An occurrence that actually or potentially jeopardizes the confidentiality, integrity, or availability of an information system or the information the system processes, stores, or transmits or that constitutes a violation or imminent threat of violation of security policies, security procedures, or acceptable use policies.
Sources:
FIPS 200
under INCIDENT
NIST SP 800-12 Rev. 1
under Incident
from
FIPS 200
NIST SP 800-128
under Incident
from
FIPS 200
NIST SP 800-137
under Incident
from
FIPS 200
NISTIR 8183
under Incident
from
NIST Cybersecurity Framework Version 1.1, NIST Cybersecurity Framework Version 1.0
NISTIR 8183 Rev. 1
under Incident
from
NIST Cybersecurity Framework Version 1.1
NISTIR 8183A Vol. 1
under Incident
from
NIST Cybersecurity Framework Version 1.1
NISTIR 8183A Vol. 2
under Incident
from
NIST Cybersecurity Framework Version 1.1
NISTIR 8183A Vol. 3
under Incident
from
NIST Cybersecurity Framework Version 1.1
An occurrence that actually or potentially jeopardizes the confidentiality, integrity, or availability of an information system or the information the system processes, stores, or transmits or that constitutes a violation or imminent threat of violation of security policies, security procedures, or acceptable use policies
Sources:
NIST SP 800-82r3
under Incident
from
FIPS 200
An occurrence that results in actual or potential jeopardy to the confidentiality, integrity, or availability of an information system or the information the system processes, stores, or transmits or that constitutes a violation or imminent threat of violation of security policies, security procedures, or acceptable use policies. See cyber incident. See also event, security-relevant, and intrusion.
Sources:
CNSSI 4009-2015
from
FIPS 200 - Adapted
Anomalous or unexpected event, set of events, condition, or situation at any time during the life cycle of a project, product, service, or system.
Sources:
NIST SP 800-160v1r1
from
ISO/IEC/IEEE 15288:2015
Actions taken through the use of an information system or network that result in an actual or potentially adverse effect on an information system, network, and/or the information residing therein. See incident. See also event, security-relevant event, and intrusion.
Sources:
CNSSI 4009-2015
under cyber incident
See “incident.”
Sources:
NIST SP 800-61 Rev. 2
under Computer Security Incident
A violation or imminent threat of violation of computer security policies, acceptable use policies, or standard security practices.
Sources:
NIST SP 800-61 Rev. 2
under Incident
See incident.
Sources:
CNSSI 4009-2015
under computer security incident
CNSSI 4009-2015
under security incident
NIST SP 800-137
under Security Incident
Actions taken through the use of an information system or network that result in an actual or potentially adverse effect on an information system, network, and/or the information residing therein.
Sources:
NIST SP 800-160 Vol. 2 Rev. 1
under cyber incident
from
CNSSI 4009-2015
An occurrence that actually or imminently jeopardizes, without lawful authority, the confidentiality, integrity, or availability of information or an information system; or constitutes a violation or imminent threat of violation of law, security policies, security procedures, or acceptable use policies.
Sources:
NIST SP 800-171r3
from
44 U.S.C., Sec. 3552
NIST SP 800-172
from
44 U.S.C., Sec. 3552
NIST SP 800-172A
from
44 U.S.C., Sec. 3552
NIST SP 800-37 Rev. 2
from
44 U.S.C., Sec. 3552
NIST SP 800-53 Rev. 5
from
PL 113-283 (FISMA)
An occurrence that actually or potentially jeopardizes, without lawful authority, the confidentiality, integrity, or availability of information or an information system; or constitutes a violation or imminent threat of violation of security policies, security procedures, or acceptable use policies.
Sources:
NIST SP 800-128
from
44 U.S.C., Sec. 3552