Standards organisations, CEN CENELEC and ETSI joined forces with ENISA to deliberate the cybersecurity standardisation landscape from 2-4 February 2021 at a virtual conference that gathered over 2000 participants. 

The event had a dual focus: Exploring current developments and fostering a dialogue between policy makers, industry, research, standardisation and certification, with a view to ensuring the effective implementation of the Cybersecurity Act. 

With reference to ETSI TS 103 742, Draft 0.7 (Cybersecurity for a communications network), Charles Brookson (OBE) of ETSI CYBER, highlighted the need for accessible and flexible standards that are broadly applicable, for example, SME, corporate, mobile, mobile virtual network operator, fixed, wireless and not prohibitive for small businesses. 

Technical issues are the very first part of being able to do business but we need on top of this processes to run a business, including security responsibilities, outsourcing requirements, current and incoming staff awareness and personal information policy, physical infrastructure and supply chain policies. In terms of standards, it’s important to understand which part of the security puzzle they fit into and the cost implications. 

Conference presentations are available here.