Definitions
A Significant Cyber Incident is
| “ | [a] Level 2 or Level 1 Incident on the Cyber Risk Alert Level System. A Significant Cyber Incident is likely to cause, or is causing, harm to critical functions and services across the public and private sectors by impairing the confidentiality, integrity, or availability of electronic information, information systems, services, or networks; and/or threaten public health or safety, undermine public confidence, have a negative effect on the national economy, or diminish the security posture of the Nation.
A Significant Cyber Incident may destroy, degrade, or disrupt the cyber infrastructure and/or the integrity of the information that supports the private and public sectors. Complications from a Significant Cyber Incident may threaten public health or safety, undermine public confidence, have a debilitating effect on the national economy, or diminish the security posture of the Nation. A Significant Cyber Incident may adversely affect the Nation’s ability to project force and may have implications on the Nation’s Strategic Deterrence capability. Rapid identification, information exchange, investigation, response, and remediation often can mitigate the damage that a Significant Cyber Incident can cause and aid in rapid recovery and reconstitution after and during an incident.[1] |
” |
| “ | [a] cyber incident that is (or group of related cyber incidents that together are) likely to result in demonstrable harm to the national security interests, foreign relations, or economy of the United States or to the public confidence, civil liberties, or public health and safety of the American people.[2] | ” |