Ver:
Evento singular o serie de eventos de seguridad de
la información, inesperados o no deseados, que tienen una probabilidad
significativa de comprometer las operaciones del negocio y de amenazar la seguridad
de la información. [UNE-ISO/IEC 27000:2014]
Suceso (inesperado o no deseado) con consecuencias
en detrimento de la seguridad del sistema de información. [UNE-71504:2008]
single or a series of
unwanted or unexpected information security events that have a significant
probability of compromising business operations and threatening information
security [ISO/IEC 27000:2014]
An assessed occurrence that
actually or potentially jeopardizes the confidentiality, integrity, or
availability of an information system; or the information the system processes,
stores, or transmits; or that constitutes a violation or imminent threat of
violation of security policies, security procedures, or acceptable use policies.
[CNSSI_4009:2010]
1. (I) A security event that
involves a security violation. (See: CERT, security event, security intrusion,
security violation.) [RFC4949:2007]
A single or a series of unwanted
or unexpected information security events that have a significant probability
of compromising business operations and threatening information security. [ISO-18028-1:2006]
[ISO-18044:2004]
An Information Security incident
is an event which appears to be a breach of the organizations Information
Security safeguards. It is important to respond calmly and to follow a logical
procedure, first to prevent the breach from continuing, if possible, and
second, to inform the appropriate person(s) within the organization; this
usually includes the appointed Security Officer.
http://www.passwordnow.com/en/glossary/information-security-incident.html
is any activity that harms
or represents a serious threat to the whole or part of Yale's computer,
telephone and network-based resources such that there is an absence of service,
inhibition of functioning systems, including unauthorized changes to hardware,
firmware, software or data, unauthorized exposure, change or deletion of PHI,
or a crime or natural disaster that destroys access to or control of these
resources. Routine detection and remediation of a virus', malware' or similar
issue that has little impact on the day-to-day business of the University is
not considered an Incident under this policy.
http://www.hipaa.yale.edu/overview/glossary.html
Any workplace violence
toward an employee or any act, event or omission that could result in the
compromise of information, assets or services.
http://www.tbs-sct.gc.ca/pol/doc-eng.aspx?id=16578
un incident lié à la
sécurité de l'information est indiqué par un ou plusieurs événement(s) de
sécurité de l'information indésirable(s) ou inattendu(s) présentant une
probabilité forte de compromettre les opérations liées à l'activité de
l'organisme et de menacer la sécurité de l'information. [ISO-18044:2004]
Tout acte de violence
en milieu de travail manifestée à l'endroit d'un employé ou tout acte,
événement ou omission pouvant entraîner la compromission d'informations, de
biens ou de services.
http://www.tbs-sct.gc.ca/pol/doc-fra.aspx?id=16578