Cybersecurity

Available (269)

Showing 13 - 24 per page



Guidelines for the EU standardisation process related to cybersecurity for radio equipment

Body

In essence, this is how I would describe the situation. Radio equipment placed on the EU single market must comply with the essential requirements of the Radio Equipment Directive (RED). European Commission (EC) activated Article 3.3 d, e, f essential requirements in a delegated act on 29.10.2021. Some of the essential requirements activated in the RED articles 3(3) (d/e/f) aim at the protection of personal data and privacy, the protection from fraud and ensuring compliance of reconfigurable radio systems. The standards responding to the Article 3.3 do not yet exist.

An important element that is currently overlooked is the guideline describing the method and the process to produce the standardisation deliverables. While this might seem unlikely - after all the EU Harmonised European Standards were produced for a number of decades, the change in the domain of essential requirements coupled with a change in the EC legal view create a significant challenge for the timely production of European Norms.

Starting with the multidisciplinary aspects of this challenge, there are a number of issues that need to be solved in order for the standards covering these essential requirements to be produced. Hence the importance of discussing how to produce the standards and this discussion that may start drafting ways to guide the effort of standardisation for Harmonised European Norms. 

Groups
Cybersecurity

Power systems management and associated information exchange - Data and communications security - Part 9: Cyber security key management for power system equipment

IEC 62351-9:2017 specifies cryptographic key management, namely how to generate, distribute, revoke, and handle public-key certificates and cryptographic keys to protect digital data and its communication. Included in the scope is the handling of asymmetric keys (e.g. private keys and public-key certificates), as well as symmetric keys for groups (GDOI). This document assumes that other standards have already chosen the type of keys and cryptography that will be utilized, since the cryptography algorithms and key materials chosen will be typically mandated by an organization’s own local security policies and by the need to be compliant with other international standards. This document therefore specifies only the management techniques for these selected key and cryptography infrastructures. The objective is to define requirements and technologies to achieve interoperability of key management. The purpose of this document is to guarantee interoperability among different vendors by specifying or limiting key management options to be used. This document assumes that the reader understands cryptography and PKI principles.

IEC62351-9.pdf
TC 57 - Power systems management and associated information exchange
Cybersecurity
IT Security
IEC
Standard
IEC 62351-9:2017
https://webstore.iec.ch/publication/30287

M-Sec Project Online Contest

Body

Are you a company, university student, researcher, data scientist, entrepreneur or a concerned citizen?

Do you have an #innovative #earlystage business idea that addresses a #smartcity challenge? ?‍? Are you interested in #security and #privacy issues of #iot devices and apps? ??

Then don't miss this chance and apply by 26 August 5pm CET to M-Sec Project Online Contest, that will run between 6-10 September ? 
https://lnkd.in/ecfRk7b

Main perks:
??‍? 1-1 Technical and business support to develop your business idea
✍? Business workshop
? Present the business idea to an international panel of experts

Top 3 winners of each challenge will also have the chance to meet city council representatives of Santander and Fujisawa #smartcities

Guidelines and more info ?‍♀️
https://lnkd.in/eXS85QN

#msecsmarthack

Groups
Cybersecurity

M-Sec EU & Japanese IoT citizens and stakeholders’ consultation preliminary results

Body

At the end of 2020, the M-Sec Project launched a survey to the European and Japanese IoT community, to better understand their experience when using IoT devices and applications and on their knowledge of EU & Japan’s data protection regulations. 6 months after, and with more than 450 answers, here are the first insights from our community: https://www.msecproject.eu/m-sec-eu-japanese-consultation-preliminary-results/ 

Groups
Cybersecurity

How to reactively defend against advanced cyber threats

Body

We would like to invite you to the online workshop "How to reactively defend against advanced cyber threats" 20 May, 13:00-17:00 - CEST.

The workshop will zoom in on how you can mitigate advanced cybersecurity threats and zero day vulnerabilities thanks to the holistic approach the ReAct projecthas developed.

We'll also address the following questions:
 - can we protect a computer, or laptop, tablet or any other device before "day zero"?
 - can we protect them before we know about their vulnerability?

The workshop is open to anyone interested in cybersecurity but could be particularly beneficial for ICT Operators, Internet Service Providers, Hardware Manufacturers and Researchers.

Full agenda, programme, speakers and registration is available at link below:

https://www.cyberwatching.eu/projects/1053/react/events/how-reactively-defend-against-advanced-cyber-threats

The workshop is organised by the ReAct project and supported by Cyberwatching.eu which are both funded by the European Commission's H2020 programme.

We look forward to meet you online on 20 May, 13:00-17:00 - CEST.

Groups
Cybersecurity

Secure Real-time environmental data and garbage counting system – promoting environmental awareness in an urban context

Body

Dear community, the M-Sec Project is currently implementing 5 pilots to test, validate and showcase the impact of its cybersecurity solution. Learn more about M-Sec’s Use Case 3 to better understand how this Use Case is being implemented in the Japanese city of Fujisawa.

Groups
Cybersecurity

Information security, cybersecurity and privacy protection — Physically unclonable functions — Part 1: Security requirements

This document specifies the security requirements for physically unclonable functions (PUFs). Specified security requirements concern the output properties, tamper-resistance and unclonability of a single and a batch of PUFs. Since it depends on the application which security requirements a PUF needs to meet, this documents also describes the typical use cases of a PUF.
Amongst PUF use cases, random number generation is out of scope in this document.

Cybersecurity
ISO/IEC
Standard
ISO/IEC 20897-1:2020
https://www.csagroup.org/store/product/iso_076353/

Information security, cybersecurity and privacy protection — Governance of information security

This document provides guidance on concepts, objectives and processes for the governance of information security, by which organizations can evaluate, direct, monitor and communicate the information security-related processes within the organization.
The intended audience for this document is:
— governing body and top management;
— those who are responsible for evaluating, directing and monitoring an information security management system (ISMS) based on ISO/IEC 27001;
— those responsible for information security management that takes place outside the scope of an ISMS based on ISO/IEC 27001, but within the scope of governance.
This document is applicable to all types and sizes of organizations.
All references to an ISMS in this document apply to an ISMS based on ISO/IEC 27001.
This document focuses on the three types of ISMS organizations given in Annex B. However, this document can also be used by other types of organizations.

Cybersecurity
CSA
Standard
ISO/IEC 27014:2020
https://www.csagroup.org/store/product/iso_074046/

Information security, cybersecurity and privacy protection — Guidelines for information security management systems auditing (Adopted ISO/IEC 27007:2020, third edition, 2020-01)

Standards development within the Information Technology sector is harmonized with international standards development. Through the CSA Technical Committee on Information Technology (TCIT), Canadians serve as the SCC Mirror Committee (SMC) on ISO/IEC Joint Technical Committee 1 on Information Technology (ISO/IEC JTC1) for the Standards Council of Canada (SCC), the ISO member body for Canada and sponsor of the Canadian National Committee of the IEC. Also, as a member of the International Telecommunication Union (ITU), Canada participates in the International Telegraph and Telephone Consultative Committee (ITU-T).

For brevity, this Standard will be referred to as CAN/CSA-ISO/IEC 27007 throughout.

This Standard supersedes CAN/CSA-ISO/IEC 27007:13 (adopted ISO/IEC 27007:2011). At the time of publication, ISO/IEC 27007:2017 is available from ISO and IEC in English only. CSA Group will publish the French version when it becomes available from ISO and IEC.

Cybersecurity
CSA
Standard
CSA ISO/IEC 27007:20
https://www.csagroup.org/store/product/2703505/
Subscribe to Cybersecurity