Takeaways from the Cybersecurity Standards Conference February 2021
Standards organisations, CEN CENELEC and ETSI joined forces with ENISA to deliberate the cybersecurity standardisation landscape from 2-4 February 2021 at a virtual conference that gathered over 2000 participants.
The event had a dual focus: Exploring current developments and fostering a dialogue between policy makers, industry, research, standardisation and certification, with a view to ensuring the effective implementation of the Cybersecurity Act.
- Standardisation in relation to the Radio Equipment Directive (RED) and certification under the provisions of the Cybersecurity Act (CSA): Cybersecurity requirements for RED, delegated acts and standardisation work within CEN-CENELEC and ETSI. Panellists highlighted the nexus between regulatory requirements and standardisation in the alignment of EU policy goals in a global context.
- Standardisation supporting the Cybersecurity Act: Gaps in the current standardisation landscape and how they can be filled.
- Standardisation of 5G: next steps. With preparations underway for a cybersecurity certification scheme, panellists discussed the state of 5G standardisation, with ENISA poised to prepare a candidate cybersecurity certification scheme on 5G networks.
With reference to ETSI TS 103 742, Draft 0.7 (Cybersecurity for a communications network), Charles Brookson (OBE) of ETSI CYBER, highlighted the need for accessible and flexible standards that are broadly applicable, for example, SME, corporate, mobile, mobile virtual network operator, fixed, wireless and not prohibitive for small businesses.
Technical issues are the very first part of being able to do business but we need on top of this processes to run a business, including security responsibilities, outsourcing requirements, current and incoming staff awareness and personal information policy, physical infrastructure and supply chain policies. In terms of standards, it’s important to understand which part of the security puzzle they fit into and the cost implications.
Conference presentations are available here.