“Following a spate of agency data breaches — and a nudging from Congress — the White House is updating annual cybersecurity guidelines that, for the first time, provide a definition for a ‘major’ cyberincident. The new definition — mandated by a 2014 update to federal cyber legislation — comes in annual guidance issued to agencies by the Office of Management and Budget as part of the Federal Information Security Management Act.”
Source: Here’s the Government’s New Definition of a Major Cyberincident – Nextgov.com