The RSIT is described as a reference taxonomy for "security incidents" - is this term currently formally defined in the RSIT, and if not, should it be?
For example, I note that the current version of RSIT includes things that might be thought of as physical security issues (e.g., "Burglary" or "Sabotage") and safety or business continuity issues (e.g., "Outage"). Does the RSIT therefore cover these as well as cyber security incidents, and is this worth explicitly stating (via a definition)?
As a starter, NIST has a range of definitions, as does the UK's NCSC. ENISA has a glossary but this doesn't include anything to do with incidents.
The RSIT is described as a reference taxonomy for "security incidents" - is this term currently formally defined in the RSIT, and if not, should it be?
For example, I note that the current version of RSIT includes things that might be thought of as physical security issues (e.g., "Burglary" or "Sabotage") and safety or business continuity issues (e.g., "Outage"). Does the RSIT therefore cover these as well as cyber security incidents, and is this worth explicitly stating (via a definition)?
As a starter, NIST has a range of definitions, as does the UK's NCSC. ENISA has a glossary but this doesn't include anything to do with incidents.