Cybersecurity/Network and Information security

There is currently no standard addressing the cybersecurity of AI systems. In ISO/IEC JTC1 SC27 WG4  27090 is under development; and I contribute directly to this work.

Annegrit's priority is the Convenorship of CEN CENELEC JTC21 WG 5,  the organisation and project support to work on the AI Act standardisation request for Cybersecurity. This includes a close collaboration with other groups within JTC 21, JTC 13, ISO IEC SC 42 and SC 27 to collect all information of existing and work under development. The main challenge is that JTC 21 and also our WG5 has a diverse structure of experts and knowledge, which makes the work, the effort and efficiency very difficult. In this case, the challenge in addition is the collaboration with other existing standardisation groups within JTC 21 as well as with JTC 13 for Cyber Resilience Act, with ETSI and their view, with ISO IEC SC 27 and SC 42.

My work aims to develop robust frameworks for the verification of cryptographic protocols within the security of ICT products, services, and processes, thereby enhancing resilience against cyber threats.

Improving security is one of the most, if not the most, important priorities for the evolution and future development of the IoT.

This fellowship allows me to take part to all meetings concerning Cybersecurity, Privacy and Artificial Intelligence (even most are very early or very late in the day, as per rules for scheduling in SDO's), whilst being able to keep delivering standard based consulting especially for SMEs which need to comply for ISO 27001 certifications mostly. 

My fellowship focuses on several priorities and key gaps related to AI and cybersecurity standards applied in education.

This technical report, resulting from my fellowship’s contributions, is an equitable analysis of the relationship between Quantum Key Distribution (QKD) and Post-quantum Cryptography (PQC) technologies. It describes the two technologies' complementary nature and highlights their potential advantages and benefits.

By integrating ZTA, the project allows for more secure, scalable, and flexible access control mechanisms, which are crucial for the protection of sensitive data and systems against evolving cyber threats.

"Once the revision is done, we will disseminate it across the different stakeholders, and it will allow the community to learn the newest editions of widely recognised international standards that support the cybersecurity certification and technical aspects of the process of revision"

My fellowship significantly contributes to the ICT standards landscape by advancing the Biometric System-on-Card (BSoC) standards, particularly within the ISO/IEC 17839 series.

The number of devices in these areas vastly outnumbers the number of human beings and this area is almost unprotected, which could have detrimental effects on our society. It is the hope that the project could be one way to enable a broader cybersecurity protection.

Work on ICT readiness is essential for organisations facing increasing risks and threats in an unstable environment when they rely more and more on ICT, supplying them guidance to gain more resilience to infrastructures and organisations.