Ver:
Evento singular o serie de eventos de seguridad de la información, inesperados o no deseados, que tienen una probabilidad significativa de comprometer las operaciones del negocio y de amenazar la seguridad de la información. [UNE-ISO/IEC 27000:2014]
Suceso (inesperado o no deseado) con consecuencias en detrimento de la seguridad del sistema de información. [UNE-71504:2008]
single or a
series of unwanted or unexpected information security events that have a
significant probability of compromising business operations and threatening
information security [ISO/IEC 27000:2014]
An assessed
occurrence that actually or potentially jeopardizes the confidentiality,
integrity, or availability of an information system; or the information the
system processes, stores, or transmits; or that constitutes a violation or
imminent threat of violation of security policies, security procedures, or
acceptable use policies. [CNSSI_4009:2010]
1. (I) A security
event that involves a security violation. (See: CERT, security event, security
intrusion, security violation.) [RFC4949:2007]
A single or a
series of unwanted or unexpected information security events that have a
significant probability of compromising business operations and threatening
information security. [ISO-18028-1:2006] [ISO-18044:2004]
An Information
Security incident is an event which appears to be a breach of the organizations
Information Security safeguards. It is important to respond calmly and to
follow a logical procedure, first to prevent the breach from continuing, if
possible, and second, to inform the appropriate person(s) within the
organization; this usually includes the appointed Security Officer.
http://www.passwordnow.com/en/glossary/information-security-incident.html
is any activity
that harms or represents a serious threat to the whole or part of Yale's
computer, telephone and network-based resources such that there is an absence
of service, inhibition of functioning systems, including unauthorized changes
to hardware, firmware, software or data, unauthorized exposure, change or
deletion of PHI, or a crime or natural disaster that destroys access to or
control of these resources. Routine detection and remediation of a virus',
malware' or similar issue that has little impact on the day-to-day business of
the University is not considered an Incident under this policy.
http://www.hipaa.yale.edu/overview/glossary.html
Any workplace
violence toward an employee or any act, event or omission that could result in
the compromise of information, assets or services.
http://www.tbs-sct.gc.ca/pol/doc-eng.aspx?id=16578
un incident lié à la
sécurité de l'information est indiqué par un ou plusieurs événement(s) de
sécurité de l'information indésirable(s) ou inattendu(s) présentant une
probabilité forte de compromettre les opérations liées à l'activité de
l'organisme et de menacer la sécurité de l'information. [ISO-18044:2004]
Tout acte de violence
en milieu de travail manifestée à l'endroit d'un employé ou tout acte,
événement ou omission pouvant entraîner la compromission d'informations, de
biens ou de services.
http://www.tbs-sct.gc.ca/pol/doc-fra.aspx?id=16578
Temas relacionados