Cyber Resilience

From CIPedia
Jump to: navigation, search

Definitions

National definitions

Costa Rica

Ciber-resiliencia / Resiliencia cibernética (Cyber resilience): Habilidad de prepararse para, adaptarse, soportar, y rápidamente recuperarse de interrupciones resultantes de ataques deliberados, amenazas o incidentes accidentales u ocurridos naturalmente. [1]
Sinónimo o equivalente a ciberresiliencia.

France

Resilience In the field of computing, the ability of an information system to withstand a breakdown or cyberattack and return to its initial operating state after the incident. [2]

Resilience En informatique, capacité d’un système d’information à résister à une panne ou à une cyberattaque et à revenir à son état initialaprès l’incident. [3]


Indonesia

Cyber resilience: Terselenggaranya infrastruktur informasi kritikal nasional. [4]
Dengan pendekatan ini maka infrastruktur informasi kritis ini harus tahan terhadap ancaman, dan tetap dapat beroperasi untuk melayani publik walaupun terjadi ataupun kerusakan sebagian.

New Zealand

Cyber Resilience involves detection, protection and recovery from cyber incidents. [5]

Qatar

Cyber resilience is the ability to prepare for, adapt to, withstand, and rapidly recover from disruptions resulting from deliberate attacks, accidents, or naturally occurring threats or incidents. [6]

المرونة وهي القدرة ع ى الاستعداد والتكيف مع الظروف المتغ يرة والصمود والتعا في ´ بسرعة من الاضطرابات ال ت ي تنتج عن الهجمات أو الحوادث المتعمدة أو تلك ال ت ي قد تحدث أ لسباب طبيعية. [7]


Romania

Rezilienţa infrastructurilor cibernetice: capacitatea componentelor infrastructurilor cibernetice de a rezista unui incident sau atac cibernetic şi de a reveni la starea de normalitate.

Cyber infrastructure resilience the capacity of infrastructure components to withstand cyber attack or cyber incident and return to normality. [8]


United Kingdom (UK)

Cyber resilience – the overall ability of systems and organisations to withstand cyber events and, where harm is caused, recover from them. [9]


United States

NIST
Information System Resilience: The ability of an information system to continue to: (i) operate under adverse conditions or stress, even if in a degraded or debilitated state, while maintaining essential operational capabilities; and (ii) recover to an effective operational posture in a time frame consistent with mission needs. (from: NIST SP 800-53 Rev 4) [10]

Other Definitions

Scotland

Cyber resilience is being able to prepare for, withstand, rapidly recover and learn from deliberate attacks or accidental events in the online world. [11]

To do this, people need to develop the skills, knowledge and understanding of the risk, in whatever setting they find themselves in, and then take the necessary steps to prepare for and respond to such events.

Victoria (Australia)

Cyber resilience means having appropriate internal cyber capability, strong governance and policy, strategic partnering, cyber situational awareness, ongoing cyber risk assessments (including understanding the risks and flow-on impact of a cyber breach), clear communication mechanisms, and a rapid cyber breach response capability. [12]

Cyber resilience is the organisation’s capability to withstand negative impacts due to known, predictable, unknown, unpredictable, uncertain and unexpected threats from activities in cyberspace (ISF 2011). [13]

Other International Definitions

Cyber Resilience.org

Cyber resilience refers to the ability to continuously deliver the intended outcome despite adverse cyber events. [14]

World Economic Forum

The ability of systems and organizations to withstand cyber events, measured by the combination of mean time to failure and mean time to recovery. [15]

Academic Definitions

Fredrik Björg et al. recently have published a paper on Cyber Resilience - fundamentals for a definition.

See also

Notes

  1. Estrategia Nacional de Ciberseguridad de Costa Rica (2017)
  2. Information systems defence and security: France's Strategy
  3. La Stratégie de la France en matière de défense et de sécurité des systèmes d’information (2011)
  4. Indonesia National Cyber Security Strategy development (presentation), 2016
  5. New Zealand’s Cyber Security Strategy (2015)
  6. QATAR National Cyber Security Strategy (May 2014)
  7. الاستراتيجية الوطنية للأمن السيبراني QATAR NCSS - Arabic version (May 2014)
  8. Hotărârea nr. 271/2013 pentru aprobarea Strategiei de securitate cibernetică
  9. National Cyber Security Strategy 2016, HM Government
  10. NIST Glossary
  11. Scottish Government: Safe, Secure and Prosperous: A Cyber Resilience Strategy for Scotland
  12. Cyber Security Strategy Victoria (2017)
  13. Network and Cyber Security Statement by Victorian government (2017)
  14. Cyber Resilience.org
  15. WEF Partnering for Cyber Resilience Guidelines 2012