Ver:

·         Salvaguarda

·         Control

·         Mecanismo de seguridad

Conjunto de disposiciones encaminadas a protegerse de los riesgos posibles sobre el sistema de información, con el fin de asegurar sus objetivos de seguridad. Puede tratarse de medidas de prevención, de disuasión, de protección, de detección y reacción, o de recuperación. [ENS:2010]

Actions, devices, procedures, or techniques that meet or oppose(i.e., counters) a threat, a vulnerability, or an attack by eliminating or preventing it, by minimizing the harm it can cause, or by discovering and reporting it so that corrective action can be taken.

NIST SP 800-53: Actions, devices, procedures, techniques, or other measures that reduce the vulnerability of an information system. Synonymous with security controls and safeguards.

[CNSSI_4009:2010]

Puede ser usado para referirse a algún tipo de Control. El término Contramedida es muy usado cuando se refiere a medidas que incrementan la Resistencia, Tolerancia a fallos o Confiabilidad de un Servicio TI. [ITIL:2007]

action, measure, or device that reduces an identified risk

Annotation: A countermeasure can reduce any component of risk -threat, vulnerability, or consequence

DHS Risk Lexicon, September 2008

(I) An action, device, procedure, or technique that meets or opposes (i.e., counters) a threat, a vulnerability, or an attack by eliminating or preventing it, by minimizing the harm it can cause, or by discovering and reporting it so that corrective action can be taken. [RFC4949:2007]

Can be used to refer to any type of Control. The term Countermeasure is most often used when referring to measures that increase Resilience, Fault Tolerance or Reliability of an IT Service. [ITIL:2007]

Action, device, procedure, technique, or other measure that reduces the vulnerability of an information system.[FIPS-200:2006]

Anything which effectively negates or mitigates an adversary's ability to exploit vulnerabilities.

http://www.ioss.gov/docs/definitions.html

Any action, device, procedure, technique, or other measure that mitigates risk by reducing the vulnerability of, threat to, or impact on a system. [TDIR:2003]

a technical or non-technical security measure which contributes to meeting the security objective(s) of a Target of Evaluation. [ITSEM:1993]

Peut faire référence à n’importe quel type de contrôle. Le terme “Contre-mesure” est souvent utilisé pour faire référence à des mesures qui augmente la Résilience, la Tolérance de panne ou la Fiabilité d’un service des TI. [ITIL:2007]