Threat

From CIPedia
Revision as of 18:16, 17 September 2014 by Eluiijf (talk | contribs) (EU Project VITA)
Jump to navigation Jump to search

The definitions of "Threat" and "Hazard" are very similar, so maybe the terms do not need to be distinguished. A CI-specific usage example for the above terms can be found on the "Hazard" entry.

Definitions

European Definitions

Any indication, circumstance, or event with the potential to disrupt or destroy CI, or any element thereof. [1]

The European Commission's CBRN Glossary[2] defines threat as

The likelihood of occurrence of a hazard or event with a harmful effect. In contrast to risk, a threat is not related to the impact it may cause. In the context of public health, a threat is defined as a substance, condition or event, which by its presence has the potential to rapidly harm an exposed population, sufficiently lead to a major crisis[2].

Other International Definitions

NATO CEP / EAPC

Any event that has the potential to disrupt or destroy critical infrastructure, or any element thereof. [3].

An all-hazards approach to threat includes accidents, natural hazards as well as deliberate attacks.

EU Project VITA

A source of impending danger or harm. [4].

The semantics of that definition in the context of CI is that a threat to a CI may give rise to serious consequences to critical societal functions, including the supply chain, health, safety, security, economic or social well-being of people.

National Definitions

US Definition

A natural or manmade occurrence, individual, entity, or action that has or indicates the potential to harm life, information, operations, the environment, and/or property [5].

Standard Definition

ISO/PAS 22399:2007

Potential cause of an unwanted incident, which may result in harm to individuals, a system or organization, the environment or the community [6].

ISO/IEC 27000:2014

Potential cause of an unwanted incident, which may result in harm to a system or organization [7].

See also

Notes

  1. EC COM(2006) 787 final, Directive of the Council on the identification and designation of European Critical Infrastructure and the assessment of the need to improve their protection, EC, Brussels 12.12.2006.
  2. 2.0 2.1 European Commission's CBRN Glossary, 2012
  3. NATO EAPC(SCEPC) lexicon 2003.
  4. EU VITA deliverable.
  5. DHS Risk Lexicon 2010 Edition, September 2010
  6. ISO/PAS 22399:2007 Societal security - Guideline for incident preparedness and operational continuity management.
  7. ISO/IEC 27000:2014, Information technology -- Security techniques -- Information security management systems -- Overview and vocabulary
Retrieved from "https://websites.fraunhofer.de/CIPedia/index.php?title=Threat&oldid=1518"