions on access and disclosure, including means for protecting personal privacy and proprietary information; and (C) [[availability]], which means ensuring timely and reliable access to and use of information. <ref>[http://uscode.house.gov/view.xhtml?req=granuleid:USC-prelim-title44-section3552&num=0&edition=prelim The Federal Information Security Modernization Act of 2014 (FISMA)44 U.S.C. § 3552(b)(2). ]</ref>}}<br />
 
=====[[NIST]]=====
 
=====[[NIST]]=====
{{definition|The protection of information and information systems from unauthorized access, use, disclosure, disruption, modification, or destruction in order to provide [[confidentiality]], [[integrity]], and [[availability]]. <ref name="NISTIR7298"> [http://nvlpubs.nist.gov/nistpubs/ir/2013/NIST.IR.7298r2.pdf NISTIR 7298 rev 2: Glossary of Key Information Security Terms, May 2013/NIST SP 800 series]</ref>}}<br /><br/>
+
{{definition|The protection of information and information systems from unauthorized access, use, disclosure, disruption, modification, or destruction in order to provide [[confidentiality]], [[integrity]], and [[availability]]. <ref name="NISTIR7298"> [http://nvlpubs.nist.gov/nistpubs/ir/2013/NIST.IR.7298r2.pdf NISTIR 7298 rev 2: Glossary of Key Information Security Terms, May 2013/NIST SP 800 series]</ref>}}<br /><br />
{{definition|An embedded, integral part of the enterprise architecture that describes the structure and behavior for an enterprise’s security processes, information security systems, personnel and organizational subunits, showing their alignment with the enterprise’s mission and strategic plans. <ref>[http://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-53r4.pdf NIST Special Publication 800-53 Rev 4: Security and Privacy Controls for Federal Information Systems and Organizations (April 2013)]</ref>}}<br/>
+
{{definition|An embedded, integral part of the enterprise architecture that describes the structure and behavior for an enterprise’s security processes, information security systems, personnel and organizational subunits, showing their alignment with the enterprise’s mission and strategic plans. <ref>[http://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-53r4.pdf NIST Special Publication 800-53 Rev 4: Security and Privacy Controls for Federal Information Systems and Organizations (April 2013)]</ref>}}<br />
  
==== [[Uruguay]]====
+
====[[Uruguay]]====
{{definition|Seguridad informática: Conjunto de medidas preventivas y reactivas que tienen como objetivo mantener la confidencialidad, disponibilidad e integridad de la información soportada en medios informáticos. <ref>[https://www.cert.uy/inicio/sobre_seguridad/glosario/ Glossary CERTuy]</ref>}}<br/><br/>
+
{{definition|Seguridad informática: Conjunto de medidas preventivas y reactivas que tienen como objetivo mantener la confidencialidad, disponibilidad e integridad de la información soportada en medios informáticos. <ref>[https://www.cert.uy/inicio/sobre_seguridad/glosario/ Glossary CERTuy]</ref>}}<br /><br />
 
===Regional Definitions===
 
===Regional Definitions===
 
=====[[Isle of Man]]=====
 
=====[[Isle of Man]]=====
 
{{definition|Information Security: the preservation, confidentiality, integrity and availability of information; other properties such as authenticity, accountability and non-repudiation may be involved. <ref>[https://www.gov.im/media/1363851/national-cyber-security-strategy.pdf Isle of Man National Cyber Security Strategy (2018-2022)]</ref>}}<br/>
 
{{definition|Information Security: the preservation, confidentiality, integrity and availability of information; other properties such as authenticity, accountability and non-repudiation may be involved. <ref>[https://www.gov.im/media/1363851/national-cyber-security-strategy.pdf Isle of Man National Cyber Security Strategy (2018-2022)]</ref>}}<br/>
 +
=====[[Tamil Nadu]]=====
 +
{{definition|Information Security Management deals with the planning, implementation and continuous Security controls and measures to protect the confidentiality, integrity and availability of Information Assets and its associated Information Systems. <ref>[https://elcot.in/sites/default/files/untitled-2.pdf Tamil Nadu Cyber Security Policy (2020)]</ref>}}<br/><br/>
 +
  
 
===Other Definitions===
 
===Other Definitions===
====East-West Institute (Russia-US) ====
+
====East-West Institute (Russia-US)====
 
{{definition|Cybersecurity is a property of [[cyberspace|cyber space]] that is an ability to resist intentional and unintentional [[Threat|threats]] and respond and recover.<br/><br/>Кибербезопасность: свойство (киберпространства, иберсистемы), противостоять,  намеренным и/или, ненамеренным угрозам, а также, реагировать на них и, восстанавливаться после воздействия этих угроз. <ref>[https://www.eastwest.ngo/sites/default/files/ideas-files/Russia-US-terminology.pdf RUSSIA-­‐U.S. BILATERAL ON CYBERSECURITY: CRITICAL TERMINOLOGY FOUNDATIONS]</ref>}}<br />
 
{{definition|Cybersecurity is a property of [[cyberspace|cyber space]] that is an ability to resist intentional and unintentional [[Threat|threats]] and respond and recover.<br/><br/>Кибербезопасность: свойство (киберпространства, иберсистемы), противостоять,  намеренным и/или, ненамеренным угрозам, а также, реагировать на них и, восстанавливаться после воздействия этих угроз. <ref>[https://www.eastwest.ngo/sites/default/files/ideas-files/Russia-US-terminology.pdf RUSSIA-­‐U.S. BILATERAL ON CYBERSECURITY: CRITICAL TERMINOLOGY FOUNDATIONS]</ref>}}<br />
 
===Standard Definition===
 
===Standard Definition===
==== [[ISO|ISO/IEC 27000:2014]] ====
+
====[[ISO|ISO/IEC 27000:2014]]====
 
{{definition|Preservation of [[confidentiality]], [[integrity]] and [[availability]] of information. <ref name="ISO27000-14"> [http://www.iso.org/iso/home/store/catalogue_ics/catalogue_detail_ics.htm?csnumber=63411 ISO/IEC 27000:2014, Information technology -- Security techniques -- Information security management systems -- Overview and vocabulary]</ref> In addition, other properties, such as [[authenticity]], accountability, [[non-repudiation]], and [[reliability]] can also be involved.}}
 
{{definition|Preservation of [[confidentiality]], [[integrity]] and [[availability]] of information. <ref name="ISO27000-14"> [http://www.iso.org/iso/home/store/catalogue_ics/catalogue_detail_ics.htm?csnumber=63411 ISO/IEC 27000:2014, Information technology -- Security techniques -- Information security management systems -- Overview and vocabulary]</ref> In addition, other properties, such as [[authenticity]], accountability, [[non-repudiation]], and [[reliability]] can also be involved.}}
 
<br />
 
<br />
Line 146: Line 167:
 
{{definition|Information Security: measures that implement and assure security services in information systems, including in computer systems and in communication systems. <ref name="IETFrefs">[https://tools.ietf.org/html/rfc4949 IETF RFC449 Internet Security Glossary 2]</ref>}}<br />
 
{{definition|Information Security: measures that implement and assure security services in information systems, including in computer systems and in communication systems. <ref name="IETFrefs">[https://tools.ietf.org/html/rfc4949 IETF RFC449 Internet Security Glossary 2]</ref>}}<br />
  
 +
=== [[Dictionary]]===
 +
{{definition|Informatiebeveiliging: Alles wat men doet om ervoor te zorgen dat men bij informatie kan komen wanneer men dat wil, dat de informatie klopt en dat de informatie niet bij anderen terecht komt. Het gaat daarbij vaak om een computersysteem, maar dat hoeft niet. Het gaat om maatregelen, procedures en processen die beveiligingsproblemen voorkomen, opsporen, onderdrukken en oplossen. Ontstaat er wel een probleem met de informatie? Dan zorgt informatiebeveiliging ervoor dat de gevolgen zoveel mogelijk beperkt worden.  <ref>[https://www.cybersecurityalliantie.nl/ecp_images/2021/12/Cybersecurity-Woordenboek-2021_ZonderSpreads.pdf Cybersecurity Woordenboek 2021]</ref>}}<br/><br/>
 +
{{#set:defined by=Dictionary}}
 
==Notes==
 
==Notes==
<references />
 
  
<!--
 
 
==References==
 
==References==
* Test reference. -->
+
<references />
  
 
[[Category:Information]]
 
[[Category:Information]]
Line 157: Line 179:
 
[[Category:Protection]]
 
[[Category:Protection]]
 
[[Category:Resilience]]
 
[[Category:Resilience]]
{{#set:defined by=EU|defined by=NATO|defined by=UN|defined by=IAEA|defined by=Albania|defined by=Argentina|defined by=Australia|defined by=Austria|defined by=Belarus|defined by=Brazil|defined by=Costa Rica|defined by=Croatia|defined by=Cuba|defined by=Czech Republic|defined by=Denmark|defined by=Egypt|defined by=Finland|defined by=France|defined by=Germany|defined by=Georgia|defined by=Guatemala|defined by=Italy|defined by=Jamaica|defined by=Japan|defined by=Jordan|defined by=Kuwait|defined by=Mongolia|defined by=Montenegro|defined by=Netherlands|defined by=Norway|defined by=Philippines|defined by=Portugal|defined by=Russian Federation|defined by=Serbia|defined by=Ukraine|defined by=Uganda|defined by=United States|defined by=Uruguay|defined by=Isle of Man|defined by=ISO|defined by=NIST|defined by=IETF|defined by=World Bank}}
+
{{#set:defined by=EU|defined by=ECA|defined by=World Bank|defined by=NATO|defined by=Tamil Nadu|defined by=IAEA||defined by=Albania|defined by=Argentina|defined by=Austia|defined by=Brazil|defined by=Costa Rica|defined by=Croatia|defined by=Cuba|defined by=Czech Republic|defined by=Denmark|defined by=Finland|defined by=France|defined by=Gambia|defined by=Georgia|defined by=Guatemala|defined by=Italy|defined by=Jamaica|defined by=Japan|defined by=Jordan|defined by=Kuwait|defined by=Macedonia|defined by=Mongolia|defined by=Montenegro|defined by=Netherlands|defined by=Norway|defined by=Philippines|defined by=Portugal|defined by=Russian Federation|defined by=Serbia|defined by=Switzerland|defined by=Uganda|defined by=United States|defined by=Uruguay|defined by=Isle of Man|defined by=IETF}}
 +
{{#set: Showmainpage=Yes}}

Revision as of 13:02, 15 August 2022

Definitions

European Definitions

Information Security is the protection of information against unauthorised disclosure, transfer, modification or destruction, whether accidental or intentional. [1]


ECA

Information security: The set of processes and tools protecting physical and digital data from unauthorised access, use, disclosure, disruption, modification, recording or destruction. [2]

[BG] Кибератака: Опит за подкопаване или унищожаване на поверителността, целостта и наличието на данни или на компютърна система чрез киберпространството.

[CS] Bezpečnost informací: Soubor postupů a nástrojů chránících fyzické a digitální údaje před neoprávněným přístupem, použitím, zveřejněním, narušením, pozměněním, zaznamenáním nebo zničením.

[DE] Informationssicherheit: Reihe von Prozessen und Instrumenten zum Schutz von physischen und digitalen Daten vor Zugriff, Verwendung, Preisgabe, Störung, Änderung, Erfassung oder Zerstörung durch Unbefugte.

[DK] Informationssikkerhed: Det sæt af processer og værktøjer, der beskytter fysiske og digitale data mod uautoriseret adgang, anvendelse, videregivelse, afbrydelse, ændring, registrering eller ødelæggelse.

[ES] Seguridad de la información: Conjunto de procesos y herramientas que protegen los datos físicos y digitales del acceso no autorizado, el uso, la divulgación, la perturbación, la modificación, el registro o la destrucción.

[NE] Informatiebeveiliging: Een reeks processen en instrumenten voor de bescherming van fysieke en digitale gegevens tegen onbevoegd(e) toegang, gebruik, vrijgave, verstoring, wijziging, opname of vernietiging.



Other International Definitions

IAEA

Information security is the preservation of the confidentiality, integrity and availability of information. [3]

Note: In addition, other properties such as authenticity, accountability, non-repudiation and reliability can also be involved.

NATO

The protection of information against unauthorised disclosure, transfer, modification or destruction, whether accidental or intentional (INFOSEC). [4]


United Nations

Information security is the protection of information systems against unauthorized access to or modification of information, whether in storage, processing or transit, and against the denial of service to authorized users or the provision of service to unauthorized users, including those measures necessary to detect, document, and counter such threats. [5]


World Bank

Information security, refers to the practice of defending information from unauthorized access, use, disclosure, disruption, modification, perusal, inspection, recording or destruction. [6]

In a computing context, the term security implies cybersecurity.

National Definitions

Albania

Siguria e informacionit, do të thotë sigurimi i konfidencialitetit, integritetit dhe disponueshmërisë së informacionit. [7]


Argentina

Seguridad: contemplas los requisitos de Integridad, Confidencialidad y Disponibilidad de las Aplicaciones, por ejemplo asegurando que las aplicaciones disponibles a través de redes de acceso público (ej.: Internet) no puedan ser alteradas en su contenido, infectadas con código ni susceptibles a vulnerabilidades derivadas de malas prácticas de desarrollo. [8]



Australia

Information security (INFOSEC): All measures used to protect official information from compromise, loss of integrity or unavailability. [9]



Austria

Information security or network security are umbrella terms for ICT security, referring to the entire relevant information of an organisation or an enterprise, including information that has not been processed electronically. Hence, it describes the entirety of characteristics of an organisation ensuring the confidentiality, availability and integrity of information. [10]

Informationssicherheit / Netzwerksicherheit ist ein Überbegriff zu IKT-Sicherheit und bezieht sich auf alle relevanten Informationen einer Organisation oder eines Unternehmens einschließlich von nicht elektronisch verarbeiteten Informationen. Es bezeichnet somit die Summe der Eigenschaften einer Organisation, die dem Schutz der Vertraulichkeit, Verfügbarkeit und Integrität der Informationen dienen. [11]

Information may be available as spoken text, paper documents or other directly readable media or as electronically processed data in ICT systems.

Belarus

информационная безопасность – состояние защищенности сбалансированных интересов личности, общества и государства от внешних и внутренних угроз в информационной сфере. [12]
(The state of the protection of balanced interests of the individual, society, and the state from external and internal threats in the information space)


Brazil

Segurança da Informação: proteção dos sistemas de informação contra a negação de serviço a usuários autorizados, assim como contra a intrusão, e a modificação desautorizada de dados ou informações, armazenados, em processamento ou em trânsito, abrangendo, inclusive, a segurança dos recursos humanos, da documentação e do material, das áreas e instalações das comunicações e computacional, assim como as destinadas a prevenir, detectar, deter e documentar eventuais ameaças a seu desenvolvimento. [13]

Information Security is the protection of information systems against denial of service to authorised users, as well as against intrusion and unauthorised modification of data or information stored in processing or in transit, covering even the safety of human resources, documentation and material, of the areas and facilities of communications and computing, as well as to prevent, detect, deter and document any threats to its development.



Costa Rica

Seguridad de información: La protección de la información y sistemas de información del acceso, uso, divulgación, alteración, modificación o destrucción no autorizada, con el fin de garantizar la confidencialidad, integridad y disponibilidad. [14]



Croatia

Informacijska sigurnost – stanje povjerljivosti, cjelovitosti i raspoloživosti podataka koje se postiže primjenom odgovarajućih sigurnosnih mjera.

Information security is the state of confidentiality, integrity and availability of information, which is achieved by implementation of stipulated information security measures and standards and by organisational support for jobs of planning, implementation, assessment and update of measures and standards. [15] [16]


Cuba

Seguridad de la información: Preservación de la confidencialidad, integridad y disponibilidad de la información. [17]



Czech Republic

Bezpečnost informací: Zajištění (ochrana) důvěrnosti, integrity a dostupnosti informací. [18]

Information security: Security (protection) of confidentiality, integrity and availability of information. [18]


Bezpečností informací zajištění důvěrnosti, integrity a dostupnosti informací. [19]

Security (protection) of confidentiality, integrity and availability of information. [20]


Denmark

Informationssikkerhed er en bred betegnelse for de samlede for - anstaltninger til at sikre informationer i forhold til fortrolighed, integritet (ændring af data) og tilgængelighed. I arbejdet indgår blandt andet organisering af sikkerhedsarbejdet, påvirkning af adfærd, processer for behandling af data, styring af leverandører samt tekniske sikringsforanstaltninger. [21]


Egypt

Information security: The protection of information against unauthorized disclosure, transfer, modification, or destruction, whether accidental or intentional. [22]



Finland

Tietoturva, tietoturvallisuus: järjestelyt, joilla pyritään varmistamaan tiedon saatavuus, eheys ja luottamuksellisuus.

Information Security are arrangements aiming at ensuring the availability, integrity and confidentiality of information. -unofficial translation- [23]


Tietoturvallisuus: Tietoturvallisuudella tarkoitetaan tietojen, palvelujen, järjestelmien ja tietoliikenteen suojaamista ja varmistamista niihin kohdistuvien riskien hallitsemiseksi kaikissa turvallisuustilanteissa hallinnollisilla, teknisillä ja muilla toimenpiteillä. [24]

Information security refers to the administrative, technical and other measures that protect and secure information, services, systems and telecommunications and manage their risks in all security situations. [25]

Tietoturvallisuus on myös asiantila, jossa tietojen, tietojärjestelmien ja tietoliikenteen luottamuksellisuuteen, eheyteen ja käytettävyyteen kohdistuvat uhkat eivät aiheuta merkittävää riskiä (Information security is also a condition in which threats against the confidentiality and integrity of information, information systems and telecommunications security do not pose a significant risk).

France

Information systems security: All technical and non-technical protective measures enabling an information system to withstand events likely to compromise the availability, integrity or confidentiality of stored, processed or transmitted data and of the related services that these systems offer or make accessible. [26]

Sécurité des systèmes d’information: Ensemble des mesures techniques et non techniques de protection permettant à un système d’information de résister à des événements susceptibles de compromettre la disponibilité, l’intégrité ou la confidentialité des données stockées, traitées ou transmises et des services connexes que ces systèmes offrent ou qu’ils rendent accessibles. [27]


Gambia

Information security: Preservation of confidentiality, integrity and availability of information. [28]



Germany

Informationssicherheit hat den Schutz von Informationen als Ziel. Dabei können Informationen sowohl auf Papier, in Rechnern oder auch in Köpfen gespeichert sein. [29]


IT-Sicherheit (oder Informationssicherheit) ist die Unversehrtheit der Authentizität, Vertraulichkeit, Integrität und Verfügbarkeit eines informationstechnischen Systems und der darin verarbeiteten und gespeicherten Daten. (2016) [30]

IT security is the condition in which availability, integrity and confidentiality of information and Information Technology are ensured by appropriate safeguards. [31]


Georgia

ინფორმაციული უსაფრთხოება – საქმიანობა, რომელიც იცავს ინფორმაციას და ინფორმაციულ სისტემებს მისაწვდომობის, ერთიანობის, აუთენტიფიკაციის, კონფიდენციალურობის და განგრძობადი მუშაობის უზრუნველყოფით. [32]

Information security - an activity that protects information and information systems' access, integrity, authentication, confidentiality, and the continuing of work.
(raw translation - CIPedia looks for a proper translation in English)


Guatemala

Seguridad de la información: La seguridad de la información garantiza la confidencialidad, disponibilidad e integridad de la información, por medio de la aplicación y gestión de controles apropiados que implican la consideración de una amplia gama de amenazas, con el objetivo de garantizar el éxito organizacional y la continuidad, minimizando las consecuencias de los incidentes de seguridad de la información. Fuente: ISO/IEC 27000:2016 [33]



Italy

Information Security: Often complex security measures to ensure integrity, confidentiality and availability of information classified as state secret or blankets and related information and communication systems, for example through user authentication. [34]

It includes the necessary safeguards to detect and counter intrusions.

Jamaica

Information security is the protection of information and information systems from unauthorized access, use, disclosure, disruption, modification, or destruction. [35]

Note: The terms information security, computer security and information assurance are understood for these purposes as being interchangeable.

Japan

Information security is to make the IT infrastructure as to be "truly reliable and rigid” concerning 1) sustainable development through the use of IT, 2) achievement higher quality of life of people through the use of IT, 3) security against the threats related to the use of IT. [36]



Jordan

Information Security (InfoSec) is the practice of defending information from unauthorised access, use, disclosure, disruption, modification, perusal, inspection, recording, or destruction. Information Security is a general term that can be used regardless of the form that the data may take (e.g. electronic, physical, etc.) [37]



Kuwait

Information security is focused on protecting specific individual systems and the information within organizations. The model for information security defines three objectives: Confidentiality, Integrity, and Availability. [38]



Macedonia

Информациска безбедност Информациска безбедност - состојбата на доверливост, интегритет и достапност на информации, постигната со примена на соодветни безбедносни мерки. [39] [40]


Mongolia

Information security means the situation where conditions are ensured for the Government to assess objectively the country’s actual internal and external situation and make correct decisions, for government organs and the people to have the necessary information for the exercise of their powers and rights provided by the Constitution and for the dissemination abroad of information about Mongolia. [41]


Montenegro

Informaciona bezbjednost podrazumijeva stanje povjerljivosti, cjelovitosti i dostupnosti podataka. Informaciona bezbjednost se fokusira na podatke bez obzira na njihovu formu: elektronski, štampani ili drugi oblici podataka. [42]

Information security means the condition of confidentiality, integrity and availability of data. Information security focuses on data, regardless of their form: electronic, print or other forms of data.


Netherlands

Cyber Security Centre
Informatiebeveiliging is het proces van het vaststellen van de vereiste betrouwbaarheid van informatiesystemen in termen van vertrouwelijkheid, beschikbaarheid en integriteit, alsmede het treffen, onderhouden en controleren van een samenhangend pakket van bijbehorende maatregelen. [43]


NEN-ISO
Informatiebeveiliging is het behouden van de vertrouwelijkheid, integriteit en beschikbaarheid van informatie. (NEN-ISO/IEC-27001& 27002) [44]
  • Integriteit is de eigenschap dat de nauwkeurigheid en volledigheid van bedrijfsmiddelen wordt beveiligd.
  • Vertrouwelijkheid is de eigenschap dat informatie niet beschikbaar wordt gesteld of wordt ontsloten aan onbevoegde personen, entiteiten of processen.
  • Beschikbaarheid is het kenmerk dat iets toegankelijk en bruikbaar is op verzoek van een bevoegde entiteit.
National security
Informatiebeveiliging is dat gedeelte van de beveiliging dat betrekking heeft op de verwerking van Bijzondere Informatie in ICT-systemen en netwerken. [45]

Bijzondere Informatie wordt onderscheiden in Staatsgeheimen en in niet-Staatsgeheime Bijzondere Informatie. Er is sprake van een Staatsgeheim als het belang van de Staat of zijn bondgenoten in het geding is en indien kennisname door niet-gerechtigden kan leiden tot schade aan deze belangen. Er is sprake van niet-Staatsgeheime Bijzondere Informatie indien kennisname door nietgerechtigden kan leiden tot nadeel aan het belang van één of meer ministeries.

NEN 7510 - Health sector
Informatiebeveiliging Behoud van de beschikbaarheid, integriteit en vertrouwelijkheid (BIV) van informatie. (NEN 7510) [46] [47]
  • Integriteit is hierbij de eigenschap van nauwkeurigheid en volledigheid.
  • Vertrouwelijkheid is hierbij de eigenschap dat informatie niet beschikbaar of niet bekend wordt gemaakt aan onbevoegde personen, entiteiten of processen.
  • Beschikbaarheid is hierbij de eigenschap van het toegankelijk en bruikbaar zijn op verzoek van een bevoegde entiteit.
Other
Information security is taking and maintaining a coherent set of measures to guarantee the availability, integrity and confidentiality of information.

Het treffen en onderhouden van een samenhangend pakket aan maatregelen om de beschikbaarheid, integriteit en vertrouwelijkheid te borgen. [48]


Informatiebeveiliging is het proces van vaststellen van de vereiste kwaliteit van informatie(systemen) in termen van vertrouwelijkheid, beschikbaarheid, integriteit, onweerlegbaarheid en controleerbaarheid alsook het treffen, onderhouden en controleren van een samenhangend packet van bijbehorende (fysieke, organisatorische en logische) beveiligingsmaatregelen. [49]



Norway

Cyber security has to do with protecting “everything” that is vulnerable because it is connected to or otherwise dependent on information and communication technology. The term is used synonymously with the terms “ICT security” and “digital security”. [50]

Digital sikkerhet handler om beskyttelse av «alt» som er sårbart fordi det er koblet til eller på annen måte avhengig av informasjons- og kommunikasjonsteknologi. Brukes synonymt med begrepene IKT-sikkerhet og cybersikkerhet. [51]


IKT-sikkerhet: Hvordan elektroniske nettverk og systemer som behandler data eller kommuniserer med hverandre, og som virksomhetene er avhengig av for å fungere effektivt, skal beskyttes. [52]

ICT security is how business-critical electronic networks and systems that process data or communicate with each other are protected. [53]



Philippines

Information security is the protection of information and information systems from unauthorized access, use, disclosure, disruption, modification, or destruction in order to provide confidentiality, integrity, and availability. [54]


Information Security: A set of strategies for managing the processes, tools and policies necessary to prevent, detect, document and counter threats to digital and nondigital information. [55]



Portugal

[Definição] INFOSEC: A aplicação de medidas de segurança para proteger a informação processada, armazenada ou transmitida em Sistemas de Tecnologia da Informação e Comunicações contra a perda de confidencialidade, integridade ou disponibilidade, acidental ou intencional, e para prevenir a perda de integridade ou disponibilidade dos sistemas. [56]


[Definição] Segurança da Informação: Proteção dos sistemas de informação contra o acesso ou a modificação não autorizados da informação, durante o seu armazenamento, processamento ou transmissão, e contra a negação de serviço a utilizadores autorizados ou o fornecimento de serviço a utilizadores não autorizados, incluindo as medidas necessárias para detetar, documentar e contrariar tais ameaças. [57]



Russian Federation

информационная безопасность Российской Федерации (далее - информационная безопасность) - состояние защищенности личности, общества и государства от внутренних и внешних информационных угроз, при котором обеспечиваются реализация конституционных прав и свобод человека и гражданина, достойные качество и уровень жизни граждан, суверенитет, территориальная целостность и устойчивое социально-экономическое развитие Российской Федерации, оборона и безопасность государства [58]

(raw translation) Information security of the Russian Federation (hereinafter - information security) - the state of protection of the individual, society and state from internal and external IT threats, which provide realisation of constitutional rights and freedoms of man and citizen, decent quality and standard of living of citizens, sovereignty, territorial integrity and sustainable socio-economic development of the Russian Federation, the defense and security of the state.


информационная безопасность – состояние защищенности личности, организации и государства и их интересов от угроз, деструктивных и иных негативных воздействий в информационном пространстве [59]

Information security (raw translation): the state of protection of the individual, the organization and the state and their interests from threats, destructive and other negative impacts in the information space.


Serbia

информациона безбедност представља скуп мера које омогућавају да подаци којима се рукује путем ИКТ система буду заштићени од неовлашћеног приступа, као и да се заштити интегритет, расположивост, аутентичност и непорецивост тих података, да би тај систем функционисао како је предвиђено, када је предвиђено и под контролом овлашћених лица. [60]



Switzerland

Information security / ICT security: Information security (or ICT security) is the intactness of the authenticity, confidentiality, integrity and availability of an information and communication technology system and the data processed and stored therein. [61]

Informationssicherheit / IKT-Sicherheit: Informationssicherheit (oder IKT-Sicherheit) ist die Unversehrtheit der Authentizität, Vertraulichkeit, Integrität und Verfügbarkeit eines informations- und kommunikationstechnischen Systems und der darin verarbeiteten und gespeicherten Daten. [62]

Sécurité de l’information / sécurité informatique: La sécurité de l’information (ou sécurité informatique) vise à garantir l’authenticité, la confidentialité, l’intégrité et la disponibilité des données traitées par un système d’information et de communication ou enregistrées dans celui-ci. [63]

Sicurezza delle informazioni/ Sicurezza delle TIC: La sicurezza delle informazioni (o sicurezza delle TIC) è data dalla garanzia dell’autenticità, della confidenzialità, dell’integrità e della accessibilità di un sistema TIC e dei dati che vengono elaborati e salvati in questo sistema. [64]


Uganda

Information security is the protection information and information systems from unauthorized access, use, disclosure, disruption, modification or destruction. [65]


Ukraine

“information security” must be understood as the kind of protection of a State’s information space that allows the attainment of its national interests and observance of the rights of the individual, society and the State. [66]



United States

FISMA
Information security means protecting information and information systems from unauthorized access, use, disclosure, disruption, modification, or destruction in order to provide - (A) integrity, which means guarding against improper information modification or destruction, and includes ensuring information nonrepudiation and authenticity; (B) confidentiality, which means preserving authorized restrictions on access and disclosure, including means for protecting personal privacy and proprietary information; and (C) availability, which means ensuring timely and reliable access to and use of information. [67]


NIST
The protection of information and information systems from unauthorized access, use, disclosure, disruption, modification, or destruction in order to provide confidentiality, integrity, and availability. [68]



An embedded, integral part of the enterprise architecture that describes the structure and behavior for an enterprise’s security processes, information security systems, personnel and organizational subunits, showing their alignment with the enterprise’s mission and strategic plans. [69]


Uruguay

Seguridad informática: Conjunto de medidas preventivas y reactivas que tienen como objetivo mantener la confidencialidad, disponibilidad e integridad de la información soportada en medios informáticos. [70]



Regional Definitions

Isle of Man
Information Security: the preservation, confidentiality, integrity and availability of information; other properties such as authenticity, accountability and non-repudiation may be involved. [71]


Tamil Nadu
Information Security Management deals with the planning, implementation and continuous Security controls and measures to protect the confidentiality, integrity and availability of Information Assets and its associated Information Systems. [72]




Other Definitions

East-West Institute (Russia-US)

Cybersecurity is a property of cyber space that is an ability to resist intentional and unintentional threats and respond and recover.

Кибербезопасность: свойство (киберпространства, иберсистемы), противостоять, намеренным и/или, ненамеренным угрозам, а также, реагировать на них и, восстанавливаться после воздействия этих угроз. [73]


Standard Definition

ISO/IEC 27000:2014

Preservation of confidentiality, integrity and availability of information. [74] In addition, other properties, such as authenticity, accountability, non-repudiation, and reliability can also be involved.


IETF

Information Security: measures that implement and assure security services in information systems, including in computer systems and in communication systems. [75]


Dictionary

Informatiebeveiliging: Alles wat men doet om ervoor te zorgen dat men bij informatie kan komen wanneer men dat wil, dat de informatie klopt en dat de informatie niet bij anderen terecht komt. Het gaat daarbij vaak om een computersysteem, maar dat hoeft niet. Het gaat om maatregelen, procedures en processen die beveiligingsproblemen voorkomen, opsporen, onderdrukken en oplossen. Ontstaat er wel een probleem met de informatie? Dan zorgt informatiebeveiliging ervoor dat de gevolgen zoveel mogelijk beperkt worden. [76]



Notes

References

  1. NATO - EU - UN glossary
  2. European Court of Auditors, Challenges to effective EU cybersecurity policy, Briefing Paper, March 2019
  3. IAEA - Nuclear Security Series Glossary Version 1.3 (November 2015)
  4. NATO - EU - UN glossary
  5. NATO - EU - UN glossary
  6. Cyber Security Glossary, World Bank (2015)
  7. PROJEKT LIGJ PËR SIGURINË KIBERNETIKE
  8. Oficina Nacional de Tecnologías de Información ADMINISTRACION PUBLICA NACIONAL Disposición 3/2013 - Apruébase la “Política de Seguridad de la Información Modelo” (2013)
  9. Protective Security Policy Framework - Glossary Oct 2017
  10. Austrian Cyber Security Strategy, Federal Chancellery of the Republic of Austria, Vienna (2013)
  11. Österreichische Strategie für Cyber Sicherheit (2013)
  12. Концепция Националъной Безопасности, Министерство Внутренних Дел Рецпублики Беларусъ, 2010
  13. GUIA DE REFERÊNCIA PARA A SEGURANÇA DAS INFRAESTRUTURAS CRÍTICAS DA INFORMAÇÃO Versão 01 (Nov. 2010)/ Decreto Nº 3.505, de 13 de junho de 2000. Presidência da República, Casa Civil, Subchefia para Assuntos Jurídicos. Institui a Política de Segurança da Informação nos órgãos e entidades da Administração Pública Federal. Brasília, 2000.
  14. Estrategia Nacional de Ciberseguridad de Costa Rica (2017)
  15. Article 2 of the Information Security Act
  16. National Cyber Security Strategy draft (2015)
  17. Glossary of Cyber terms/Glosario de términos, Centro de Seguridad del Ciberespacio
  18. 18.0 18.1 [1]
  19. Zákon č. 181/2014 Sb. o kybernetické bezpečnosti a o změně souvisejících zákonů (zákon o kybernetické bezpečnosti)
  20. Cyber Security Explanatory Glossary (2013)
  21. Danish Cyber Security Strategy, 2014
  22. Glossary of the National Telecom Authority (NTA), Egypt
  23. Vocabulary of Comprehensive Security. Helsinki (TSK 47) (2014)
  24. Yhteikunnan Turvallisuusstrategia, Valtioneuvoston periaatepäätös 16.12.2010
  25. Security Strategy for Society, Government Resolution 16.12.2010
  26. Information systems defence and security: France's Strategy
  27. La Stratégie de la France en matière de défense et de sécurité des systèmes d’information (2011)
  28. THE GAMBIA NATIONAL CYBERSECURITY STRATEGY (2019)
  29. Cyber-Sicherheitsstrategie für Deutschland 2021
  30. Cyber-Sicherheitsstrategie für Deutschland 2016
  31. Unpublished working glossary of UP KRITIS and BSI, 2014
  32. cyber_security_politics.docx (2012)
  33. La Estrategia Nacional de Seguridad Cibernética (June 2018)
  34. IL LINGUAGGIO DEGLI ORGANISMI INFORMATIVI Glossario (2013)
  35. Jamaica's National Cyber Security Strategy
  36. The Second National Strategy on Information Security, Japan, 2009
  37. National Cyber Security Strategy (2018-2023)
  38. Glossary Communication and Information Technology Regulatory
  39. НАЦИОНАЛНА СТРАТЕГИЈА ЗА САЈБЕР БЕЗБЕДНОСТ НА РЕПУБЛИКА МАКЕДОНИЈА 2018 -2022
  40. National Cyber Security Strategy of the Republic of Macedonia (2018)
  41. Security Concept of Mongolia EN.pdf The Concept of National Security of Mongolia, Government of Mongolia
  42. Strategija o bezbjednosti 2013-2017 (2012)
  43. Cyber Security Beeld Nederland 2018
  44. NEN-ISO/IEC-27001 en 27002
  45. Algemene Beveiligingseisen voor Defensieopdrachten (ABDO), 2006
  46. NEN 7510-1
  47. NEN 7510-2
  48. Zakboekje Preventie Cybercrime (2008
  49. 2016 Nationaal Cyber Security Beeld
  50. National Cyber Security Strategy for Norway (2019)
  51. Nasjonal strategi for digital sikkerhet (2019)
  52. Nasjonal strategi for informasjonssikkerhet (2012)
  53. Cyber Security Strategy for Norway (2012)
  54. DND GLOSSARY OF CYBER SECURITY TERMS (v.4)
  55. NHS Cyber security glossary
  56. Glossário Centro National de Cibersegurança Portugal
  57. Glossário Centro National de Cibersegurança Portugal
  58. Указ Президента Российской Федерации от 05.12.2016 № 646 "Об утверждении Доктрины информационной безопасности Российской Федерации"
    (Presidential Decree of 12.5.2016 number 646 "On approval of the Doctrine of the Russian Federation Information Security")
  59. КОНЦЕПЦИЯ СТРАТЕГИИ КИБЕРБЕЗОПАСНОСТИ РОССИЙСКОЙ ФЕДЕРАЦИИ (Draft Cyber Security Strategy 2016)
  60. ЗАКОН О ИНФОРМАЦИОНОЈ БЕЗБЕДНОСТИ (Law on Information Security), Serbia
  61. SN002 - National strategy for Switzerland’s protection against cyber risks (NCS) 2018-2022 (2018)
  62. SN002 - Nationale Strategie zum Schutz der Schweiz vor Cyber-Risiken (NCS) 2018-2022 (2018)
  63. SN002 - Stratégie nationale de protection de la Suisse contre les cyberrisques (SNPC) 2018-2022 (2018)
  64. SN002 - Strategia nazionale per la protezione della Svizzera contro i cyber-rischi (SNPC) 2018-2022 (2018)
  65. National Information Security Policy (2011)
  66. Ukraine, Submission to the United Nations General Assembly Resolution A/58/373, 2003
  67. The Federal Information Security Modernization Act of 2014 (FISMA)44 U.S.C. § 3552(b)(2).
  68. NISTIR 7298 rev 2: Glossary of Key Information Security Terms, May 2013/NIST SP 800 series
  69. NIST Special Publication 800-53 Rev 4: Security and Privacy Controls for Federal Information Systems and Organizations (April 2013)
  70. Glossary CERTuy
  71. Isle of Man National Cyber Security Strategy (2018-2022)
  72. Tamil Nadu Cyber Security Policy (2020)
  73. RUSSIA-­‐U.S. BILATERAL ON CYBERSECURITY: CRITICAL TERMINOLOGY FOUNDATIONS
  74. ISO/IEC 27000:2014, Information technology -- Security techniques -- Information security management systems -- Overview and vocabulary
  75. IETF RFC449 Internet Security Glossary 2
  76. Cybersecurity Woordenboek 2021