ETSI: Difference between revisions

From Cyber Public
No edit summary
No edit summary
Line 1,311: Line 1,311:


ZNIIS                   Центральный научно-исследовательский институт связи (Russia)
ZNIIS                   Центральный научно-исследовательский институт связи (Russia)
= Global cyber security ecosystem =
== [null 4.1       Organization of the ecosystem forums and activities] ==
This clause organizes the global cyber security ecosystem as six groups of forums and activities that are fundamental collaborative mechanisms for cyber security and its evolution:
1)       forums that develop techniques, technical standards and operational practices;
2)       major IT developer forums affecting cyber security;
3)       activities for continuous information exchange;
4)       centres of excellence;
5)       reference libraries, continuing conferences; and
6)       heritage sites and historical collections.
In some cases, the same parent organization hosts multiple forums and activities that are attributed to different groups. In other cases, the organization hosts numerous forums where several of them have fully or substantially dedicated cyber security functions - which are indented under the parent. Because of the very large numbers of forums, and in the interests of providing a useful understanding of the ecosystem, only very short descriptions are provided, and the reader is encouraged to use the URI links to fully appreciate the work being done.
This compilation attempts to be an inclusive as possible to expand the collective insight into the extent of the ecosystem. Toward this objective, it includes collaborative mechanisms that are frequently overlooked but enormously significant in the cyber security arena such as developer forums for the major IT platforms, centres of excellence that are rapidly growing in numbers worldwide, and continuing conferences - even hacker major global hacker events that regularly reveal cyber security vulnerabilities that were previously unknown.
This material is augmented by annex A which contains national cyber security ecosystems that have been published in national strategy or other publicly available material. Annex B contains depictions of relationships among these ecosystems.
== [null 4.2       Fora that develop techniques, technical standards and operational practices] ==
The forums listed below are well known venues engaging in significant global collaboration to produce techniques, technical standards and operational practices for cyber security. Where the venues operate substantially at a national level, they are placed in annex A.
'''3GPP - 3<sup>rd</sup> Generation Partnership Project'''. 3GPP unites six telecommunications standard development organizations (ARIB, ATIS, CCSA, ETSI, TTA, TTC), and provides their members with a stable environment to produce the Reports and Specifications that define the world's principal mobile communication technologies. The scope includes cellular telecommunications network technologies, including radio access, the core transport network, and service capabilities - including work on codecs, security and quality of service. The specifications also provide hooks for non-radio access to the core network, and for interworking with Wi-Fi networks. <nowiki>http://www.3gpp.org/</nowiki>.
·         '''SA1 - Services'''. Service and feature requirements applicable to mobile and fixed communications technology for 2G, 3G and future communication technologies, evolved industry-wide IP Multimedia Subsystem (IMS), and converged fixed-mobile communication technologies. <nowiki>http://www.3gpp.org/specifications-groups/sa-plenary/sa1-services</nowiki>.
·         '''SA2 - Architecture'''. Identifies the main functions and entities of the network, how these entities are linked to each other and the information they exchange. <nowiki>http://www.3gpp.org/Specifications-groups/sa-plenary/53-sa2-architecture</nowiki>.
·         '''SA3 - Security'''. Determine the security and privacy requirements for mobile systems, and specifies the security architectures and protocols, including the availability of any cryptographic algorithms. SA3 notably includes two significant security assurance activities: SECAM (Study on Security Assurance Methodology) and NESAG (Network Equipment Security Assurance Group). SA3LI also operates as part of SA3 to meet lawful interception security obligations. <nowiki>http://www.3gpp.org/Specifications-groups/sa-plenary/54-sa3-security</nowiki>.
·         '''SA5 - Telecom Management'''. Specifies the requirements, architecture and solutions for provisioning and management of the network (RAN, CN, IMS) and its services. Also the principal venue for coordinating NFV‑SDN and 5G activities. <nowiki>http://www.3gpp.org/specifications-groups/sa-plenary/sa5-telecom-management/home</nowiki>.
·         '''SA6 -''' '''Mission-critical Applications'''. Responsible for the definition, evolution and maintenance of technical specification(s) for application layer functional elements and interfaces supporting critical communications. <nowiki>http://www.3gpp.org/specifications-groups/sa-plenary/sa6-mission-critical-applications</nowiki>.
'''5GACIA - 5G Alliance for Connected Industries and Automation'''. The 5G Alliance for Connected Industries and Automation (5G-ACIA) has been established to serve as the central and global forum for addressing, discussing, and evaluating relevant technical, regulatory, and business aspects with respect to 5G for the industrial domain. It reflects the entire ecosystem, encompassing all relevant stakeholder groups. <nowiki>https://www.5g-acia.org/</nowiki>.
'''ACDC - Advanced Cyber Defence Centre'''. Provides a complete set of solutions accessible online to mitigate on-going attacks and targeted both to end-users and to network operators. It also consolidates the data provided by various stakeholders into a pool of knowledge, accessible through the ACDC central clearing house. <nowiki>https://www.acdc-project.eu/</nowiki>.
'''AIOTI - The European Alliance of IoT Innovation'''. An inclusive body of IoT industrial players - large companies, successful SMEs and dynamic start-ups - as well as well-known European research centres, universities, associations and public bodies. Its thirteen working groups cover a broad array of IoT sectors including security. <nowiki>https://aioti.eu/</nowiki>.
'''APCERT - Asia Pacific Computer Security Response Team'''. Based in Japan, a trusted contact network of computer security experts in the Asia Pacific region to improve the region's awareness and competency in relation to computer security incidents. <nowiki>http://www.apcert.org/about/structure/secretariat.html</nowiki>.
'''BEREC - Body of European Regulators for Electronic Communications'''. BEREC facilitates independent, regulation of European electronic communications markets. <nowiki>http://berec.europa.eu/eng/about_berec/what_is_berec/</nowiki>.
'''CA/B - Certificate of Authority/Browser Forum'''. The Forum advances industry best practices to improve the ways that digital certificates are used to the benefit of network users and the security of their communications. The Forum produces the specification for Extended Validation Certificates, oversees their implementation, coordinates their recognition through ubiquitous network trust mechanisms. <nowiki>https://cabforum.org/about-us/</nowiki>.
'''CableLabs<sup>®</sup>'''. CableLabs is the principle standards body globally for the providers and vendors in the cable industry. Its standards are republished by ETSI and ITU-T. <nowiki>http://www.cablelabs.com/</nowiki>.
'''CCRA - Common Criteria Recognition Agreement'''. The CCRA is an organization among 26 countries to raise the general security of certified information and communications technology products through compliance with sets of security functional and security assurance requirements. <nowiki>https://www.commoncriteriaportal.org/ccra/</nowiki>.
'''CEN - Comité Européen de Normalisation'''. Provides a platform for the development of European Standards and other technical documents in relation to various kinds of products, materials, services and processes. Notably it is a member of the CSCG (Cybersecurity Coordination Group) to the EC. <nowiki>https://www.cen.eu/</nowiki>.
'''CENELEC - European Committee for Electrotechnical Standardization'''. CENELEC is responsible for standardization in the electrotechnical engineering field. Its cyber security activity relates to coordination on smart grid information security. Notably it is a member of the CSCG (Cybersecurity Coordination Group) to the EC. CEN/CLC/JTC13 on Cybersecurity and Data Protection develops standards for cybersecurity and data protection covering all aspects of the evolving information society. <nowiki>http://www.cenelec.eu/</nowiki>.
'''CEPOL - European Police College'''. An EU agency dedicated to providing training and learning opportunities to senior police officers on issues vital to the security of the European Union and its citizens. Activities are designed to facilitate the sharing of knowledge and best practice and to contribute to the development of a common European law enforcement culture. <nowiki>https://www.cepol.europa.eu/education-training/what-we-teach/residential-courses/20141026/132014-cybercrime-vs-cybersecurity</nowiki>.
'''CIS - Center for Internet Security'''. The Center is focused on enhancing the cybersecurity readiness and response of public and private sector entities and encompasses two major activities. <nowiki>http://www.cisecurity.org/</nowiki>. Standards to maintain and promote use of the set of Critical Security Controls as recommended actions for cyber defence that provide specific and actionable ways to thwart the most pervasive attacks and the Open Vulnerability and Assessment Language (OVAL) specifications. It also maintains the MS-ISAC - the U.S. DHS mechanism for exchanging cyber threat information among state and local governments, and the EI-ISAC - the U.S. DHS mechanism for securing elections infrastructure.
'''CSA - Cloud Security Alliance'''. CSA develops best practices for providing security assurance within Cloud Computing, and provides education on the uses of Cloud Computing to help secure all other forms of computing. <nowiki>https://cloudsecurityalliance.org/</nowiki>.
'''EC - European Commission'''. The European Commission is the EU's executive body. Multiple directorates have significant cyber security roles: CONNECT (Communications Networks, Content and Technology; DIGIT (Informatics); GROW (Internal Market, Industry, Entrepreneurship and SMEs) Enterprise and Industry); HR (Human Resources and Security), JRC (Joint Research Centre), JUST (Justice and Consumers); HOME (Migration and Home Affairs); RTD (Research and Innovation). <nowiki>http://ec.europa.eu/about/index_en.htm</nowiki>.
·         '''CSCG - Cybersecurity Coordination Group'''. The CSCG - comprised by CEN, CENELEC, and ETSI - acts as a single point of contact for pan‐European interchange on Cyber Security standardization and provides a set of recommendations and advice to the European Commission and EU Member States in the area of Cyber Security standardization. Additionally, the Coordination Group liaises actively with the European Union Agency for Network and Information Security (ENISA) and the Multi‐Stakeholders Platform on ICT standardization.
·         '''ENISA - European Network and Information Security Agency'''. ENISA helps the European Commission, the Member States and the business community to address, respond and especially to prevent Network and Information Security problems. Notably it operates the EU-CERT and provides support for the ECRG, NIS activities, including harmonization of national cyber security strategies. <nowiki>https://www.enisa.europa.eu/</nowiki>.
·         '''EOS - European Organization for Security'''. EOS' main objective is the development of a harmonised European security market in line with political, societal and economic needs through the efficient use of budgets. EOS works towards achieving a better level of technology independence for European strategic autonomy and supports the development and use of European reference solutions as well as the growth of a genuine European industry. <nowiki>http://www.eos-eu.com/</nowiki>.
·         '''ECSO - European Cybersecurity Organization'''. ECSO represents an industry-led contractual counterpart to the European Commission for the implementation of the Cyber Security contractual Public-Private Partnership (cPPP). The main objective of ECSO is to support all types of initiatives or projects that aim to develop, promote, encourage European cybersecurity. <nowiki>http://www.ecs-org.eu/</nowiki>.
·         '''ECRG - Electronic Communications Reference Group'''. ECRG includes European providers of public electronic communications networks and services (mobile and fixed telecom operators, VoIP providers, ISPs, IXP providers, etc.) and it addresses security topics across the Electronic Communications area - including security measures, incident reporting, data protection, botnet mitigation, interconnection security and other topics. <nowiki>https://resilience.enisa.europa.eu/ecrg</nowiki>.
·         '''H2020 - Horizon 2020'''. H2020 is the financial instrument implementing the Innovation Union, a Europe 2020 flagship initiative aimed at securing Europe's global competitiveness. <nowiki>http://ec.europa.eu/programmes/horizon2020/</nowiki>. It includes a cybersecurity component.
·         '''Cybersecurity cPPP - Cybersecurity contractual Public Private Partnership'''. Signed as part of the EU cybersecurity strategy by the European Commission and the European Cyber Security Organisation (ECSO). The aim of the partnership is to foster cooperation between public and private actors at early stages of the research and innovation process in order to allow people in Europe to access innovative and trustworthy European solutions (ICT products, services and software).
·         '''NIS - Network and Information Security'''. The NIS Platform is part of the European Strategy for Cybersecurity. It serves the 2 priorities of achieving cyber-resilience in the EU and developing industrial and technological resources for cybersecurity <nowiki>https://resilience.enisa.europa.eu/nis-platform</nowiki>.
'''ETSI - European Telecommunications Standards Institute'''. ETSI produces globally-applicable standards for Information and Communications Technologies (ICT), including fixed, mobile, radio, converged, broadcast and internet technologies. Notably, it hosts the Technical Committee for Cybersecurity and is a member of the CSCG (Cybersecurity Coordination Group) to the EC. <nowiki>https://www.etsi.org/</nowiki>.
·         '''CYBER - Cybersecurity Technical Committee'''. CYBER is tasked to develop and maintain the Standards, specifications and other deliverables to support the development and implementation of Cyber Security standardization within ETSI, to collect and specify Cyber Security requirements from relevant stakeholders, to identify gaps where existing standards do not fulfil the requirements and provide specifications and standards to fill these gaps, without duplication of work in other ETSI committees and partnership projects, and to ensure that appropriate Standards are developed within ETSI in order to meet these requirements. <nowiki>https://portal.etsi.org/tb.aspx?tbid=824&SubTB=824</nowiki>. It also hosts the subgroup CYBER QSC which makes assessments and recommendations on the various proposals from industry and academia regarding real-world deployments of quantum-safe cryptography.
·         '''ESI - Electronic Signatures and Infrastructures'''. ESI develops generic standards, guides and reports relating to electronic signatures and related trust infrastructures to protect electronic transactions and ensure trust and confidence. <nowiki>https://portal.etsi.org/tb.aspx?tbid=607&SubTB=607</nowiki>.
·         '''LI - Lawful Interception technical committee'''. Responsible for developing standards that support the requirements of national and international law for lawful interception and retained data of electronic communications. <nowiki>https://portal.etsi.org/tb.aspx?tbid=608&SubTB=608</nowiki>.
·         '''MTS-SIG - Methods for Testing and Specification Security Special Interest Group'''. Responsible generally for the identification and definition of advanced specification and testing methods, and with respect to security, advanced model-based security testing methods, risk-based security testing methods, and security assurance life cycle. <nowiki>https://portal.etsi.org/tb.aspx?tbid=97&SubTB=97</nowiki>.
·         '''NFV - Network Functions Virtualisation'''. NFV is a very large and active Industry Specification Group focused on a broad array of specifications for Network Functions Virtualization, including cyber security techniques and mechanisms through its NFVsec subgroup. <nowiki>https://portal.etsi.org/tb.aspx?tbid=789&SubTB=789,832,831,795,796,801,800,798,799,797,802,828</nowiki>.
·         '''NTECH - Network Technologies'''. Provide detailed architecture and protocol (profile) specifications for use in networks addressing the control, data and management planes in both the service and transport layers of future networks, including security. <nowiki>https://portal.etsi.org/tb.aspx?tbid=785&SubTB=785,808</nowiki>.
·         '''SAGE - Security Algorithms Group of Experts'''. SAGE is responsible for creating reports (containing confidential specifications), draft ETSI deliverables in the area of cryptographic algorithms and protocols specific to fraud prevention/unauthorized access to public/private telecommunications networks and user data privacy. <nowiki>https://portal.etsi.org/tb.aspx?tbid=160&SubTB=160</nowiki>.
·         '''SAI - Securing Artificial Intelligence'''. SAI develops technical specifications that mitigate against threats arising from the deployment of AI, and threats to AI systems, from both other AIs, and from conventional sources. <nowiki>https://portal.etsi.org/tb.aspx?tbid=877&SubTB=877#/</nowiki>.
·         '''SCP - Smart Card Platform'''. SCP is responsible for the development and maintenance of specifications for secure elements (SEs) in a multi-application capable environment, the integration into such an environment, as well as the secure provisioning of services making use of SEs. TC SCP developed the UICC, the smart card platform used for the SIM, and is currently developing the next generation Smart Secure Platform, the SSP. <nowiki>https://portal.etsi.org/tb.aspx?tbid=534&SubTB=534,639,640,714#/</nowiki>.
'''CERT-EU - Community Emergency Response Team - Europe'''. A permanent CERT for EU institutions, agencies and bodies made up of IT security experts from the main EU Institutions. It cooperates closely with other CERTs in the Member States and beyond as well as with specialized IT security companies. <nowiki>http://cert.europa.eu/cert/filteredition/en/CERT-LatestNews.html</nowiki>.
'''Europol - European Police Office'''. Located at The Hague, Europol is the EU's law enforcement agency whose main goal is to help achieve a safer Europe for the benefit of all EU citizens through assistance to the Member States in their fight against serious international crime and terrorism, including cyber security investigations. J-CAT (Cybercrime Action Task Force) has been active in dealing with mobile malware. <nowiki>https://www.europol.europa.eu/</nowiki>.
'''FIDO Alliance'''. The Fast IDentity Online organization develops technical specifications that define an open, scalable, interoperable set of mechanisms that reduce the reliance on passwords to authenticate users and promotes their use. <nowiki>https://fidoalliance.org/</nowiki>.
'''FIRST - Forum of Incident Response and Security Teams'''. FIRST is the international organization of CERTs/CSIRTs who cooperatively handle computer security incidents and promote incident prevention programs. FIRST members develop and share technical information, tools, methodologies, processes and best practices. It also promotes the creation and expansion of Incident Response teams globally though global, regional, and national workshops and conferences. <nowiki>http://www.first.org</nowiki>. Through FIRST's Special Interest Groups (SIGs) and BOFs, it develops significant cyber security techniques and standards that include:
·         Standards:
-          Common Vulnerability Scoring System (CVSS)
-          Information Exchange Policy
-          Traffic Light Protocol (TLP)
-          Passive DNS Exchange
·         Discussion Groups:
-          Internet Infrastructure Vendors
-          Malware Analysis
-          Metrics SIG
-          Industrial Control Systems (ICS)
·         Working Groups:
-          Ethics SIG
-          Red Team SIG
-          Vulnerability Reporting and Data eXchange
-          Vulnerability Coordination
-          Information Sharing SIG
'''GlobalPlatform<sup>®</sup>'''. GlobalPlatform is a cross industry, non-profit association which identifies, develops and publishes specifications that promote the secure and interoperable deployment and management of multiple applications on secure chip technology. Its proven technical specifications, which focus on the Secure Element (SE), Trusted Execution Environment (TEE) and system messaging. <nowiki>https://www.globalplatform.org/default.asp</nowiki>.
'''GSMA™ - GSM Association'''. GSMA is the global ''organization'' of GSM and related mobile providers and vendors, and today the largest telecommunication industry entity. GSMA's Fraud and Security Working Group is the global mechanism for exchanging information, developing standards and techniques, and collaborating on mobile cyber security in many other forums. It works closely with 3GPP groups, especially SA3 (Security) - providing support for cyber security information assurance initiatives. <nowiki>http://www.gsma.com/</nowiki>.
·         '''GSMA™ FASG - GSM Association Fraud and Security Working Group'''. The newly integrated FASG group operates through several groups addressing mobile device security and malware, and NESAG (Network Equipment Security Assurance Group) which supports the 3GPP SA3 security assurance platforms. <nowiki>http://www.gsma.com/aboutus/leadership/committees-and-groups/working-groups/fraud-security-group</nowiki>.
'''ICANN - Internet Corporation for Assigned Names and Numbers'''. ICANN is responsible for the coordination of maintenance and methodology of several databases of unique identifiers through its operation of the Internet Assigned Numbers Authority (IANA), oversight of key identifier registration and query capabilities, and maintenance of digital certificates for the Domain Name System. <nowiki>https://www.icann.org/</nowiki>.
'''IEEE Standards Association'''. The IEEE SA is a leading consensus building organization that nurtures, develops & advances global technologies. Its work drives the functionality, capabilities and interoperability of a wide range of products and services. <nowiki>http://standards.ieee.org/index.html</nowiki>.
·         '''Industry Connections Security Group (ICSG)'''. The Group promotes collaboration and information sharing across the IT security industry. Working group's aim is to help develop an accepted way of traffic inspection, on top of encrypted transport standards. The ICSG has five working groups related to security. <nowiki>http://standards.ieee.org/develop/indconn/icsg/index.html</nowiki>.
-          AMSS - Anti-Malware Support Services Working Group
-          ETI - Encrypted Traffic Inspection Working Group
-          MMDEF - Malware Metadata Exchange Format Working Group
-          Malware Working Group
'''IETF - Internet Engineering Task Force'''. The IETF is a global standards making activity of the Internet Society that influences the way people design, use, and manage the Internet. Many of these activities are cyber security related. Its Internet Architecture Board (IAB) also oversees development of cyber security capabilities. IETF groups change frequently and its website should be consulted for the latest activities. <nowiki>https://www.ietf.org</nowiki>.
·         '''MILE - Managed Incident Lightweight Exchange'''. The MILE working group develops standards to support computer and network security incident management; an incident is an unplanned event that occurs in an information technology (IT) infrastructure. Its platforms such as IODEF and RID have been in widespread use by CERTs for many years and new extensions have been produced. <nowiki>https://datatracker.ietf.org/wg/mile/documents/</nowiki>.
·         '''SACM - Security Automation and Continuous Monitoring'''. Standardized protocols to collect, verify, and update system security configurations would allow this process to be automated, which would free security practitioners to focus on high priority tasks and should improve their ability to prioritize risk based on timely information about threats and vulnerabilities. <nowiki>https://datatracker.ietf.org/wg/sacm/charter/</nowiki>.
·         Other IETF Security Area and related groups include:
-          ace - Authentication and Authorization for Constrained Environments
-          acme - Automated Certificate Management Environment
-          cose - CBOR Object Signing and Encryption
-          curdle - CURves, Deprecating and a Little more Encryption
-          dots - DDoS Open Threat Signalling
-          emu - EAP Method Update
-          i2nsf - Interface to Network Security Functions
-          ipsecme - IP Security Maintenance and Extensions
-          kitten - Common Authentication Technology Next Generation
-          lake - Lightweight Authenticated Key Exchange
-          lamps - Limited Additional Mechanisms for PKIX and SMIME
-          mls - Messaging Layer Security
-          oauth - Web Authorization Protocol
-          rats - Remote ATtestation ProcedureS
-          secdispatch - Security Dispatch
-          suit - Software Updates for Internet of Things
-          teep - Trusted Execution Environment Provisioning
-          tls - Transport Layer Security
-          tokbind - Token Binding
-          trans - Public Notary Transparency
'''IRTF - Internet Research Task Force'''. The IRTF focuses on longer term Internet research issues. Its Crypto Forum Research Group (CFRG) is a general forum for discussing and reviewing uses of cryptographic mechanisms, both for network security. <nowiki>https://irtf.org/</nowiki>.
'''ISF - Information Security Forum'''. ISF is comprised of major companies dedicated to investigating, clarifying and resolving key issues in information security and risk management, by developing best practice methodologies, processes and solutions that meet the business needs of their Members. <nowiki>https://www.securityforum.org/membership/</nowiki>.
'''ISO - International Organization for Standardization'''. The ISO is a Swiss based private international standards development and publishing body composed of representatives from various national standards organizations with multiple committees - several of which have significant cyber security related activity. <nowiki>http://www.iso.org</nowiki>.
·         '''JTC1/SC27 - Information security, cybersecurity and privacy protection'''. SC27 publishes security technique standards. <nowiki>http://www.iso.org/iso/iso_technical_committee?commid=45306</nowiki>. SC27 has five working groups dealing with:
-          Information security management systems
-          Cryptography and security mechanisms
-          Security evaluation, testing and specification
-          Security controls and services
-          Identity management and privacy technologies
·         '''JTC1/SC7 - Software and systems engineering'''. SC 7 publishes software development, testing, and tagging standards. <nowiki>http://www.iso.org/iso/iso_technical_committee%3Fcommid%3D45086</nowiki>.
·         '''JTC1/SC6 - Telecommunications and information exchange between systems'''. SC 6 publishes together with the ITU-T Study Group 17, the legacy X.509 PKI standard that is implemented using IETF, ETSI, and CA/B Forum profiles. <nowiki>http://www.iso.org/iso/iso_technical_committee.html?commid=45072</nowiki>.
'''ITU - International Telecommunication Union'''. The ITU is a Swiss based intergovernmental body with three sectors dealing with the development and publication of Recommendations for radio systems (ITU-R), telecommunications (ITU-T), and development assistance (ITU-D). <nowiki>https://www.itu.int</nowiki>.
·         '''ITU-R - Telecommunication Radiocommunication Sector'''. The ITU-R consists of an Assembly that meets every four years to approve its structure and general work areas, six Study Groups that meet annually, and a Secretariat that publishes the materials and maintains several radiocommunication databases. The ITU-R cyber security activity is confined to legacy materials, and contemporary radio cyber security work occurs predominantly in ETSI, 3GPP, and GSMA. <nowiki>https://www.itu.int/en/ITU-R/Pages/default.aspx</nowiki>.
·         '''ITU-T - Telecommunication Standardization Sector'''. The ITU-T consists of an Assembly that meets every four years to approve its structure and general work areas, eleven Study Groups that meet annually, and a Secretariat that publishes the materials and maintains several legacy telecommunications databases. The ITU‑T cyber security activity is focussed in Group Q4 of SG17 which produces a series of Recommendations for Cybersecurity Information Exchange (CYBEX). <nowiki>http://www.itu.int/en/ITU-T/studygroups/2017-2020/Pages/default.aspx/</nowiki>.
·         The cyber security relevant Study Groups include:
-          SG 2 - Operational aspects
-          SG 9 - Broadband cable and TV
-          SG11 - Protocols and test specifications
-          SG13 - Future networks (& cloud)
-          SG15 - Transport, Access and Home
-          SG16 - Multimedia
-          SG17 - Security
-          SG20 - IoT and applications, smart cities
·         '''ITU-D - Development Sector'''. Provides technical assistance and in the creation, development and improvement of telecommunications in developing countries. <nowiki>http://www.itu.int/en/ITU-D/Pages/default.aspx</nowiki>. ITU-D has cyber security activity in group Q3 of Study Group 2. ITU-T also maintains Cybersecurity Country Profiles at <nowiki>https://www.itu.int/en/ITU-D/Cybersecurity/Documents/Forms/AllItems.aspx</nowiki>.
'''MITRE''' - MITRE is a globally active non-profit research and development centre that is responsible for multiple significant global cyber security techniques, standards making and related secretariat activities. The activity occurs through multiple individual on-line activities, frequent workshops, and significant involvement in other global forums listed below. <nowiki>http://www.mitre.org/capabilities/cybersecurity/overview/cybersecurity-resources/standards</nowiki>.
·         '''ATT&CK™ - Adversarial Tactics Techniques and Common Knowledge''': a globally-accessible knowledge base of adversary tactics and techniques based on real-world observations. It is a structured list of known attacker behaviors that have been compiled into tactics and techniques and expressed in a handful of matrices as well as via STIX/TAXII. The list is a fairly comprehensive representation of behaviors attackers employ when compromising networks, it is useful for a variety of offensive and defensive measurements, representations, and other mechanisms. <nowiki>https://attack.mitre.org/</nowiki>.
·         '''Cybersecurity Languages/Formats & Protocols''': Malware Attribute Enumeration and Characterization (MAEC™), Common Vulnerabilities and Exposures (CVE<sup>®</sup>), Common Weakness Scoring System (CWSS™), Common Weakness Risk Analysis Framework (CWRAF™).
·         '''Cybersecurity Registries''': Common Attack Pattern Enumeration and Classification (CAPEC™), Common Weakness Enumeration (CWE™).
'''NATO - North Atlantic Treaty Organization'''. Against the background of increasing dependence on technology and on the Internet, the Alliance is advancing its efforts to confront the wide range of cyber threats targeting NATO's networks on a daily basis. NATO has moved forward with five cyber security actions: developing NATO Policy on Cyber Defence, assisting individual Allies, increasing NATO cyber defence capacity, cooperating with partners, and cooperating with industry. The Allies have also committed to enhancing information sharing and mutual assistance in preventing, mitigating and recovering from cyber attacks. <nowiki>http://www.nato.int/cps/en/natohq/topics_78170.htm</nowiki>.
·         '''LIBGUIDE - NATO reference library on cybersecurity'''. LIBGUIDE provides a few starting points to assist with research on issues related to cyberspace security. Notably, it includes a National Cyber Security Framework Manual. <nowiki>http://www.natolibguides.info/cybersecurity</nowiki>.
·         '''CCDCOE - NATO Cooperation Cyber Defence Center of Excellence'''. CCDCOE is a comprehensive and easy to navigate collection of legal and policy documents adopted by international organizations active in cyber security. <nowiki>https://ccdcoe.org/library/strategy-and-governance/</nowiki>.
'''OASIS - Organization for the Advancement of Structured Information Standards'''. OASIS is a major global industry body for developing and publishing worldwide standards for security, Internet of Things, cloud computing, energy, content technologies, emergency management, and other areas requiring structured information exchange. Although it began focussed on XML language schema, it has subsequently expanded to JSON.
·         The four most significant cyber security specifications activities consist of:
-          Technical Committee for Cyber Threat Intelligence (CTI). <nowiki>https://www.oasis-open.org/committees/tc_home.php?wg_abbrev=cti</nowiki>. It hosts development and publication of the specifications for Trusted Automated eXchange of Indicator Information (TAXII), Structured Threat Information eXpression (STIX), and Cyber Observable Expression (CybOX).
-          Common Security Advisory Framework (CSAF). <nowiki>https://www.oasis-open.org/committees/tc_home.php?wg_abbrev=csaf</nowiki>. Responsible of the former Common Vulnerability Reporting Framework (CVRF) designed standardize existing practice in structured machine-readable vulnerability-related advisories.
-          Collaborative Automated Course of Action Operations (CACAO). <nowiki>https://www.oasis-open.org/committees/tc_home.php?wg_abbrev=cacao</nowiki>. It is developing a standard to implement the course of action playbook model for cybersecurity operations through a sequence of cyber defense actions that can be executed for each type of playbook.
-          Open Command and Control (OpenC2). <nowiki>https://www.oasis-open.org/committees/tc_home.php?wg_abbrev=openc2</nowiki>. It is developing documents, specifications, lexicons or other artifacts to fulfill the needs of cyber security command and control in a standardized manner. It has published a language description document (RC4), actuator profiles, and open source prototype implementations.
·         OASIS currently hosts other cyber security technical committees listed below. <nowiki>https://www.oasis-open.org/org</nowiki>:
-          Biometric Services (BIOSERV)
-          Cross-Enterprise Security and Privacy Authorization (XSPA)
-          Digital Signature Services eXtended (DSS-X)
-          Electronic Identity Credential Trust Elevation Methods (Trust Elevation)
-          Key Management Interoperability Protocol (KMIP)
-          PKCS 11 TC
-          Privacy Management Reference Model (PMRM)
-          Security Services (SAML)
-          Web Services Secure Exchange (WS-SX)
-          XRI Data Interchange (XDI)
'''OIC-CERT - Organisation of Islamic Cooperation - Computer Emergency Response Teams'''. OIC-CERT provides a means for member countries to develop collaborative initiatives and partnerships relating to cyber security. <nowiki>https://www.oic-cert.org/en/</nowiki>.
'''OMG - Object Management Group<sup>®</sup>'''. OMG is a computer industry consortium to develop enterprise integration standards. The Group's principal current cyber security work deals with threat modelling where its System Assurance Task Force Security Fabric Working Group is developing a Unified Modelling Language Threat & Risk Model. <nowiki>http://sysa.omg.org/</nowiki>.
'''OSCE - Organisation for Security and Co-operation in Europe'''. ('''OSZE Organisation für Sicherheit und Zusammenarbeit in Europa'''). The OSCE maintains an informal working group on cyber security and workshops devoted to Confidence Building Measures (CBMs). <nowiki>http://www.osce.org/</nowiki>.
'''TCG - Trusted Computing Group<sup>®</sup>'''. TCG develops, defines and promotes open, vendor-neutral, global industry standards, supportive of a hardware-based root of trust, for interoperable trusted computing platforms. Its platforms provide for authentication, cloud security, data protection, mobile security, and network access & identity. TCG presently has twelve working groups. <nowiki>http://www.trustedcomputinggroup.org/</nowiki>:
·         Cloud Work Group
·         CYRES - Cyber Resilient Technologies Work Group
·         DICE - Device Identifier Composition Engine Architectures Work Group
·         ESWG - Embedded Systems Work Group
·         Industrial Work Group
·         IWG - Infrastructure Work Group
·         IoTWG - Internet of Things Work Group
·         MPWG - Mobile Platform Work Group
·         Network Equipment Work Group
·         PCCWG - PC Client Work Group
·         SWG - Server Work Group
·         TWG - Storage Work Group
·         TSSWG - TSS Software Stack Work Group
·         TNCWG - Trusted Network Communications Work Group
·         TPM - Trusted Platform Module Work Group
·         VPWG - Virtualized Platform Work Group
'''W3C<sup>®</sup> - World Wide Web Consortium'''. W3C develops protocols and guidelines for WWW services. It maintains four cyber security groups. <nowiki>http://www.w3c.org/</nowiki>:
·         Web Authentication Working Group
·         Web Application Security
·         Web Payments
·         Privacy Interest Group
·         Technical Architecture Group (TAG)
·         Hardware Based Secure Services Group
·         XML Security

Revision as of 18:51, 10 June 2020

Welcome to TC CYBER Wiki

The TC CYBER Wiki contains public information related to the Technical Committee work.

Global Cyber Security Ecosystem

The Global Cyber Security Ecosystem page provides a structured overview of cyber security work occurring in multiple other technical forums worldwide. The overview includes global identification of Cyber Security Centres of Excellence, heritage sites, historical collections, and reference libraries. It is intended to be continuously updated to account for the dynamics of the sector.

TC CYBER Roadmap

TC CYBER work is split across 9 key areas: understanding the cybersecurity ecosystem, IoT security and privacy, cybersecurity for critical national infrastructures, protection of personal data and communication, enterprise and individual cybersecurity, cybersecurity tools, support to EU legislation, forensics, and quantum-safe cryptography. You can find out more about each area on the Roadmap page.

Definition of terms, symbols and abbreviations

Terms

For the purposes of the present document, the following terms apply:

centre of excellence: educational or research & development organization recognized as a leader in accomplishing its cyber security mission

cyber environment: users, networks, devices, all software, processes, information in storage or transit, applications, services, and systems that can be connected directly or indirectly to networks [i.1]

cyber security (or cybersecurity): collection of tools, policies, security concepts, security safeguards, guidelines, risk management approaches, actions, training, best practices, assurance and technologies that can be used to protect the cyber environment and organization and user's assets

NOTE:      Organization and user's assets include connected computing devices, personnel, infrastructure, applications, services, telecommunications systems, and the totality of transmitted and/or stored information in the cyber environment. Cybersecurity strives to ensure the attainment and maintenance of the security properties of the organization and user's assets against relevant security risks in the cyber environment. The general security objectives comprise the following:

§  Availability.

§  Integrity, which may include authenticity and non-repudiation.

§  Confidentiality [i.1].

cybersecurity: preservation of confidentiality, integrity and availability of information in the Cyberspace [i.2]

cyberspace: complex environment resulting from the interaction of people, software and services on the Internet by means of technology devices and networks connected to it, which does not exist in any physical form [i.2]

heritage site: place (such as a building or complex) that is listed by a recognized accrediting body as a place where significant cyber security innovations occurred

historical collection: place, both real and virtual, dedicated to the structured gathering and availability of cyber security materials of historical significance; frequently denominated as a museum

information exchange mechanism: real or virtual activity established for providing continuing structured exchange of cyber security information content

reference library: collection of available published material useful for consultation for cyber security purposes

NOTE:      The present document also includes significant dedicated publications in this category.

techniques, technical standards and operational practices forum: any continuing body established for the purposes of reaching agreement on techniques, technical standards or operational practices for enhancing cyber security

Abbreviations

For the purposes of the present document, the following abbreviations apply:

NOTE:      Not all abbreviations are used in the present document. Some are included purposely to provide a unique global reference set of cyber security abbreviations.

3GPP                    3rd Generation Partnership Project

A*STAR              Agency for Science, Technology and Research (Singapore)

ABW                    Agencja Bezpieczenstwa Wewnetrznego (Poland)

AC                        Authentication Code (TCG)

ACDC                  Advanced Cyber Defence Centre

ACE-CSR            Academic Centres of Excellence in Cyber Security Research (UK)

ACI                       Austrian Critical Infrastructure (Austria)

ACI                       Österreichische kritische Infrastruktur (Austria)

ACMA                 Australian Communications and Media Authority (Australia)

ACSS                   Austrian Cyber Security Strategy (Austria)

ADCC                  Algemene Directie Crisiscentrum (Belgium)

ADIV                   Algemene Dienst Inlichting en Veiligheid (Belgium)

AEPD                   Spanish Data Protection Agency (Spain)

AFNOR                Association Française de Normalisation (France)

AFP                      Australian Federal Police (Australia)

AGCOM              Autorità per le Garanzie nelle Comunicazioni (Italy)

AGIMO                Australian Government Information Management Office (Australia)

AIK                      Attestation Identity Key (TCG)

AIOTI                   Alliance of IoT Innovation

AISI                      Australian Internet Security Initiative (Australia)

AMSS                  Anti-Malware Support Services Working Group (IEEE)

ANS                     Autorité Nationale de Sécurité (Belgium)

ANSAC                ASEAN Network Security Action Council

ANSES                 Ambient Network Secure Eco System (Singapore)

ANSSI                  Agence Nationale de la Sécurité des Systèmes d'Information (France)

ANSSI                  Agence Nationale de la Sécurité des Systèmes d'Information (Luxembourg)

APCERT              Asia Pacific Computer Emergency Response Team (Japan)

APCIP                  Austrian Programme for Critical Infrastructure Protection (Austria)

APCIP                  Österreichisches Programm zum Schutz kritischer Infrastruktur (Austria)

APT                      Advanced Persistent Threat

ARCSI                  Association des Réservistes du Chiffre et de la Sécurité de l'Information (France)

ARF                      Assessment Results Format or Asset Reporting Format

ARIB                    Association of Radio Industries and Businesses (Japan)

ASD                     Australian Signals Directorate (Australia)

ASEAN CERT    Association of Southeast Asian Nations CERT

ASIO                    Australian Security Intelligence Organisation (Australia)

A-SIT                   Secure Information Technology Centre - Austria (Austria)

A-SIT                   Zentrum für sichere Informationstechnologie - Austria (Austria)

ASS                      Austrian Security Strategy (Austria)

ATIS                     Alliance for Telecommunications Industry Solutions

ATT&CK™        Adversarial Tactics Techniques and Common Knowledge (MITRE)

BBK                     Bundesamt für Bevölkerungsschutz und Katastrophenhilfe (Germany)

BBK                     Biuro Badan Kryminalistycznych (Poland)

BCM                    Business Continuity Management (Germany)

BCSS                    Banque Carrefour de la Sécurité Sociale (Belgium)

Belac                    Organisme belge d'accréditation (Belgium)

Belac                    Belgische accredidatie-instelling (Belgium)

Belnet                  Belgian national research network (Belgium)

BelNIS                 Belgian Network Information Security (Belgium)

BEREC                Euroopan sähköisen viestinnän sääntelyviranomaisten yhteistyöelin (Finland)

BEREC                Body of European Regulators for Electronic Communications (Norway)

BfV                      Bundesamt für Verfassungsschutz (Germany)

BLOB                   Binary Large OBject (TCG)

BIPT                     Belgisch Instituut voor Postdiensten en Telecommunicatie (Belgium)

BIS                       Department for Business, Innovation and Skills (UK)

BMI                      Bundesministerium des Innern (Germany)

BORE                   Break Once Run Everywhere (TCG)

BSI                       Bundesamt für Sicherheit in der Informationstechnik (Germany)

BSI                       British Standards Institute (UK)

BYOD                  Bring Your Own Device

C3                         Computer Competence Certificate (Egypt)

C3                         Cybersecurity Competence Center (Luxembourg)

CA                        Certification Authority

CA/B                    Certificate of Authority/Browser Forum

CACAO               Collaborative Automated Course of Action Operations (OASIS)

CAE                     Centers of Academic Excellence (UK)

CAK                     Communications Authority of Kenya (Kenya)

CAN                     Computer Network Attack (Italy)

CAPEC                Common Attack Pattern Enumeration and Classification

CASES                 Cyberworld Awareness and Security Enhancement Services (Luxembourg)

CBM                    Confidence Building Measures

CBPL                   Commissie voor de Bescherming van de Persoonlijke Leverssfeer (Belgium)

CCC                     Chaos Computer Club

CCDB                  Common Criteria Development Board

CCDCOE             NATO Cooperation Cyber Defence Center of Excellence

CCE                      Common Configuration Enumeration

CCIP                     Centre for Critical for Infrastructure Protection (New Zealand)

CCIRC                 Canadian Cyber Incident Response Centre (Canada)

CCN                     National Cryptologic Centre (Spain)

CCN-CERT         Spanish Government National Cryptologic Center - CSIRT (Spain)

CCRA                  Common Criteria Recognition Agreement

CCSA                   China Communications Standards Association

CCSB                   Centre pour Cyber Securité Belgique (Belgium)

CCSB                   Centrum voor Cyber Security Belgie (Belgium)

CD                        Cyber Defense

CDT                     Centres for Doctoral Training (UK)

CDU                     Cyber Defence Unit of the National Armed Forces (Latvia)

CEEE                   Common Event Expression Exchange

CEN                     Comité Européen de Normalisation

CENELEC           European Committee for Electrotechnical Standardization

CEPOL                 European police college

CERT                   Computer Emergency Response Team (Belgium)

CERT Poland      (Poland)

CERT.at               Computer Emergency Response Team - Austria (Austria)

CERT.GOV.PL   Governmental Computer Security Incident Response Team (Poland)

CERT.GOV.PL   Rzadowego Zespolu Reagowania na Incydenty Komputerowe (Poland)

CERT.LU             Grouping of all Luxembourg CERTs

CERT.LY             Information Technology Security Incident Response Institution (Latvia)

CERT-AU            CERT Australia (Australia)

CERT-EU            CERT Europe

CERT-FR             CERT France

CERT-in              National Level Computer Emergency Response Team (India)

CERT-LT             National Electronic Communications Network and Information Security Incidents Investigation Service (Lithuania)

CERT-PA            Computer Emergency Response Team of the Public Administration (Italy)

CERT-PA            CERT - Pubblica Amministrazione (Italy)

CERT-SA            CERT Saudi Arabia (Saudi Arabia)

CERT-SI              Computer Emergency Response Team for Security and Industry (Spain)

CERT-SPC          CERT Sistema Pubblico de Connettività (Italy)

CERT-UK            CERT United Kingdom

CERT-US            CERT United States

CESG                   Communications-Electronics Security Group (UK) (now NCSC)

CFRG                   Crypto Forum Research Group

CHOD                  Chief of Defence (Netherlands)

CI                          Critical Infrastructure

CIC                       Critical Infrastructure Council (Saudi Arabia)

CII                        Critical Information Infrastructures (Austria)

CII                        Kritische Informationsinfrastrukturen (Austria)

CIIP                      Critical Information Infrastructure Protection

CII-SA                  Critical Infocomm Infrastructure Security Assessment (Singapore)

CIO                       Chief Information Officer

CIP                       Critical Infrastructure Protection

CIPMA                 Critical Infrastructure Protection Modelling and Analysis (Australia)

CIRCL                  The Computer Incident Response Center Luxembourg

CIRT                    Computer Incident Response Team

CIS                       Center for Internet Security

CISA                    Civilian Intelligence Service (Switzerland)

CISA                    Cybersecurity and Infrastructure Security Agency (US)

CiSP                     Cyber-security Information Sharing Partnership (UK)

CISR                     Comitato interministeriale per la sicurezza della Repubblica (Italy)

CloudAuthZ        Cloud Authorization (OASIS)

CMK                    Certified Migration Key (TCG)

CMRS                  Comité Ministériel du Renseignement et de la Sécurité (Belgium)

CN                        subcommittee on Core Network (3GPP)

CNAIPIC             Centro Nazionale Anticrimine Informatico per la Protezione delle Infrastructure Critiche (Italy)

CNC                     National Cyber Security Council (Spain)

CNCERT/CC       National Computer Network Emergency Response Technical Team/Coordination Center (China)

CND                     Computer Network Defence (Italy)

CNDP                   National Commission for Data Protection (Morocco)

CNE                     Computer Network Exploitation (Italy)

CNI                       National Intelligence Centre (Spain)

CNIP                    Critical National Infrastructure Protection Program (Jordan)

CNO                     Computer Network Operations (Italy)

CNO                     Computer Network Operations (Switzerland)

CNPIC                  National Centre for Critical Infrastructure Protection (Spain)

CNSS                   Committee on National Security Systems (USA)

COMCYBER      Commandement de cyberdéfense (France)

CONNECT          Directorate on Communications Networks, Content and Technology (EC)

COSC                   Consiliul Operativ de Securitate Cibernetica (Romania)

CPB                      Constitution Protection Bureau (Latvia)

CPE                      Common Platform Enumeration

CNPD                   Commission Nationale pour la Protection des Données (Luxembourg)

CPNI                    Centre for the Protection of National Infrastructure (UK)

CPS                      Cyber Physical System (Italy)

CPVP                   Commission de la Protection de la Vie Privée (Belgium)

CRP                      Cyberprzestrzen Rzeczypospolitej Polskiej (Poland)

CRTM                  Core Root of Trust for Measurement (TCG)

CSA                      Cloud Security Association

CSAF                   Common Security Advisory Framework (OASIS)

CSBM                  Confidence and Security Building Measures (Italy)

CSBN                   Cyber Security Beeld Nederland (Netherlands)

CSC                      Council on Cyber Security (now the Centre for Internet Security)

CSCG                   Cyber Security Coordination Group

CSCP                    Cyber Security Cooperation Program (Canada)

CSEC                   Communications Security Establishment Canada (Canada)

CSIAC                  Cyber Security and Information Systems Information Analysis Center (USA)

CSIRT                  Computer Security Incident Response Team (South Africa)

CSIRT.SK            National centre for computer security incidents.Slovakia (Slovakia)

CSIS                     Canadian Security Intelligence Service (Canada)

CSN                      National Security Council (Spain)

CSO                      Armed Forces Command Support Organisation (Switzerland)

CSOC                   Cyber Security Operations Centre (Australia)

CSOC                   National Cyberspace Security Operations Centre (Jordan)

CSOC                   National Cyber Security Operations Centre (Netherlands)

CSPC                    Cyber Security Policy and Coordination Committee (Australia)

CSSC                    Control System Security Centre (Japan)

CSSF                    Commission de Surveillance du Secteur Financier (Luxembourg)

CTI                       Cyber Threat Intelligence (OASIS)

CTWIN                Critical Infrastructure Warning Information Network (Lithuania)

CVE                     Common Vulnerabilities and Exposures

CVE-ID                CVE Identifier

CVRF                   Common Vulnerability Reporting Format

CVSS                   Common Vulnerability Scoring System

CWC                    Cyber Watch Centre (Singapore)

CWE                    Common Weakness Enumeration

CWRAF               Common Weakness Risk Analysis Framework

CWSS                  Common Weakness Scoring System

CYBER                Cybersecurity Technical Committee (ETSI)

CYBEX                Cybersecurity Information Exchange (ITU-T)

CybOX                Cyber Observable Expression

CYCO                  Cybercrime Coordination unit Switzerland (Switzerland)

CYIQL                 Cybersecurity Information Query Language

DAA                     Direct Anonymous Attestation (TCG)

DCE                     Dynamic root of trust for measurement Configuration Environment (TCG)

DCEC                   Defence Cyber Expertise Centre (Netherlands)

D-CRTM             Dynamic Core Root of Trust for Measurement (TCG)

DDoS                   Distributed Denial of Service

DDPS                   Federal Department of Defence, civil Protection and Sport (Switzerland)

DeitY                   Department of electronics & information technology (India)

DETEC                Federal Department of Environment, Transport, Energy and Communications (Switzerland)

DF                        Digital Forensics (Italy)

DGCC                  Direction Générale Centre de Crise (Belgium)

DGSE                   Direction Générale de la Sécurité Extérieure (France)

DHS                     Department of Homeland Security (USA)

DIGIT                   Directorate on Informatics (EC)

DIN                      Deutsches Institut für Normung

DISS                     Defence Intelligence and Security Service (Latvia)

DISS                     Defence Intelligence and Security Service (Netherlands)

DL                        Dynamic Launch (TCG)

DLME                  Dynamically Launched Measured Environment (TCG)

DNS                     Domain Name System

DoC                      Department of Communications (South Africa)

DOD                     Department Of Defence (Australia)

DoD&MV           Department of Defence and Military Veterans (South Africa)

DOJ&CD             Department Of Justice and Constitutional Development (South Africa)

DoS                      Denial of Service

dots                      DDoS open threat signaling (IETF)

DRDC                  Defence Research and Development Canada (DRDC)

DRSD                   Direction du Renseignement et de la Sécurité de la Défense (France)

D-RTM                Dynamic Root of Trust Measurement (TCG)

DSD                     [See ASD] (Australia)

DSG                     Federal Act on Data Protection (Switzerland)

DSI                       Data State Inspectorate (Latvia)

DSN                     National Security Department (Spain)

DSS-X                  Digital Signature Services eXtended (OASIS)

DST                      Department of Science and Technology (South Africa)

E2NA                   End-to-End Network Architectures (ETSI)

EAP                      Extensible Authentication Protocol

EAPC                   Euro-Atlantic Partnership Council (Switzerland)

EBIOS                  Expression of Needs and Identification of Security Objectives

EC                        European Commission

ECI                       European Critical Infrastructure

EI-ISAC               Elections Infrastructure Information Sharing and Analysis Center

ECRG                   Electronic Communications Reference Group (EC)

EMAD                 Chiefs of the Defence Staff (Spain)

ENFSI                  European Network of Forensic Institutes

ENISA                  European Network and Information Security Agency

EOC                     Electronic Operations Centre (Switzerland)

EPCIP                   European Programme for Critical Infrastructure Protection

ESA                      European Space Agency (Belgium)

ESI                        Electronic Signatures and Infrastructures (ETSI)

ESPCERTDEF    Computer Emergency Response Team in the field of the Ministry of Defence (Spain)

ESRIM                 European Security Research & Innovation forum

ETI                       Encrypted Traffic Inspection working group (IEEE)

ETSI                     European Telecommunication Standards Institute

EU                        European Union

EU CSS                EU CyberSecurity Strategy (EU)

Europol               European Police Office

EVCERT              Extended Validation Certificate

FASG                   GSM Association Fraud and Security Working Group

FCC                      Federal Communications Commission (USA)

FCCU                   Federal Computer Crime Unit (Belgium)

FCMC                  Financial and Capital Market Commission (Latvia)

FCP                      Federal Criminal Police (Switzerland)

FDEA                   Federal Department of Economic Affairs (Switzerland)

FDF                      Federal Department of Finance (Switzerland)

FDJP                    Federal Department of Justice and Police (Switzerland)

FDPIC                  Federal Data Protection and Information Commissioner (Switzerland)

Fedict                   FOD voor informatie-en communicatietechnologie (Belgium)

Fedoct                  SPF Technologie de l'Information et de la Communication (Belgium)

fedpol                  federal office of police (Switzerland)

FIA                       Federal Investigation Agency (Pakistan)

FIC                       Forum International de la Cybersécurité (Europe)

FICORA               Finnish COmmunications Regulatory Authority (Finland)

FIDO                    Fast IDentity Online

FIPS                      Federal Information Processing Standards (USA)

FIRST                   Forum of Incident Response and Security Teams

FIS                        Federal Intelligence Service (Switzerland)

FISMA                 Federal Information Security Management Act (USA)

FITO                     Federal IT Ordinance (Switzerland)

FITSU                  Federal IT Steering Unit (Switzerland)

FOCA                   Federal Office of Civil Aviation (Switzerland)

FOCP                   Federal Office for Civil Protection (Switzerland)

FOD                     Federal OverheiDsdienst (Belgium)

FOITT                  Federal Office of Information Technology, systems and Telecommunication (Switzerland)

FONES                 Federal Office for National Economic Supply (Switzerland)

FS-ISAC              Financial Services Information Sharing and Analysis Centre

GFCE                   Global Forum on Cyber Expertise

GCHQ                  Government Communications HeadQuarters (UK)

GISS                     General Intelligence and Security Service (Netherlands)

GovCERT            CERT gouvernemental du Grand-Duché de Luxembourg

GovCERT            Governmental Computer Emergency Response Team (Austria)

GovCERT            Staatliches Computer Emergency Response Team (Austria)

GovCERT            Government Computer Emergency Response Team (Switzerland)

GovCERT.au      Australian Government's Computer Emergency Readiness Team (Australia)

GROW                 Directorate on Internal Market, Industry, Entrepreneurship and SMEs (EC)

GSA                     Government Services Administration (USA)

GSMA                  GSM Association

GSS                      Government Security Secretariat (UK)

H2020                  Horizon 2020

HCPN                   Haut-Commissariat à la Protection Nationale (Luxembourg)

Healthnet CSIRT Healthsector CERT (Luxembourg)

HOME                 Directorate on Migration and Home Affairs (EC)

HR                        Directorate on Human Resources and Security (EC)

i2nsf                     interface to network security functions (IETF)

IA                         Information Assurance

IAAGs                  Infrastructure Assurance Advisory Groups (Australia)

IAB                       Internet Architecture Board

IAD                      Information Assurance Directorate (USA)

IANA                   Internet Assigned Numbers Authority

IBPT                     Institut Belge des services Postaux et des Télécommunications (Belgium)

ICANN                 Internet Corporation for Assigned Names and Numbers

ICASA                 Independent Communications Authority of SA (South Africa)

ICASI                   Industry Consortium for Advancement of Security on the Internet

ICE                       Infrastructure Critiche Europe (Italy)

ICE                       European Critical Infrastructure

INCIBE                Spanish National Cybersecurity Institute (Spain)

ICPO                    International Criminal Police Organization (Japan)

ICSG                    Industry Connections Security Group (IEEE)

ICT                       Information and Communication Technology

IDA                      Infocomm Development Authority of Singapore (Singapore)

IE                          Internet Explorer

IEEE                     Institute for Electrical and Electronic Engineers

IETF                     Internet Engineering Task Force

IGF-Bpf               Internet Governance Forum Best Practice Forum on Cybersecurity

ILNAS                  Institut Luxembourgeois de la Normalisation, de l'Accréditation, de la Sécurité et qualité des produits et services

ILP                        Initiating Logical Processor (TCG)

ILR                       Institut Luxembourgeois de Régulation

IMEI                     International Mobile station Equipment Identity

IMS                      IP Multimedia Subsystem (3GPP)

INRIA                  Institut national de recherche en sciences et technologies du numérique (France)

IODEF                  Incident Object Description Exchange Format

IP                          Internet Protocol

IPC                       International Police Cooperation (Switzerland)

ipsecme               IP security maintenance and extensions working group (IETF)

IRAP                    Information security Registered Assessors Program (Australia)

IRTF                     Internet Research Task Force

ISA                       Internal Security Agency (Poland)

ISA                       Federal Act on Measures to Safeguard Internal Security (Switzerland)

ISA                       Intelligence Service Act (Switzerland)

ISF                        Information Security Forum

ISFP                      Information Security and Facility Protection (Switzerland)

ISM                      Australian government Information and communications technology Security Manual (Australia)

ISMP                    Infocomm Security Master Plan (Singapore)

ISO                       International Organization for Standardization

IT                          Infrastrutture Critiche (Italy)

IT                          Information Technology

ITIDA                   Information Technology Industry Development Agency (Egypt)

ITU                       International Telecommunication Union

ITU-T                   International Telecommunication Union - Telecommunication Standardization sector

IWWN                 International Watch and Warning Network (Australia)

IXP                       Internet eXchange Point

J-CAT                  Cybercrime Action Task Force (Europol)

JASPER               Japan-ASEAN Security PartnERship (Japan)

JCPS                     Justice, Crime Prevention and Security cluster (South Africa)

JOA                      Joint Operating Arrangements of DSD, AFP and ASIO (Australia)

JOCERT              National Computer Emergency Response Team (Jordan)

JP CERT              Japan CERT (Japan)

JRC                      Directorate on Joint Research Centre (EC)

JSON                    JavaScript Object Notation

JUST                    Directorate on Justice and Consumers (EC)

JVN                      Japan Vulnerability Notes (Japan)

KCC                     Korea Communications Commission (Korea)

KIS                       Koordineringsutvalget for forebyggende Informasjonssikkerhet (Norway)

KITS                     Koordinierungsstelle IT-Sicherheit

kitten                   common authentication technology next generation working group (IETF)

KMIP                   Key Management Interoperability Protocol (OASIS)

KMU                    Kleine und Mittlere Unternehmen (Austria)

KRITIS                 Kritische Infrastrukturen (Germany)

KSZ                      Kruispuntbank van de Sociale Zekerheid (Belgium)

LECC                   Law Enforcement/CSIRT Cooperation (FIRST)

LI                          Lawful Interception

LIBGUIDE          reference library on cybersecurity (NATO)

lisp                       locator/ID separation protocol (IETF)

LÜKEX                Länderübergreifende Krisenmanagement Exercise (Germany)

MACCSA            Multinational Alliance for Collaborative Cyber Situational Awareness

MA-CERT           Morocco CERT (Morocco)

MCCD                 Joint Cyber Command (Spain)

MAEC                  Malware Attribute Enumeration and Characterization

MCI                      Ministry of Communications and Information (Singapore)

MCIT                   Ministry of Communications and Information Technology (Egypt)

MCIT                   Ministry of Communications and Information Technology (Saudi Arabia)

MCIV                   Ministerieel Comité voor Inlichting en Veiligheid (Belgium)

MD                       Ministry of Defence (Montenegro)

MELANI              Melde- und Analysestelle Informationssicherung (Switzerland)

MHA                    Ministry of Home Affairs (Singapore)

MI                         Ministry of the Interior (Montenegro)

MIIT                     Ministry of Industry and Information Technology (China)

MilCERT             Military Computer Emergency Response Team (Austria)

MilCERT             Militärisches Computer Emergency Response Team (Austria)

milCERT             Military Computer Emergency Response Team (Switzerland)

mile                      Managed incident lightweight exchange working group (IETF)

MINDEF              MINistry of DEFence (Singapore)

MIS                      Military Intelligence Service (Switzerland)

MISP                    Malware Information Sharing Platform & Threat Sharing (Luxembourg)

MIST                    Ministry for Information Society and Telecommunications (Montenegro)

MMDEF              Malware Metadata Exchange Format Working Group (IEEE)

MNiSW               Ministry of Science and Higher Education (Poland)

MNiSW               Ministerstwo Nauki i Szkolnictwa Wyzszego (Poland)

MOD                    Ministry Of Defence (Latvia)

MoE                     Ministry of Economics (Latvia)

MoEPRD             Ministry of Environmental Protection and Regional Development (Latvia)

MoES                   Ministry of Education and Science (Latvia)

MOF                     Ministry Of Finance (Singapore)

MoFA                  Ministry of Foreign Affairs (Latvia)

MoI                      Ministry of the Interior (Latvia)

MoJ                      Ministry of Justice (Latvia)

MOPAS               Ministry Of Public Administration and Security (Korea)

MoT                     Ministry of Transport (Latvia)

Mow                     Ministry of welfare (Latvia)

MP                        Member of Parliament

MS-ISAC             Multi-State Information Sharing and Analysis Center

MTS                     Methods for Testing and Specification (ETSI)

NAF                     National Armed Forces (Latvia)

NASK                  Research and Academic Computer Network (Poland)

NASK                  Naukowej i Akademickiej Sieci Komputerowej (Poland)

NATO                  North Atlantic Treaty Organization

NAVONVO         Nord-Atlantische Verdragsorganisatie (Belgium)

NBU                     Národný Bezpecnostný Úrad (Slovakia)

NCAC                  National Cybersecurity Advisory Council (South Africa)

NCCC                  National Cyber Coordination Centre (India)

NCCoE                National Cybersecurity Centre of Excellence (USA)

NCDC                  National Centre for Digital Certification (Saudi Arabia)

NCIA                    National Computing and Information Agency (Korea)

NCIIPC                National Critical Information Infrastructure Protection Centre (India)

NCP                      National Checklist Program

NCPF                   National Cybersecurity Policy Framework (South Africa)

NCSC                   National Cyber Security Centre (Korea)

NCSC                   National Cyber Security Centre (Lithuania)

NCSC                   Nationaal Cyber Security Centrum (Netherlands)

NCSC                   National Cyber Security Centre (New Zealand)

NCSC                   National Cyber Security Coordinating Centre (South Africa)

NCSC                   National Cyber Security Centre (U.K.)

NCSP                   National Cyber Security Programme (UK)

NCSRA                Nationale Cyber Security Research Agenda (Netherlands)

NCSS                   National Cybersecurity Strategie (Netherlands)

NCSS                   National Cyber Security Strategies

NCIRC                 NATO Communications and Information Agency

NEC                     National Encryption Centre (Jordan)

NEOC                  National Emergency Operations Centre (Switzerland)

NERC                   North American Electric Reliability Corporation

NES                      National Economic Supply (Switzerland)

NESAG                Network Equipment Security Assurance Group (3GPP)

NetSafe                Safer Internet Centre of Latvia Net-Safe Latvia (Latvia)

NFSA                   National Forensic Science Agency (Pakistan)

NFV                     Network Functions Virtualisation (ETSI)

NIACSA              National Information Assurance and Security Agency (Jordan)

NIACSS               National Information Assurance and Cyber Security Strategy (Jordan)

NICI                     National Information Security Authority (Slovakia)

NICT                    National institute of Information and Communications Technology (Japan)

NIS                       Network and Information Security (EU)

NIS                       National Intelligence Service (Korea)

NISC                    National Information Security Centre (Japan)

NISC                    National Infocomm Security Committee (Singapore)

NISE                     National Information Security Environment (Saudi Arabia)

NISE                     NISE Instructions (Saudi Arabia)

NISED                  NISE Directives (Saudi Arabia)

NISEMs               NISE Manuals (Saudi Arabia)

NISS                     National Information Security Strategy (Saudi Arabia)

NIST                     National Institute of Standards and Technology (USA)

NITC                    National Information Technology Centre (Jordan)

NorCERT            Norway CERT (Norway)

NorSIS                 Norsk senter for informasjonssikring (Norway)

NPA                     National Prosecuting Authority (South Africa)

NPSI                     Nationaler Plan zum Schutz der Informationsinfrastrukturen (Germany)

NRAF                   National IS Risk Assessment Function (Saudi Arabia)

NRF                      National Research Foundation (Singapore)

NSA                     National Security Authority (Czech)

NSA                     National Security Authority (Hungary)

NSA                     National Security Agency (Montenegro)

NSA                     National Security Authority (Slovakia)

NSA                     National Security Agency (USA)

NSC-CSC            National Security Council Cyber Security Committee (Spain)

NSCS                   National Security Coordination Secretariat (Singapore)

NSIS                     National Strategy for Information Security in the Slovak Republic (Slovakia)

NSM                     Nasjonal SikkerhetsMyndighet (Norway)

NSS                      National Security Strategy (Jordan)

NSSIS                   National Security Science and Innovation Strategy (Australia)

NTECH                Network Technologies (ETSI)

NTRA                  National Telecommunication Regulatory Authority (Egypt)

NV (Storage)      Non-Volatile (shielded location) (TCG)

NVD                     National Vulnerability Database (USA)

nvo3                     network virtualization overlays working group (IETF)

NZ-CERT            New Zealand Computer Emergency Response Team (New Zealand)

NZSIS                  New Zealand Security Intelligence Service (New Zealand)

OAG                     Office of the Attorney General (Switzerland)

OASIS                  Organization for the Advancement of Structured Information Standards

oauth                    web authorization protocol working group (IETF)

OCAD                  Coördinatieorgaan voor dreigingsanalyse (Belgium)

OCAM                 Organe de Coordination pour l'Analyse de la Menace (Belgium)

OCC                     Cybernetics Coordination Office (Spain)

OCP                      Operator Cyber security Plan

OCSIA                 Office of Cyber Security & Information Assurance (UK)

OFCOM               Federal Office of COMmunications (Switzerland)

OGCIO                 Office of the Government Chief Information Office (UK)

OIV                      Opérateur d'Importance Vitale (France)

OMB                    Office of Management and Budget (USA)

OMG                    Object Management Group

OpenC2               Open Command and Control (OASIS)

opsec                   operational security capabilities for IP network infrastructure working group (IETF)

OS                        Operating System

OSCE                   Organization for Security and Co-operation in Europe

ÖSCS                   Österreichische Strategie für Cyber Sicherheit (Austria)

ÖSS                      Österreichischen SicherheitsStrategie (Austria)

OSZE                   Organisation für Sicherheit und Zusammenarbeit in Europa (Germany)

OTAN                  Organisation du Traité de l'Atlantique Nord (Belgium)

OTS                      Ordinance on Telecommunication Services (Switzerland)

OVAL                  Open Vulnerability and Assessment Language

PBC                      pelnomocnika ds. bezpieczenstwa cyberprzestrzeni (Poland)

PC                         Personal Computer

PCA                      Privacy CA (TCG)

PCR                      Platform Configuration Register (TCG)

PCS                      Plenipotentiary for Cyberspace Security (Poland)

PDCA                   Plan-Do-Check-Act (Germany)

PHAROS             Platform for Harmonization, Analysis, Cross-check and Orientation of Reportings (France)

PISA                     Pakistan Information Security Association (Pakistan)

PKCS                   Public-Key Cryptography Standards

PKI                       Public Key Infrastructure

PMRM                 Privacy Management Reference Model (OASIS)

PPP                       Public Private Partnership (Austria)

PRACTICE          Proactive Response Against Cyber-attacks (Japan)

PrivEK                 Private Endorsement Key (TCG)

PSN                      Public Sector Network

PTA                      Police Tasks Act (Switzerland)

PubEK                 Public Endorsement Key (TCG)

RAN                     subcommittee on Radio Access Network (3GPP)

RCMP                  Royal Canadian Mounted Police (Canada)

Restena CSIRT   Research and education CERT (Luxembourg)

RGISSP                Research Group Information Society and Security Policy (Switzerland)

RGS                      Référentiel Général de Sécurité (France)

RID                       Real-time Inter-network Defense

RoT                      Root of Trust (component) (TCG)

RTD                     Directorate on Research and Innovation (EC)

RTM                     Root of Trust for Measurement (TCG)

RTR                      Root of Trust for Reporting (TCG)

RTS                      Root of Trust for Storage (TCG)

SA CISRS            Saudi Arabian Critical Security and Resilience Strategy (Saudi Arabia)

SA2                      Subcommittee on Architecture (3GPP)

SA3                      Subcommittee on Security (3GPP)

SA5                      Subcommittee on Telecom Management (3GPP)

sacm                     security automation and continuous monitoring working group (IETF)

SAGE                   Security Algorithms Group of Experts (ETSI)

SAI                       Securing Artificial Intelligence (ETSI)

SAML                  Security Services (OASIS)

SAMRISK           Samfunnssikkerhet og risiko (Norway)

SANS                   SysAdmin, Audit, Networking, and Security

SAPS                    South African Police Service (South Africa)

SAS                      Security Assurance Specification (3GPP)

SC27                    ISO/IEC JTC1 Committee on Security techniques

SC6                      ISO/IEC JTC1 Committee on Telecommunications and information exchange between systems

SC7                      ISO/IEC JTC1 Committee on Software and systems engineering

SCADA                Supervisory Control And Data Acquisition (Belgium)

SCAP                   Security Content Automation Protocol

SCP                      Smart Card Platform

SIG                       Special Interest Group

SE                         Secure Element

SECAM               Study on Security Assurance Methodology (3GPP)

SeP                       Security Police (Latvia)

SERI                     Senter for rettsinformatikk (Norway)

SES                       Secretariat of State for Security

SESIAD               Secretariat of State for the Information Society and the Digital Agenda (Spain)

SFOE                    Swiss Federal Office of Energy (Switzerland)

SG 2                     Study Group on Operational aspects (ITU-T)

SG11                    Study Group on Protocols and test specifications (ITU-T)

SG13                    Study Group on Future networks (ITU-T)

SG17                    Study Group on Security (ITU-T)

SGDSN                Secrétariat Général de la Défense et de la Sécurité Nationale (France)

SGRS                   Service Général du Renseignement et de la Sécurité (Belgium)

sidr                       secure inter-domain routing working group (IETF)

SIEM                    Security Information and Event Management

SIGINT-CYBER Joint General Intelligence and Security Service Unit (Netherlands)

SIIO                      State Internet Information Office (China)

SIM                      Subscriber Identity Module, including USIM and ISIM (ETSI, 3GPP)

SIS                        State Information Systems (Latvia)

SKKM                  Staatliches Krisen- und KatastrophenschutzManagement (Austria)

SLT                      Samordning av Lokale kriminalitetsforebyggende Tiltak (Norway)

SN                        Standard Norge (Norway)

SNSC                   Sistemul |National de Securitate Cibernetica (Romania)

SOC                      Security Operations Centre

SOME                  Cyber Incident Response Team (Turkey)

SOME                  Siber Olaylara Mildahale Ekipleri (Turkey)

SONIA                 Special Task Force on Information Assurance (Switzerland)

SOSMT                Slovak Standards Institute (Slovakia)

SP                         State Police (Latvia)

SPF                       Service Public Fédéral (Belgium)

SPIK                     Swiss Police IT Congress (Switzerland)

SPOC                   Single Point of Contact

SPTA                    Surveillance of Postal and Telecommunications traffic Act (Switzerland)

SRDA                   State Regional Development Agency (Latvia)

SRK                      Storage Root Key (TCG)

SSA                      State Security Agency (South Africa)

SSP                       Smart Secure Platform

stir                        secure telephone identity revisited working group (IETF)

STIX                     Structured Threat Information eXpression

TAC                     Threat Analysis Centre (Singapore)

TAXII                   Trusted Automated eXchange of Indicator Information

TBB                      Trusted Building Block (TCG)

TC                        Technical Committee

TCG                     Trusted Computing Group

TCP                      Transmission Control Protocol

tcpinc                   TCP increased security working group (IETF)

TEE                      Trusted Execution Environment

TISN                     Trusted Information Sharing Network for critical infrastructure protection (Australia)

TLP                      Traffic Light Protocol

TLS                      Transport Layer Security

tls                         transport layer security working group (IETF)

TMI                      Trusted Multi-tenant Infrastructure (TCG)

TNC                     Trusted Network Connect (TCG)

TPM                     Trusted Platform Module (TCG)

TPS                       Trusted Platform Support services (TCG)

trans                     public notary transparency (IETF)

Trust Elevation   electronic identity credential trust elevation methods (OASIS)

TSS                       TPM Software Stack -or- TCG Software Stack (TCG)

TSUBAME          International network traffic monitoring project (Japan)

TT CSIRT            Trinidad and Tobago CSIRT (Trinidad & Tobago)

TTA                      Telecommunications Technology Association (Korea)

TTC                      Telecommunication Technology Committee (Korea)

TTCSA                 Trinidad and Tobago Cyber Security Agency (Trinidad & Tobago)

TUVE                   turvallisuusverkkohanke (Finland)

UKE                     Office of Electronic Communications (Poland)

UKE                     Urzedem Komunikacji Elektronicznej (Poland)

UNSW                 University of New South Wales

UP KRITIS          Umsetzungsplan KRITIS (Germany)

URI                       Uniform Resource Identifier

USOM                  National Centre for Cyber Incident Response (Turkey)

USOM                  Ulusal Siber Olaylara Mildahale Merkezi (Turkey)

uta                        using TLS in applications (IETF)

UTM                    Unified Threat Management (Italy)

UVTA                  Ulko- ja turvallisuuspoliittinen ministerivaliokunta (Finland)

VAHTI                 Valtionhallinnon tietoturvallisuuden johtoryhmä (Finland)

VDRX                  Vulnerability Reporting and Data eXchange SIG (FIRST)

VDSG                  Ordinance to the Federal Act on Data Protection (Switzerland)

VSSE                    Veiligheid van de Staat, Sûreté de l'Etat (Belgium)

W3C                     World Wide Web Consortium

websec                 web security working group (IETF)

wpkops                web PKI OPS working group (IETF)

WS-SX                 Web Services Secure eXchange (OASIS)

XCCDF                eXtensible Configuration Checklist Description Format

XDI                      XRI Data Interchange (OASIS)

XML                    eXtensible Markup Language

XSPA                   Cross-Enterprise Security and Privacy Authorization (OASIS)

YTS                      Yhteiskunnan turvallisuusstrategiassa (Finland)

ZNIIS                   Центральный научно-исследовательский институт связи (Russia)

Global cyber security ecosystem

[null 4.1       Organization of the ecosystem forums and activities]

This clause organizes the global cyber security ecosystem as six groups of forums and activities that are fundamental collaborative mechanisms for cyber security and its evolution:

1)       forums that develop techniques, technical standards and operational practices;

2)       major IT developer forums affecting cyber security;

3)       activities for continuous information exchange;

4)       centres of excellence;

5)       reference libraries, continuing conferences; and

6)       heritage sites and historical collections.

In some cases, the same parent organization hosts multiple forums and activities that are attributed to different groups. In other cases, the organization hosts numerous forums where several of them have fully or substantially dedicated cyber security functions - which are indented under the parent. Because of the very large numbers of forums, and in the interests of providing a useful understanding of the ecosystem, only very short descriptions are provided, and the reader is encouraged to use the URI links to fully appreciate the work being done.

This compilation attempts to be an inclusive as possible to expand the collective insight into the extent of the ecosystem. Toward this objective, it includes collaborative mechanisms that are frequently overlooked but enormously significant in the cyber security arena such as developer forums for the major IT platforms, centres of excellence that are rapidly growing in numbers worldwide, and continuing conferences - even hacker major global hacker events that regularly reveal cyber security vulnerabilities that were previously unknown.

This material is augmented by annex A which contains national cyber security ecosystems that have been published in national strategy or other publicly available material. Annex B contains depictions of relationships among these ecosystems.

[null 4.2       Fora that develop techniques, technical standards and operational practices]

The forums listed below are well known venues engaging in significant global collaboration to produce techniques, technical standards and operational practices for cyber security. Where the venues operate substantially at a national level, they are placed in annex A.

3GPP - 3rd Generation Partnership Project. 3GPP unites six telecommunications standard development organizations (ARIB, ATIS, CCSA, ETSI, TTA, TTC), and provides their members with a stable environment to produce the Reports and Specifications that define the world's principal mobile communication technologies. The scope includes cellular telecommunications network technologies, including radio access, the core transport network, and service capabilities - including work on codecs, security and quality of service. The specifications also provide hooks for non-radio access to the core network, and for interworking with Wi-Fi networks. http://www.3gpp.org/.

·         SA1 - Services. Service and feature requirements applicable to mobile and fixed communications technology for 2G, 3G and future communication technologies, evolved industry-wide IP Multimedia Subsystem (IMS), and converged fixed-mobile communication technologies. http://www.3gpp.org/specifications-groups/sa-plenary/sa1-services.

·         SA2 - Architecture. Identifies the main functions and entities of the network, how these entities are linked to each other and the information they exchange. http://www.3gpp.org/Specifications-groups/sa-plenary/53-sa2-architecture.

·         SA3 - Security. Determine the security and privacy requirements for mobile systems, and specifies the security architectures and protocols, including the availability of any cryptographic algorithms. SA3 notably includes two significant security assurance activities: SECAM (Study on Security Assurance Methodology) and NESAG (Network Equipment Security Assurance Group). SA3LI also operates as part of SA3 to meet lawful interception security obligations. http://www.3gpp.org/Specifications-groups/sa-plenary/54-sa3-security.

·         SA5 - Telecom Management. Specifies the requirements, architecture and solutions for provisioning and management of the network (RAN, CN, IMS) and its services. Also the principal venue for coordinating NFV‑SDN and 5G activities. http://www.3gpp.org/specifications-groups/sa-plenary/sa5-telecom-management/home.

·         SA6 - Mission-critical Applications. Responsible for the definition, evolution and maintenance of technical specification(s) for application layer functional elements and interfaces supporting critical communications. http://www.3gpp.org/specifications-groups/sa-plenary/sa6-mission-critical-applications.

5GACIA - 5G Alliance for Connected Industries and Automation. The 5G Alliance for Connected Industries and Automation (5G-ACIA) has been established to serve as the central and global forum for addressing, discussing, and evaluating relevant technical, regulatory, and business aspects with respect to 5G for the industrial domain. It reflects the entire ecosystem, encompassing all relevant stakeholder groups. https://www.5g-acia.org/.

ACDC - Advanced Cyber Defence Centre. Provides a complete set of solutions accessible online to mitigate on-going attacks and targeted both to end-users and to network operators. It also consolidates the data provided by various stakeholders into a pool of knowledge, accessible through the ACDC central clearing house. https://www.acdc-project.eu/.

AIOTI - The European Alliance of IoT Innovation. An inclusive body of IoT industrial players - large companies, successful SMEs and dynamic start-ups - as well as well-known European research centres, universities, associations and public bodies. Its thirteen working groups cover a broad array of IoT sectors including security. https://aioti.eu/.

APCERT - Asia Pacific Computer Security Response Team. Based in Japan, a trusted contact network of computer security experts in the Asia Pacific region to improve the region's awareness and competency in relation to computer security incidents. http://www.apcert.org/about/structure/secretariat.html.

BEREC - Body of European Regulators for Electronic Communications. BEREC facilitates independent, regulation of European electronic communications markets. http://berec.europa.eu/eng/about_berec/what_is_berec/.

CA/B - Certificate of Authority/Browser Forum. The Forum advances industry best practices to improve the ways that digital certificates are used to the benefit of network users and the security of their communications. The Forum produces the specification for Extended Validation Certificates, oversees their implementation, coordinates their recognition through ubiquitous network trust mechanisms. https://cabforum.org/about-us/.

CableLabs®. CableLabs is the principle standards body globally for the providers and vendors in the cable industry. Its standards are republished by ETSI and ITU-T. http://www.cablelabs.com/.

CCRA - Common Criteria Recognition Agreement. The CCRA is an organization among 26 countries to raise the general security of certified information and communications technology products through compliance with sets of security functional and security assurance requirements. https://www.commoncriteriaportal.org/ccra/.

CEN - Comité Européen de Normalisation. Provides a platform for the development of European Standards and other technical documents in relation to various kinds of products, materials, services and processes. Notably it is a member of the CSCG (Cybersecurity Coordination Group) to the EC. https://www.cen.eu/.

CENELEC - European Committee for Electrotechnical Standardization. CENELEC is responsible for standardization in the electrotechnical engineering field. Its cyber security activity relates to coordination on smart grid information security. Notably it is a member of the CSCG (Cybersecurity Coordination Group) to the EC. CEN/CLC/JTC13 on Cybersecurity and Data Protection develops standards for cybersecurity and data protection covering all aspects of the evolving information society. http://www.cenelec.eu/.

CEPOL - European Police College. An EU agency dedicated to providing training and learning opportunities to senior police officers on issues vital to the security of the European Union and its citizens. Activities are designed to facilitate the sharing of knowledge and best practice and to contribute to the development of a common European law enforcement culture. https://www.cepol.europa.eu/education-training/what-we-teach/residential-courses/20141026/132014-cybercrime-vs-cybersecurity.

CIS - Center for Internet Security. The Center is focused on enhancing the cybersecurity readiness and response of public and private sector entities and encompasses two major activities. http://www.cisecurity.org/. Standards to maintain and promote use of the set of Critical Security Controls as recommended actions for cyber defence that provide specific and actionable ways to thwart the most pervasive attacks and the Open Vulnerability and Assessment Language (OVAL) specifications. It also maintains the MS-ISAC - the U.S. DHS mechanism for exchanging cyber threat information among state and local governments, and the EI-ISAC - the U.S. DHS mechanism for securing elections infrastructure.

CSA - Cloud Security Alliance. CSA develops best practices for providing security assurance within Cloud Computing, and provides education on the uses of Cloud Computing to help secure all other forms of computing. https://cloudsecurityalliance.org/.

EC - European Commission. The European Commission is the EU's executive body. Multiple directorates have significant cyber security roles: CONNECT (Communications Networks, Content and Technology; DIGIT (Informatics); GROW (Internal Market, Industry, Entrepreneurship and SMEs) Enterprise and Industry); HR (Human Resources and Security), JRC (Joint Research Centre), JUST (Justice and Consumers); HOME (Migration and Home Affairs); RTD (Research and Innovation). http://ec.europa.eu/about/index_en.htm.

·         CSCG - Cybersecurity Coordination Group. The CSCG - comprised by CEN, CENELEC, and ETSI - acts as a single point of contact for pan‐European interchange on Cyber Security standardization and provides a set of recommendations and advice to the European Commission and EU Member States in the area of Cyber Security standardization. Additionally, the Coordination Group liaises actively with the European Union Agency for Network and Information Security (ENISA) and the Multi‐Stakeholders Platform on ICT standardization.

·         ENISA - European Network and Information Security Agency. ENISA helps the European Commission, the Member States and the business community to address, respond and especially to prevent Network and Information Security problems. Notably it operates the EU-CERT and provides support for the ECRG, NIS activities, including harmonization of national cyber security strategies. https://www.enisa.europa.eu/.

·         EOS - European Organization for Security. EOS' main objective is the development of a harmonised European security market in line with political, societal and economic needs through the efficient use of budgets. EOS works towards achieving a better level of technology independence for European strategic autonomy and supports the development and use of European reference solutions as well as the growth of a genuine European industry. http://www.eos-eu.com/.

·         ECSO - European Cybersecurity Organization. ECSO represents an industry-led contractual counterpart to the European Commission for the implementation of the Cyber Security contractual Public-Private Partnership (cPPP). The main objective of ECSO is to support all types of initiatives or projects that aim to develop, promote, encourage European cybersecurity. http://www.ecs-org.eu/.

·         ECRG - Electronic Communications Reference Group. ECRG includes European providers of public electronic communications networks and services (mobile and fixed telecom operators, VoIP providers, ISPs, IXP providers, etc.) and it addresses security topics across the Electronic Communications area - including security measures, incident reporting, data protection, botnet mitigation, interconnection security and other topics. https://resilience.enisa.europa.eu/ecrg.

·         H2020 - Horizon 2020. H2020 is the financial instrument implementing the Innovation Union, a Europe 2020 flagship initiative aimed at securing Europe's global competitiveness. http://ec.europa.eu/programmes/horizon2020/. It includes a cybersecurity component.

·         Cybersecurity cPPP - Cybersecurity contractual Public Private Partnership. Signed as part of the EU cybersecurity strategy by the European Commission and the European Cyber Security Organisation (ECSO). The aim of the partnership is to foster cooperation between public and private actors at early stages of the research and innovation process in order to allow people in Europe to access innovative and trustworthy European solutions (ICT products, services and software).

·         NIS - Network and Information Security. The NIS Platform is part of the European Strategy for Cybersecurity. It serves the 2 priorities of achieving cyber-resilience in the EU and developing industrial and technological resources for cybersecurity https://resilience.enisa.europa.eu/nis-platform.

ETSI - European Telecommunications Standards Institute. ETSI produces globally-applicable standards for Information and Communications Technologies (ICT), including fixed, mobile, radio, converged, broadcast and internet technologies. Notably, it hosts the Technical Committee for Cybersecurity and is a member of the CSCG (Cybersecurity Coordination Group) to the EC. https://www.etsi.org/.

·         CYBER - Cybersecurity Technical Committee. CYBER is tasked to develop and maintain the Standards, specifications and other deliverables to support the development and implementation of Cyber Security standardization within ETSI, to collect and specify Cyber Security requirements from relevant stakeholders, to identify gaps where existing standards do not fulfil the requirements and provide specifications and standards to fill these gaps, without duplication of work in other ETSI committees and partnership projects, and to ensure that appropriate Standards are developed within ETSI in order to meet these requirements. https://portal.etsi.org/tb.aspx?tbid=824&SubTB=824. It also hosts the subgroup CYBER QSC which makes assessments and recommendations on the various proposals from industry and academia regarding real-world deployments of quantum-safe cryptography.

·         ESI - Electronic Signatures and Infrastructures. ESI develops generic standards, guides and reports relating to electronic signatures and related trust infrastructures to protect electronic transactions and ensure trust and confidence. https://portal.etsi.org/tb.aspx?tbid=607&SubTB=607.

·         LI - Lawful Interception technical committee. Responsible for developing standards that support the requirements of national and international law for lawful interception and retained data of electronic communications. https://portal.etsi.org/tb.aspx?tbid=608&SubTB=608.

·         MTS-SIG - Methods for Testing and Specification Security Special Interest Group. Responsible generally for the identification and definition of advanced specification and testing methods, and with respect to security, advanced model-based security testing methods, risk-based security testing methods, and security assurance life cycle. https://portal.etsi.org/tb.aspx?tbid=97&SubTB=97.

·         NFV - Network Functions Virtualisation. NFV is a very large and active Industry Specification Group focused on a broad array of specifications for Network Functions Virtualization, including cyber security techniques and mechanisms through its NFVsec subgroup. https://portal.etsi.org/tb.aspx?tbid=789&SubTB=789,832,831,795,796,801,800,798,799,797,802,828.

·         NTECH - Network Technologies. Provide detailed architecture and protocol (profile) specifications for use in networks addressing the control, data and management planes in both the service and transport layers of future networks, including security. https://portal.etsi.org/tb.aspx?tbid=785&SubTB=785,808.

·         SAGE - Security Algorithms Group of Experts. SAGE is responsible for creating reports (containing confidential specifications), draft ETSI deliverables in the area of cryptographic algorithms and protocols specific to fraud prevention/unauthorized access to public/private telecommunications networks and user data privacy. https://portal.etsi.org/tb.aspx?tbid=160&SubTB=160.

·         SAI - Securing Artificial Intelligence. SAI develops technical specifications that mitigate against threats arising from the deployment of AI, and threats to AI systems, from both other AIs, and from conventional sources. https://portal.etsi.org/tb.aspx?tbid=877&SubTB=877#/.

·         SCP - Smart Card Platform. SCP is responsible for the development and maintenance of specifications for secure elements (SEs) in a multi-application capable environment, the integration into such an environment, as well as the secure provisioning of services making use of SEs. TC SCP developed the UICC, the smart card platform used for the SIM, and is currently developing the next generation Smart Secure Platform, the SSP. https://portal.etsi.org/tb.aspx?tbid=534&SubTB=534,639,640,714#/.

CERT-EU - Community Emergency Response Team - Europe. A permanent CERT for EU institutions, agencies and bodies made up of IT security experts from the main EU Institutions. It cooperates closely with other CERTs in the Member States and beyond as well as with specialized IT security companies. http://cert.europa.eu/cert/filteredition/en/CERT-LatestNews.html.

Europol - European Police Office. Located at The Hague, Europol is the EU's law enforcement agency whose main goal is to help achieve a safer Europe for the benefit of all EU citizens through assistance to the Member States in their fight against serious international crime and terrorism, including cyber security investigations. J-CAT (Cybercrime Action Task Force) has been active in dealing with mobile malware. https://www.europol.europa.eu/.

FIDO Alliance. The Fast IDentity Online organization develops technical specifications that define an open, scalable, interoperable set of mechanisms that reduce the reliance on passwords to authenticate users and promotes their use. https://fidoalliance.org/.

FIRST - Forum of Incident Response and Security Teams. FIRST is the international organization of CERTs/CSIRTs who cooperatively handle computer security incidents and promote incident prevention programs. FIRST members develop and share technical information, tools, methodologies, processes and best practices. It also promotes the creation and expansion of Incident Response teams globally though global, regional, and national workshops and conferences. http://www.first.org. Through FIRST's Special Interest Groups (SIGs) and BOFs, it develops significant cyber security techniques and standards that include:

·         Standards:

-          Common Vulnerability Scoring System (CVSS)

-          Information Exchange Policy

-          Traffic Light Protocol (TLP)

-          Passive DNS Exchange

·         Discussion Groups:

-          Internet Infrastructure Vendors

-          Malware Analysis

-          Metrics SIG

-          Industrial Control Systems (ICS)

·         Working Groups:

-          Ethics SIG

-          Red Team SIG

-          Vulnerability Reporting and Data eXchange

-          Vulnerability Coordination

-          Information Sharing SIG

GlobalPlatform®. GlobalPlatform is a cross industry, non-profit association which identifies, develops and publishes specifications that promote the secure and interoperable deployment and management of multiple applications on secure chip technology. Its proven technical specifications, which focus on the Secure Element (SE), Trusted Execution Environment (TEE) and system messaging. https://www.globalplatform.org/default.asp.

GSMA™ - GSM Association. GSMA is the global organization of GSM and related mobile providers and vendors, and today the largest telecommunication industry entity. GSMA's Fraud and Security Working Group is the global mechanism for exchanging information, developing standards and techniques, and collaborating on mobile cyber security in many other forums. It works closely with 3GPP groups, especially SA3 (Security) - providing support for cyber security information assurance initiatives. http://www.gsma.com/.

·         GSMA™ FASG - GSM Association Fraud and Security Working Group. The newly integrated FASG group operates through several groups addressing mobile device security and malware, and NESAG (Network Equipment Security Assurance Group) which supports the 3GPP SA3 security assurance platforms. http://www.gsma.com/aboutus/leadership/committees-and-groups/working-groups/fraud-security-group.

ICANN - Internet Corporation for Assigned Names and Numbers. ICANN is responsible for the coordination of maintenance and methodology of several databases of unique identifiers through its operation of the Internet Assigned Numbers Authority (IANA), oversight of key identifier registration and query capabilities, and maintenance of digital certificates for the Domain Name System. https://www.icann.org/.

IEEE Standards Association. The IEEE SA is a leading consensus building organization that nurtures, develops & advances global technologies. Its work drives the functionality, capabilities and interoperability of a wide range of products and services. http://standards.ieee.org/index.html.

·         Industry Connections Security Group (ICSG). The Group promotes collaboration and information sharing across the IT security industry. Working group's aim is to help develop an accepted way of traffic inspection, on top of encrypted transport standards. The ICSG has five working groups related to security. http://standards.ieee.org/develop/indconn/icsg/index.html.

-          AMSS - Anti-Malware Support Services Working Group

-          ETI - Encrypted Traffic Inspection Working Group

-          MMDEF - Malware Metadata Exchange Format Working Group

-          Malware Working Group

IETF - Internet Engineering Task Force. The IETF is a global standards making activity of the Internet Society that influences the way people design, use, and manage the Internet. Many of these activities are cyber security related. Its Internet Architecture Board (IAB) also oversees development of cyber security capabilities. IETF groups change frequently and its website should be consulted for the latest activities. https://www.ietf.org.

·         MILE - Managed Incident Lightweight Exchange. The MILE working group develops standards to support computer and network security incident management; an incident is an unplanned event that occurs in an information technology (IT) infrastructure. Its platforms such as IODEF and RID have been in widespread use by CERTs for many years and new extensions have been produced. https://datatracker.ietf.org/wg/mile/documents/.

·         SACM - Security Automation and Continuous Monitoring. Standardized protocols to collect, verify, and update system security configurations would allow this process to be automated, which would free security practitioners to focus on high priority tasks and should improve their ability to prioritize risk based on timely information about threats and vulnerabilities. https://datatracker.ietf.org/wg/sacm/charter/.

·         Other IETF Security Area and related groups include:

-          ace - Authentication and Authorization for Constrained Environments

-          acme - Automated Certificate Management Environment

-          cose - CBOR Object Signing and Encryption

-          curdle - CURves, Deprecating and a Little more Encryption

-          dots - DDoS Open Threat Signalling

-          emu - EAP Method Update

-          i2nsf - Interface to Network Security Functions

-          ipsecme - IP Security Maintenance and Extensions

-          kitten - Common Authentication Technology Next Generation

-          lake - Lightweight Authenticated Key Exchange

-          lamps - Limited Additional Mechanisms for PKIX and SMIME

-          mls - Messaging Layer Security

-          oauth - Web Authorization Protocol

-          rats - Remote ATtestation ProcedureS

-          secdispatch - Security Dispatch

-          suit - Software Updates for Internet of Things

-          teep - Trusted Execution Environment Provisioning

-          tls - Transport Layer Security

-          tokbind - Token Binding

-          trans - Public Notary Transparency

IRTF - Internet Research Task Force. The IRTF focuses on longer term Internet research issues. Its Crypto Forum Research Group (CFRG) is a general forum for discussing and reviewing uses of cryptographic mechanisms, both for network security. https://irtf.org/.

ISF - Information Security Forum. ISF is comprised of major companies dedicated to investigating, clarifying and resolving key issues in information security and risk management, by developing best practice methodologies, processes and solutions that meet the business needs of their Members. https://www.securityforum.org/membership/.

ISO - International Organization for Standardization. The ISO is a Swiss based private international standards development and publishing body composed of representatives from various national standards organizations with multiple committees - several of which have significant cyber security related activity. http://www.iso.org.

·         JTC1/SC27 - Information security, cybersecurity and privacy protection. SC27 publishes security technique standards. http://www.iso.org/iso/iso_technical_committee?commid=45306. SC27 has five working groups dealing with:

-          Information security management systems

-          Cryptography and security mechanisms

-          Security evaluation, testing and specification

-          Security controls and services

-          Identity management and privacy technologies

·         JTC1/SC7 - Software and systems engineering. SC 7 publishes software development, testing, and tagging standards. http://www.iso.org/iso/iso_technical_committee%3Fcommid%3D45086.

·         JTC1/SC6 - Telecommunications and information exchange between systems. SC 6 publishes together with the ITU-T Study Group 17, the legacy X.509 PKI standard that is implemented using IETF, ETSI, and CA/B Forum profiles. http://www.iso.org/iso/iso_technical_committee.html?commid=45072.

ITU - International Telecommunication Union. The ITU is a Swiss based intergovernmental body with three sectors dealing with the development and publication of Recommendations for radio systems (ITU-R), telecommunications (ITU-T), and development assistance (ITU-D). https://www.itu.int.

·         ITU-R - Telecommunication Radiocommunication Sector. The ITU-R consists of an Assembly that meets every four years to approve its structure and general work areas, six Study Groups that meet annually, and a Secretariat that publishes the materials and maintains several radiocommunication databases. The ITU-R cyber security activity is confined to legacy materials, and contemporary radio cyber security work occurs predominantly in ETSI, 3GPP, and GSMA. https://www.itu.int/en/ITU-R/Pages/default.aspx.

·         ITU-T - Telecommunication Standardization Sector. The ITU-T consists of an Assembly that meets every four years to approve its structure and general work areas, eleven Study Groups that meet annually, and a Secretariat that publishes the materials and maintains several legacy telecommunications databases. The ITU‑T cyber security activity is focussed in Group Q4 of SG17 which produces a series of Recommendations for Cybersecurity Information Exchange (CYBEX). http://www.itu.int/en/ITU-T/studygroups/2017-2020/Pages/default.aspx/.

·         The cyber security relevant Study Groups include:

-          SG 2 - Operational aspects

-          SG 9 - Broadband cable and TV

-          SG11 - Protocols and test specifications

-          SG13 - Future networks (& cloud)

-          SG15 - Transport, Access and Home

-          SG16 - Multimedia

-          SG17 - Security

-          SG20 - IoT and applications, smart cities

·         ITU-D - Development Sector. Provides technical assistance and in the creation, development and improvement of telecommunications in developing countries. http://www.itu.int/en/ITU-D/Pages/default.aspx. ITU-D has cyber security activity in group Q3 of Study Group 2. ITU-T also maintains Cybersecurity Country Profiles at https://www.itu.int/en/ITU-D/Cybersecurity/Documents/Forms/AllItems.aspx.

MITRE - MITRE is a globally active non-profit research and development centre that is responsible for multiple significant global cyber security techniques, standards making and related secretariat activities. The activity occurs through multiple individual on-line activities, frequent workshops, and significant involvement in other global forums listed below. http://www.mitre.org/capabilities/cybersecurity/overview/cybersecurity-resources/standards.

·         ATT&CK™ - Adversarial Tactics Techniques and Common Knowledge: a globally-accessible knowledge base of adversary tactics and techniques based on real-world observations. It is a structured list of known attacker behaviors that have been compiled into tactics and techniques and expressed in a handful of matrices as well as via STIX/TAXII. The list is a fairly comprehensive representation of behaviors attackers employ when compromising networks, it is useful for a variety of offensive and defensive measurements, representations, and other mechanisms. https://attack.mitre.org/.

·         Cybersecurity Languages/Formats & Protocols: Malware Attribute Enumeration and Characterization (MAEC™), Common Vulnerabilities and Exposures (CVE®), Common Weakness Scoring System (CWSS™), Common Weakness Risk Analysis Framework (CWRAF™).

·         Cybersecurity Registries: Common Attack Pattern Enumeration and Classification (CAPEC™), Common Weakness Enumeration (CWE™).

NATO - North Atlantic Treaty Organization. Against the background of increasing dependence on technology and on the Internet, the Alliance is advancing its efforts to confront the wide range of cyber threats targeting NATO's networks on a daily basis. NATO has moved forward with five cyber security actions: developing NATO Policy on Cyber Defence, assisting individual Allies, increasing NATO cyber defence capacity, cooperating with partners, and cooperating with industry. The Allies have also committed to enhancing information sharing and mutual assistance in preventing, mitigating and recovering from cyber attacks. http://www.nato.int/cps/en/natohq/topics_78170.htm.

·         LIBGUIDE - NATO reference library on cybersecurity. LIBGUIDE provides a few starting points to assist with research on issues related to cyberspace security. Notably, it includes a National Cyber Security Framework Manual. http://www.natolibguides.info/cybersecurity.

·         CCDCOE - NATO Cooperation Cyber Defence Center of Excellence. CCDCOE is a comprehensive and easy to navigate collection of legal and policy documents adopted by international organizations active in cyber security. https://ccdcoe.org/library/strategy-and-governance/.

OASIS - Organization for the Advancement of Structured Information Standards. OASIS is a major global industry body for developing and publishing worldwide standards for security, Internet of Things, cloud computing, energy, content technologies, emergency management, and other areas requiring structured information exchange. Although it began focussed on XML language schema, it has subsequently expanded to JSON.

·         The four most significant cyber security specifications activities consist of:

-          Technical Committee for Cyber Threat Intelligence (CTI). https://www.oasis-open.org/committees/tc_home.php?wg_abbrev=cti. It hosts development and publication of the specifications for Trusted Automated eXchange of Indicator Information (TAXII), Structured Threat Information eXpression (STIX), and Cyber Observable Expression (CybOX).

-          Common Security Advisory Framework (CSAF). https://www.oasis-open.org/committees/tc_home.php?wg_abbrev=csaf. Responsible of the former Common Vulnerability Reporting Framework (CVRF) designed standardize existing practice in structured machine-readable vulnerability-related advisories.

-          Collaborative Automated Course of Action Operations (CACAO). https://www.oasis-open.org/committees/tc_home.php?wg_abbrev=cacao. It is developing a standard to implement the course of action playbook model for cybersecurity operations through a sequence of cyber defense actions that can be executed for each type of playbook.

-          Open Command and Control (OpenC2). https://www.oasis-open.org/committees/tc_home.php?wg_abbrev=openc2. It is developing documents, specifications, lexicons or other artifacts to fulfill the needs of cyber security command and control in a standardized manner. It has published a language description document (RC4), actuator profiles, and open source prototype implementations.

·         OASIS currently hosts other cyber security technical committees listed below. https://www.oasis-open.org/org:

-          Biometric Services (BIOSERV)

-          Cross-Enterprise Security and Privacy Authorization (XSPA)

-          Digital Signature Services eXtended (DSS-X)

-          Electronic Identity Credential Trust Elevation Methods (Trust Elevation)

-          Key Management Interoperability Protocol (KMIP)

-          PKCS 11 TC

-          Privacy Management Reference Model (PMRM)

-          Security Services (SAML)

-          Web Services Secure Exchange (WS-SX)

-          XRI Data Interchange (XDI)

OIC-CERT - Organisation of Islamic Cooperation - Computer Emergency Response Teams. OIC-CERT provides a means for member countries to develop collaborative initiatives and partnerships relating to cyber security. https://www.oic-cert.org/en/.

OMG - Object Management Group®. OMG is a computer industry consortium to develop enterprise integration standards. The Group's principal current cyber security work deals with threat modelling where its System Assurance Task Force Security Fabric Working Group is developing a Unified Modelling Language Threat & Risk Model. http://sysa.omg.org/.

OSCE - Organisation for Security and Co-operation in Europe. (OSZE Organisation für Sicherheit und Zusammenarbeit in Europa). The OSCE maintains an informal working group on cyber security and workshops devoted to Confidence Building Measures (CBMs). http://www.osce.org/.

TCG - Trusted Computing Group®. TCG develops, defines and promotes open, vendor-neutral, global industry standards, supportive of a hardware-based root of trust, for interoperable trusted computing platforms. Its platforms provide for authentication, cloud security, data protection, mobile security, and network access & identity. TCG presently has twelve working groups. http://www.trustedcomputinggroup.org/:

·         Cloud Work Group

·         CYRES - Cyber Resilient Technologies Work Group

·         DICE - Device Identifier Composition Engine Architectures Work Group

·         ESWG - Embedded Systems Work Group

·         Industrial Work Group

·         IWG - Infrastructure Work Group

·         IoTWG - Internet of Things Work Group

·         MPWG - Mobile Platform Work Group

·         Network Equipment Work Group

·         PCCWG - PC Client Work Group

·         SWG - Server Work Group

·         TWG - Storage Work Group

·         TSSWG - TSS Software Stack Work Group

·         TNCWG - Trusted Network Communications Work Group

·         TPM - Trusted Platform Module Work Group

·         VPWG - Virtualized Platform Work Group

W3C® - World Wide Web Consortium. W3C develops protocols and guidelines for WWW services. It maintains four cyber security groups. http://www.w3c.org/:

·         Web Authentication Working Group

·         Web Application Security

·         Web Payments

·         Privacy Interest Group

·         Technical Architecture Group (TAG)

·         Hardware Based Secure Services Group

·         XML Security