Critical Information Infrastructure Protection

From CIPedia
Jump to: navigation, search

Abbreviation

CIIP

Definitions

European Definitions

Council Communication COM(2011)163 final

No definition provided[1].


Other International Definitions

GFCE-MERIDIAN

Critical Information Infrastructure Protection (CIIP) is defined as all activities aimed at ensuring the functionality, continuity and integrity of CII in order to deter, mitigate and neutralise a threat, risk or vulnerability or minimise the impact of an incident. [2]

National Definitions

Czech Republic

Critical Information Infrastructure Protection (CIIP) is a subset of CIP. CIIP focuses on the protection of systems and assets including components such as telecommunications, computers/software, Internet, satellites, fibre optics etc., and on interconnected computers and networks, and the services they provide. [3]


Estonia

The purpose of the critical information infrastructure protection (CIIP) is to maintain a trouble-free functioning of the country's essential information and communication systems under ordinary circumstances and to ensure their continuity on a minimum level during critical situations. [4]


Italy

Protezione delle infrastrutture critiche informatizzate (CIIP): azioni tese ad innalzare il livello di sicurezza, affidabilità e correttezza di tutte quelle infrastrutture critiche che utilizzano, in tutto o in parte, una qualunque infrastruttura informatica per il loro monitoraggio, la loro gestione o il loro controllo; includendo, naturalmente, nel novero delle infrastrutture critiche anche quelle informatiche e specificatamente Internet. [5]


Japan

In order to continuously provide CII services and to avoid serious effects on the public welfare and socioeconomic activities from IT outages resulting from natural disasters, cyber-attacks or other causes, all stakeholders should protect CII by reducing the risk of IT outages as much as possible and by ensuring prompt recovery from IT outages. [6]


Kosovo

Mbrojtja e infrastrukturës kritike të informacionit (MIKI): Programet dhe aktivitetet e pronarëve, operatorëve, prodhuesve, përdoruesve dhe autoriteteve rregullatore të infrastrukturës, të cilat kanë për qëllim të ruajnë performancën e infrastrukturave kritike të informacionit në rast të dështimit, sulmit apo aksidenteve mbi një nivel të definuar minimal të shërbimeve, si dhe që synojnë shkurtimin e kohës së rikuperimit dhe tkurrjen e dëmeve. [7]

Critical Information Infrastructure Protection (CIIP): The programs and activities of infrastructure owners, operators, manufacturers, users, and regulatory authorities which aim at keeping the performance of critical information infrastructures in case of failures, attacks or accidents above a defined minimum level of services and aim at minimising the recovery time and damage. [8]
CIIP should therefore be viewed as a cross-sector phenomenon rather than being limited to specific sectors. CIIP should be closely coordinated with Critical Infrastructure Protection from a holistic perspective.

Russian Federation

безопасность критической информационной инфраструктуры - состояние элементов критической информационной инфраструктуры и критической информационной инфраструктуры в целом, при котором проведение в отношении ее компьютерных атак не влечет за собой тяжких последствий.

Critical information infrastructure security is the state of critical information infrastructure and critical information infrastructure as a whole, in which the holding in respect of its computer attacks do not entail grave consequence. [9]


Good Practices

  1. The GFCE-MERIDIAN Good Practice Guide on Critical Information Infrastructure Protection for governmental policy-makers. [10]
  2. Companion Document to the GFCE-MERIDIAN Good Practice Guide on Critical Information Infrastructure Protection for governmental policy-makers. [11]
  3. Critical Information Infrastructure Protection (CIIP). [12]


See also

Notes

  1. COMMUNICATION FROM THE COMMISSION TO THE EUROPEAN PARLIAMENT, THE COUNCIL, THE EUROPEAN ECONOMIC AND SOCIAL COMMITTEE AND THE COMMITTEE OF THE REGIONS on Critical Information Infrastructure Protection ‘Achievements and next steps: towards global cyber-security’
  2. The GFCE-MERIDIAN Good Practice Guide on Critical Information Infrastructure Protection for governmental policy-makers, November 2016
  3. Act No. 181 of 23 July 2014 On Cyber Security and Change of Related Acts (Act on Cyber Security)
  4. Critical Information Infrastructure Protection Estonia
  5. PROTEZIONE DELLE INFRASTRUTTURE CRITICHE INFORMATIZZATE La realtà Italiana (2004)
  6. The Basic Policy of Critical Information Infrastructure Protection (3rd Edition), Japan (2015)
  7. Strategjia Shtetërore për Sigurinë Kibernetike dhe Plani i Veprimit 2016 – 2019
  8. National Cyber Security Strategy and Action Plan 2016 – 2019 (2016)
  9. NATIONAL SECURITY OF RUSSIA - Information security (February 3, 2012, № 803)
  10. http://publications.tno.nl/publication/34625751/8a9zkX/luiijf-2016-good.pdf
  11. http://publications.tno.nl/publication/34625885/eLJW9I/gfce-2017-companion.pdf
  12. http://publications.tno.nl/publication/34625842/WzQ3p5/gcfe-2017-critical.pdf