U.S. flag   An unofficial archive of your favorite United States government website
Dot gov

Official websites do not use .rip
We are an unofficial archive, replace .rip by .gov in the URL to access the official website. Access our document index here.

Https

We are building a provable archive!
A lock (Dot gov) or https:// don't prove our archive is authentic, only that you securely accessed it. Note that we are working to fix that :)

Computer Security Resource Center

Computer Security Resource Center

This is an archive
(replace .gov by .rip)
    Glossary
A  |  B  |  C  |  D  |  E  |  F  |  G  |  H  |  I  |  J  |  K  |  L  |  M  |  N  |  O  |  P  |  Q  |  R  |  S  |  T  |  U  |  V  |  W  |  X  |  Y  |  Z

Computer Security Incident

Abbreviation(s) and Synonym(s):

incident

Definition(s):

  Anomalous or unexpected event, set of events, condition, or situation at any time during the life cycle of a project, product, service, or system.
Source(s):
NIST SP 800-160 Vol. 1 under incident from ISO/IEC/IEEE 15288

  See “incident.”
Source(s):
NIST SP 800-61 Rev. 2

  An occurrence that actually or imminently jeopardizes, without lawful authority, the confidentiality, integrity, or availability of information or an information system; or constitutes a violation or imminent threat of violation of law, security policies, security procedures, or acceptable use policies.
Source(s):
NIST SP 800-172 under incident from 44 U.S.C., Sec. 3552
NIST SP 800-172A under incident from 44 U.S.C., Sec. 3552
NIST SP 800-37 Rev. 2 under incident
NIST SP 800-53 Rev. 5 under incident from PL 113-283 (FISMA)
NIST SP 800-171 Rev. 2 under incident from 44 U.S.C., Sec. 3552

  An occurrence that actually or potentially jeopardizes, without lawful authority, the confidentiality, integrity, or availability of information or an information system; or constitutes a violation or imminent threat of violation of security policies, security procedures, or acceptable use policies.
Source(s):
NIST SP 800-128 under incident from 44 U.S.C., Sec. 3552

  An occurrence that results in actual or potential jeopardy to the confidentiality, integrity, or availability of an information system or the information the system processes, stores, or transmits or that constitutes a violation or imminent threat of violation of security policies, security procedures, or acceptable use policies. See cyber incident. See also event, security-relevant, and intrusion.
Source(s):
CNSSI 4009-2015 [Superseded] under incident from FIPS 200 - Adapted

  See incident.
Source(s):
CNSSI 4009-2015 [Superseded] under computer security incident from NISTIR 7298 Rev. 2

  An occurrence that actually or potentially jeopardizes the confidentiality, integrity, or availability of a system or the information the system processes, stores, or transmits or that constitutes a violation or imminent threat of violation of security policies, security procedures, or acceptable use policies.
Source(s):
NIST SP 800-171 Rev. 1 [Superseded] under incident from FIPS 200 - Adapted