Definitions Edit

Automated transportation system Edit

An incident is

[a]n occurrence involving one or more vehicles in which a hazard or a potential hazard is involved but not classified as a crash due to the degree of injury and/or extent of damage. An incident could affect the safety of operations. This definition covers a broad range of events.[1]

Computer security Edit

An incident is "a security breach of a computerized system and information."[2]

An incident (also called cyber incident) is:

an umbrella term encompassing a range of malicious activity carried out by diverse actors with varying motivations and capabilities — all of whom exploit cyberspace.[3]
[a]n event occurring on or conducted through a computer network that actually or imminently jeopardizes the integrity, confidentiality, or availability of computers, information or communications systems or networks, physical or virtual infrastructure controlled by computers or information systems, or information resident thereon. For purposes of this directive, a cyber incident may include a vulnerability in an information system, system security procedures, internal controls, or implementation that could be exploited by a threat source.[4]
[a]n occurrence that actually or potentially jeopardizes the confidentiality, integrity, or availability of an information system or the information the system processes, stores, or transmits or that constitutes a violation or imminent threat of violation of security policies, security procedures, or acceptable use policies.[5]
[a]n occurrence that actually or potentially results in adverse consequences to (adverse effects on) (poses a threat to) an information system or the information that the system processes, stores, or transmits and that may require a response action to mitigate the consequences.[6]
[a] violation or imminent threat of violation of computer security policies, acceptable use policies, or standard computer security practices.[7]
[a]n occurrence that constitutes a violation or imminent threat of violation of security policies, security procedures, or acceptable use policies.[8]
actions taken through the use of computer networks that result in a compromise or an actual or potentially adverse effect on an information system and/or the information residing therein.[9]

Military Edit

In information operations, an incident is an:

assessed event of attempted entry, unauthorized entry, or an information attack on an automated information system. It includes unauthorized probing and browsing; disruption or denial of service; altered or destroyed input, processing, storage, or output of information; or changes to information system hardware, firmware, or software characteristics with or without the users' knowledge, instruction, or intent.[10]

Overview Edit

Incidents can include major disasters, emergencies, terrorist attacks, terrorist threats, wild and urban fires, floods, hazardous materials spills, nuclear accidents, aircraft accidents, earthquakes, hurricanes, tornadoes, tropical storms, war-related disasters, public health and medical emergencies, and other occurrences requiring an emergency response.[11]

To date, the vast majority — nearly all mdash; of actual cyber incidents have been exploitations, and sensitive digitally stored information such as Social Security numbers, medical records, blueprints and other intellectual property, classified information, contract and bid information, and software source code have all been obtained by unauthorized parties.[12]

Symptoms Edit

The symptoms of an incident could include any of the following:

References Edit

  1. Federal Automated Vehicles Policy: Accelerating the Next Revolution In Roadway Safety, at 84.
  2. Critical Infrastructure Protection: Actions Needed to Address Significant Cybersecurity Risks Facing the Electric Grid, at 3 n.9.
  3. Justice Department's Role in Cyber Incident Response, at 1.
  4. Presidential Policy Directive 41 (PPD-41): United States Cyber Incident Coordination.
  5. NIST, FIPS 200; 44 U.S.C. §2552(b)(2).
  6. NICCS, Explore Terms: A Glossary of Common Cybersecurity Terminology (full-text).
  7. NIST Special Publication 800-61 (rev. 1), Glossary, at D-2; NIST Special Publication 800-150, at 59.
  8. Id.
  9. Improving Cybersecurity Protections in Federal Acquisitions.
  10. U.S. Department of Defense, Joint Pub. 1–02: DOD Dictionary of Military and Associated Terms (Apr. 2010) (full-text).
  11. Department of Homeland Security, National Infrastructure Protection Plan 110 (2009) (full-text).
  12. At the Nexus of Cybersecurity and Public Policy: Some Basic Concepts and Issues, at 14.

See also Edit

Community content is available under CC-BY-SA unless otherwise noted.