ETSI, the leading ICT standards organization, held its Security Week from 22-26 June, with a Security Workshop followed by three thematic sessions. The sessions focused on machine-to-machine communications and the Internet of Things (M2M/IoT), security assurance in Intelligent Transport Systems and Electronic identification and trust services (eIDAS). The closing days of the week were dedicated to the meetings of two ETSI technical committees, TC CYBER and TC ESI (Electronic Signatures and Infrastructures), which exceptionally were open to non-members of ETSI.
The event brought together ICT security experts from various stakeholders, including counterparts from other standards bodies and fora, ITU, ISO, CEN/CENELEC, NIST, IETF and W3C, and security experts from industry, government, regulators and academia.
Setting the scene, the ETSI Director General and the ETSI General Assembly and Board chairmen underlined ETSI’s long term expertise in security while, in a later session, presentations from 13 ETSI committees gave an overview of their achievements and ongoing work on security and privacy.
Delegates to the event were reminded that the threat landscape is now very dynamic, challenging and always evolving, and that education of all relevant parties, including developers, on security standards, is important. ETSI sees a real need to make ‘security by design’ the default approach in standards development.
To address security issues on a global scale, a growing concern in today’s digital world, ETSI established its CYBER technical committee on cybersecurity issues. As well as developing standards for cybersecurity, it coordinates work in other ETSI committees and pays specific attention to European requirements from policies such as the Digital Single Market. It has already published a technical report TR 103 305 on Critical Security Controls for Effective Cyber Defence and will publish later this year a Technical Report on Security Assurance by Default. In addition, following the outcome of the workshop, the committee started a new work on a practical introductory guide to privacy.
Two ETSI White Papers have been published to coincide with the Security Week. Security for ICT – The Work of ETSI, updated yearly, provides an overview of all ETSI standardization topics related to Security. Quantum Safe Cryptography and Security discusses how future development of quantum computing poses risks to current encryption techniques, and the security of today’s data, where today’s encryption algorithms may not provide sufficient protection against quantum computing. ETSI has two industry specification groups developing specifications in this field, one on Quantum Key Distribution, and a second on quantum Safe Cryptography.