U.S. flag   An official website of the United States government
Dot gov

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Https

Secure .gov websites use HTTPS
A lock (Dot gov) or https:// means you've safely connected to the .gov website. Share sensitive information only on official, secure websites.

A  |  B  |  C  |  D  |  E  |  F  |  G  |  H  |  I  |  J  |  K  |  L  |  M  |  N  |  O  |  P  |  Q  |  R  |  S  |  T  |  U  |  V  |  W  |  X  |  Y  |  Z

security incident

Abbreviation(s) and Synonym(s):

incident
Incident

Definition(s):

  An occurrence that actually or potentially jeopardizes the confidentiality, integrity, or availability of an information system or the information the system processes, stores, or transmits or that constitutes a violation or imminent threat of violation of security policies, security procedures, or acceptable use policies.
Source(s):
NIST SP 800-12 Rev. 1 under Incident from FIPS 200
NIST SP 800-128 under Incident from FIPS 200
NIST SP 800-137 under Incident from FIPS 200
NISTIR 8183 under Incident from NIST Cybersecurity Framework Version 1.1, NIST Cybersecurity Framework Version 1.0
NISTIR 8183A Vol. 1 under Incident from NIST Cybersecurity Framework Version 1.1
NISTIR 8183A Vol. 2 under Incident from NIST Cybersecurity Framework Version 1.1
NISTIR 8183A Vol. 3 under Incident from NIST Cybersecurity Framework Version 1.1
NISTIR 8183 Rev. 1 under Incident from NIST Cybersecurity Framework Version 1.1
NIST SP 800-53 Rev. 4 [Superseded] under Incident from FIPS 200

  An occurrence that actually or potentially jeopardizes the confidentiality, integrity, or availability of an information system or the information the system processes, stores, or transmits or that constitutes a violation or imminent threat of violation of security policies, security procedures, or acceptable use policies
Source(s):
NIST SP 800-82 Rev. 2 under Incident from FIPS 200, NIST SP 800-53

  An occurrence that results in actual or potential jeopardy to the confidentiality, integrity, or availability of an information system or the information the system processes, stores, or transmits or that constitutes a violation or imminent threat of violation of security policies, security procedures, or acceptable use policies. See cyber incident. See also event, security-relevant, and intrusion.
Source(s):
CNSSI 4009-2015 under incident from FIPS 200 - Adapted

  Anomalous or unexpected event, set of events, condition, or situation at any time during the life cycle of a project, product, service, or system.
Source(s):
NIST SP 800-160 Vol. 1 under incident from ISO/IEC/IEEE 15288

  A violation or imminent threat of violation of computer security policies, acceptable use policies, or standard security practices.
Source(s):
NIST SP 800-61 Rev. 2 under Incident

  See incident.
Source(s):
CNSSI 4009-2015 from NISTIR 7298 Rev. 2
NIST SP 800-137 under Security Incident
NIST SP 800-53 Rev. 4 [Superseded] under Security Incident

  An occurrence that actually or imminently jeopardizes, without lawful authority, the confidentiality, integrity, or availability of information or an information system; or constitutes a violation or imminent threat of violation of law, security policies, security procedures, or acceptable use policies.
Source(s):
NIST SP 800-171 Rev. 2 under incident from 44 U.S.C., Sec. 3552
NIST SP 800-37 Rev. 2 under incident
NIST SP 800-53 Rev. 5 under incident from PL 113-283 (FISMA)
NIST SP 800-172 under incident from 44 U.S.C., Sec. 3552

  An occurrence that actually or potentially jeopardizes, without lawful authority, the confidentiality, integrity, or availability of information or an information system; or constitutes a violation or imminent threat of violation of security policies, security procedures, or acceptable use policies.
Source(s):
NIST SP 800-128 under incident from 44 U.S.C., Sec. 3552

  An occurrence that actually or potentially jeopardizes the confidentiality, integrity, or availability of a system or the information the system processes, stores, or transmits or that constitutes a violation or imminent threat of violation of security policies, security procedures, or acceptable use policies.
Source(s):
NIST SP 800-171 Rev. 1 [Superseded] under incident from FIPS 200 - Adapted