Definitions[]
A cybersecurity incident is
| “ | [a]ctions taken through the use of computer networks that result in an actual or potentially adverse effect on an information system and/or the information residing therein.[1] | ” |
| “ | [a] single or a series of unwanted or unexpected information security events that have a significant probability of compromising business operations and threatening information security.[2] | ” |
| “ | [a] malicious act or suspicious event that: 1) compromises, or was an attempt to compromise, the ESP or PSP, or 2) disrupts, or was an attempt to disrupt, the operation of a BES cyber system.[3] | ” |
| “ | a malicious act or suspicious event that disrupts, or was an attempt to disrupt, the operation of those programmable electronic devices and communication networks including hardware, software and data that are essential to the reliable operation of the bulk power system.[4] | ” |
| “ | [a] cybersecurity event that has been determined to have an impact on the organization prompting the need for response and recovery.[5] | ” |
References[]
- ↑ Incident Response Procedures for Data Breaches, Glossary, at 4.
- ↑ ISO/IEC 27035-2
- ↑ Cybersecurity A Primer for State Utility Regulators, App. B.
- ↑ 16 U.S.C. § 824o(a)(8).
- ↑ Framework for Improving Critical Infrastructure Cybersecurity, Version 1.1, App. B, at 45.