Cybersecurity/Network and Information security

Available (140)

Showing 109 - 120 per page



Security assessment of operational systems

This Technical Report provides guidance and criteria for the security evaluation of operational systems. It provides an extension to the scope of ISO/IEC 15408, by taking into account a number of critical aspects of operational systems not addressed in ISO/IEC 15408 evaluation. The principal extensions that are required address evaluation of the operational environment surrounding the target of evaluation, and the decomposition of complex operational systems into security domains that can be separately evaluated.

ISO/IEC JTC 1/SC 27 Information Security, cybersecurity and privacy protection
Cybersecurity/Network and Information security
IEC
ISO
Standard
ISO/IEC TR 19791:2010

Security requirements for cryptographic modules

ISO/IEC 19790:2012 the security requirements for a cryptographic module utilised within a security system protecting sensitive information in computer and telecommunication systems. This International Standard defines four security levels for cryptographic modules to provide for a wide spectrum of data sensitivity (e.g. low value administrative data, million dollar funds transfers, life protecting data, personal identity information, and sensitive information used by government) and a diversity of application environments (e.g. a guarded facility, an office, removable media, and a completely unprotected location).

ISO/IEC JTC 1/SC 27 Information Security, cybersecurity and privacy protection
Cybersecurity/Network and Information security
IEC
ISO
Standard
ISO/IEC 19790:2012

Secret sharing -- Part 1: General

ISO/IEC 19592 (all parts) specifies cryptographic secret sharing schemes and their properties. This document defines the parties involved in a secret sharing scheme, the terminology used in the context of secret sharing schemes, the parameters and the properties of such a scheme.

ISO/IEC JTC 1/SC 27 Information Security, cybersecurity and privacy protection
Cybersecurity/Network and Information security
IEC
ISO
Standard
ISO/IEC 19592-1:2016

Service level agreement (SLA) framework -- Part 4: Components of security and of protection of PII

This document specifies security and protection of personally identifiable information components, SLOs and SQOs for cloud service level agreements (cloud SLA) including requirements and guidance.

ISO/IEC JTC 1/SC 27 Information Security, cybersecurity and privacy protection
Cybersecurity/Network and Information security
IEC
ISO
Standard
ISO/IEC 19086-4:2019

Jean-Pierre Quémard

Description of Activities

In this fellowship the original objective is to start to prepare a NWI to address the age approriate topic and start the standard development. The aim is to improve the benefits and reduce the risks in the digital world for young users up to the age of 18. The solution is to adapt the content delivered by online products and services according to the age of users. Moreover, the process requires establishing the age/capacity of users, including age verification and age estimation. The CWA does NOT define age estimation and verification processes (Out of scope) but requires to select an appropriate age assurance tools/approach in conformity with established standards and official guidance.

Fellow's country
France
Open Call Topics
Cybersecurity/Network and Information security
Impact on society (7th Open Call)
Need for an EN: Many organizations engage with children intentionally; others engage with children in the course of their general activities. In each case the organization has a responsibility to that child to provide an age-appropriate service. This is not a marginal market, as one in three users is under 18.
The target stakeholders of this standard are society-wide: governments and policymakers; international institutions and civil society organizations; business and tech sector especially digital service providers; parents, teachers, and children.
The protection of children in the ICT world is a key issue and three domains are to develop complementary; including, age appropriate this work item, Age Assurance and Age verification. The two last topics are managed at ISO/IEC/JTC1/SC27/WG5 level the delineation between the three topics is important
Open Call
OC#7 2026
Organisation type
SMEs
Organization
Kuzul An Traezehnn
Organization website
Website
Portrait Picture
Jean-Pierre Quémard
Proposal Title (7th Open Call)
Age appropriate standardisation
Read more
Online references related to the fellowship work
Role in SDO
convenor
Standards Development Organisation
CEN/CENELEC
StandICT.eu Year
2026
Year
2025
Topic (7th Open Call)
Cybersecurity/Network and Information security

Gill Whitney

Description of Activities

 

The standards being developed should cover the requirements of the full range of stakeholders (including users, affected bystanders and manufacturers etc) over the complete lifetime of the product.

 

Fellow's country
United Kingdom
Impact on SMEs (9th Open Call)
My contribution impacts in SMEs in a small but important way. The requirements of consumers with respect to how security information (such as updates or warnings) needs to be presented to end users in a clear, easy to understand and timely manner, without the use of unnecessary, unfamiliar terminology. Many SMEs will have access to or employ Cyber Security experts. They will therefore have similar requirements for information to be presented in a clear, useable, timely and concise way. I have referred to the issue of information to be presented in a useable way in a number of meetings. This is particularly relevant with respect to information impacting purchasing decisions or with reference to security updates.
Impact on society (6th Open Call)
Cybersecurity standards have traditionally focused on the operation of the hardware, software and firmware of the systems. The needs of the human elements have often not been fully considered and negative viewpoints are sometimes heard in cybersecurity standards meeting with respect to untrained and/or vulnerable consumers/end users. By considering and supporting the `human element’ in products with digital elements (an essential element), it is hoped to reduce the potential for harm to the system and also to reduce the harm to the end user. In particular improved communication should reduce the physiological harm caused to the end user when something goes wrong and they think it is their fault. Cybersecurity standards for digital systems can thus be seen to support vulnerable users and to acknowledge that all end users can be vulnerable in specific circumstances
Impact on society (9th Open Call)
My work supports ICT accessibility and digital skills. It did this by promoting the requirements of end users when these people were acting as part of a system involving the use of products with digital elements. These end users will include vulnerable end users. In these systems the end users will be involved in a range of set up and management activities with respect to the digital elements including choosing the products and their application, selecting and maintaining levels of Cybersecurity and making decisions on when the product has reached its end of life.
Products with digital elements include health monitoring and quality of life products which can improve the life and health of the end user, if they fail or become unsafe, they may impact the physical, sensory or cognitive health of the end user. If their operation becomes uncertain, they may cause stress, which impacts the cognitive health of the end user.
By supporting the end users to make sensible decisions when selecting or maintaining a product with digital elements, the followers of the relevant CRA standard will increase the digital skills of the end users. This can be achieved by enabling standards writers to create standards which consider the needs of all end users. The aim of this project was to assist the standard writers to do this.
Linkedin Profile
Linkedin profile
Open Call
OC#6 2026
OC#9 2026
Organisation type
Other
Organization
Independent Expert
Portrait Picture
Gill Whitney
Proposal Title (6th Open Call)
Contribution to the modification of standards to facilitate their use by manufacturers and writers of associated vertical standards
Proposal Title (9th Open Call)
Using accessibility standards to increase the cybersecurity of the full range of consumers
Standards Development Organisation
ETSI
CEN/CENELEC
StandICT.eu Year
2026
Year
2024
Topic (6th Open Call)
Cybersecurity/Network and Information security
Topic (9th Open Call)
Accessibility of ICT products and services

Philippe Ombredanne

Description of Activities

The gaps that this fellowship enables me to address has been to dedicate solid time first for the ECMA meetings that I convened, but also for the community background work that needs support and attention. The priorities are to users the creation of the core specifications for ECMA approval, which has been challenging because of the influx of attention on PURL for SBOM and CRA compliance. The challenge from PURL getting increased attention meant needing to cater to new contributors and supporting long debates and addressing objections, in particular on topics like character encoding.

Fellow's country
Belgium
Open Call Topics
Cybersecurity/Network and Information security
Impact on SMEs (7th Open Call)
PURL makes it easier to integrate multiple SBOM tools for CRA compliance, lowering the costs of compliance for SMEs.
Impact on society (7th Open Call)
The expected impact of this project to usher PURL standardization will significantly improve the accuracy of how free and open source software packages are identified and reported in SBOMs. Software developers - both of open source projects and commercial software vendors - will be able to rely on a stable and widely-accepted international standard, across tooling and data for Software Composition Analysis (SCA), SBOMs, and open source compliance. This will greatly improve the overall security posture of any software using free and open source software packages which itself is the vast majority of software. As a universal identifier for packages, PURL enables the exchange of software inventories across partners in the software supply chain and SCA and SBOM tooling and data. This makes PURL the foundation of all SBOM and VEX standards, which are critical for cybersecurity and essential for compliance with upcoming regulations like the European Union's Cyber Resilience Act. Any recipient of an SBOM can rely on PURL as the unique identifier to query vulnerability databases for package metadata and other information about the package used in the software product or service.
Linkedin Profile
LinkedIn Profile
Open Call
OC#6 2026
OC#7 2026
Portrait Picture
Philippe Ombredanne
Proposal Title (7th Open Call)
Standardize Package-URL (PURL): From community de-facto to international Ecma standard
Read more
Online references related to the fellowship work
Role in SDO
convenor
Standards Development Organisation
ECMA
StandICT.eu Year
2026
Year
2024
2025
Topic (7th Open Call)
Cybersecurity/Network and Information security

Walte Fumy

Description of Activities


This fellowship supports my engagement in ISO/IEC JTC 1 ‘Information technology’ is not on a working level (such as a contributor to specific standards) but on a strategic level.

Fellow's country
Germany
Impact on SMEs (6th Open Call)
While the nature of my engagement in ISO/IEC JTC 1 does not directly impact European SMEs, I have volunteered to participate in the StandICT.eu Mentorship Programme and to mentor new SME experts, who are less familiar with the workings of SDO technical committees, by providing guidance and advice.
Linkedin Profile
Linkedin profile
Open Call
OC#6 2026
Organisation type
IT Consultancy/Development
Organization
Independent Consultant
Portrait Picture
Walte Fumy
Proposal Title (6th Open Call)
communication and promotion of European interests in international ICT standardisation
Read more
https://www.iso.org/committee/45020.html
Standards Development Organisation
ISO/IEC
StandICT.eu Year
2026
Year
2024
Topic (6th Open Call)
Cybersecurity/Network and Information security

Antoine Sciberras

Description of Activities


My work aims to rationalise the resulting compliance efforts through a dedicated Technical Report (TR) under ETSI CYBER. This report will help reduce legal ambiguity, support standardisation across sectors, and ensure proportional and efficient compliance.

Fellow's country
Malta
Impact on SMEs (6th Open Call)
This project has significant implications for SMEs across the EU. Many of these companies provide ICT services to regulated entities but may lack the resources to navigate complex, overlapping regulatory regimes. By providing a unified interpretation of NIS2 and DORA obligations, the project reduces uncertainty and helps SMEs avoid redundant compliance efforts.
Impact on society (6th Open Call)
Yes. The initiative is centred on the development of a new Technical Report within ETSI CYBER, aimed at clarifying the joint application of NIS2 and DORA. A formal proposal has been submitted and approved as a work item under ETSI CYBER’s work programme.
Linkedin Profile
Linkedin profile
Open Call
OC#6 2026
Organisation type
Academia/Research
Organization
University of Malta
Portrait Picture
Antoine Sciberras
Proposal Title (6th Open Call)
Contributing to the evolution of ICT standards by providing clarity where EU-level legislation currently creates operational ambiguity
Standards Development Organisation
ISO/IEC
ETSI
StandICT.eu Year
2026
Year
2024
Topic (6th Open Call)
Cybersecurity/Network and Information security

Nicolae Paladi

Description of Activities

Through this fellowship, I am contributing to shape the standards around next-generation secure computing infrastructure. We are on the verge of a new paradigm where the security of the computing infrastructure is endorsed by hardware features and ensures protection of data at rest, in transit, and in use. 

Fellow's country
Sweden
Open Call Topics
Cybersecurity/Network and Information security
Impact on SMEs (5th Open Call)
Trusted execution environments (TEEs) allow deploying code and data in a separate, secure segment of computing platforms. Standardised security assessment and provisioning of configuration and personalisation information to Trusted execution environments (TEEs) can be a key contributor to more secure services and an enabler for new products and services.
Linkedin Profile
LinkedIn
Open Call
OC#5 2026
Organisation type
IT Consultancy/Development
Organization
CEO CanaryBit.eu
Organization website
CEO CanaryBit.eu
Portrait Picture
Paladi
Read more
Attestation Results for Secure Interactions
Standards Development Organisation
IETF
StandICT.eu Year
2026
Year
2024
Topic (5th Open Call)
Cybersecurity/Network and Information security

Denis Pinkas

Description of Activities

The use of digital identity wallets is foreseen to be the best appropriate solution to support an age verification method, which uses the date of birth of the individual without disclosing it.

Fellow's country
France
Open Call Topics
Cybersecurity/Network and Information security
Impact on SMEs (5th Open Call)
If successful, the impact will not be restricted to European SMEs and/or European societies.
As my contributions are both for ISO and the IETF, the impact can be worldwide. However, I have not observed the presence of another European expert motivated by the topic of Age assurance systems that participates both in ISO JTC1 SC 27 and in the IETF.
Impact on society (5th Open Call)
The societal impacts can be important. Age assurance which entails age verification, age estimation and age inference is applicable for a large variety of use cases. Protection of children is the most prominent use case.
Impact on society (8th Open Call)
Access to pornographic content and age-restricted services or products available online, like alcohol, diets, self-harm or suicide information, needs to be better controlled. Legislation is necessar,y but will not be sufficient: efficient methods need to be put in place. Two main categories of solutions are promising: age estimation using AI facial analysis and digital identity wallets. The AI Act published in the Official Journal (OJ) of the European Union on 12 July 2024 considers applications using AI for age estimation as “high-risk applications”. The EUDIW (EU Digital Identity Wallet) is expected to be usable for performing age verification in both online and proximity modes. Besides these usages, age verification, estimation, or inference will be useful in other areas, such as controlling the age of teenagers or elderly people, so that they can obtain rebates. This will speed up controls and avoid the presentation of physical identity documents.
Open Call
OC#5 2026
OC#8 2026
Organization
CEO, DP Security Consulting SAS
Portrait Picture
Pinkas
Proposal Title (5th Open Call)
Age-restricted accesses to services while preserving the privacy of individuals
Proposal Title (8th Open Call)
Privacy preserving age assurance systems for online or in-person access to services or goods
Standards Development Organisation
ISO/IEC
StandICT.eu Year
2026
Year
2024
Topic (5th Open Call)
Cybersecurity/Network and Information security
Subscribe to Cybersecurity/Network and Information security