Standard
bodies
The Standards Development Organizations (SDOs) primarily mentioned here are ITU-T, ISO and IEC.
There are other SDOs that make contributions to cybersecurity standardization.
NIS2
EU has issued a new cybersecurity directive Network and Information Security 2 (NIS 2). This directive is an enhancement to the existing NIS directive directed against organizations.
Beyond NIS2 and firewalls
NIS2 may be a threat to cybersecurity, as
it is believed that
NIS2 is necessary AND sufficient for cybersikkerhed.
Be active in standardization
Cybersecurity standardization is a multiple headed beast covering procedural aspects, security requirements on network components and detailed specifications for how to satisfy requirements.
ITU-T X.509
ITU-T X.509 is the framework for public-key infrastructure (PKI). It is one of the most important cybersecurity standards supported secure banking, e-government, etc. since 1988. New requirements queuing up.
ITU-T X.510
While ITU-T X.509 provides support for entities, ITU-T X.510 provides protection for communication protocols for connections between entities. It also specifies how to migrate cryptographic algorithm.
ITU-T X.508
ITU-T X.508 complements ITU-T X.509 and ITU-T X.510 by giving a comprehensive description of cryptographic algorithms, the mathematics behind and best practise on establishing a PKI.
ITU-T X.DPKI
DPKI stands for decentralized PKI and is a PKI where PKI domains are interconnect using blockchain technology and where PKI information is stored in the ledger making it available worldwide.
ASN.1
Abstract Syntax Notation One (ASN.1) is the perfect tools for creating communication standards. It flexible, easy to read and it supports multiple encodings (multiple binary encodings, XML encoding and Jason encoding).
Enigma
During the second World War Germany used a system called Enigma for encryption and decryption of data. The encrypted data was transmitted as Morse code to intercepted by anyone, like today’s cable surveillance.