ETSI
Welcome to TC CYBER Wiki
The TC CYBER Wiki contains public information related to the Technical Committee work.
Global Cyber Security Ecosystem
The Global Cyber Security Ecosystem page provides a structured overview of cyber security work occurring in multiple other technical forums worldwide. The overview includes global identification of Cyber Security Centres of Excellence, heritage sites, historical collections, and reference libraries. It is intended to be continuously updated to account for the dynamics of the sector.
TC CYBER Roadmap
TC CYBER work is split across 9 key areas: understanding the cybersecurity ecosystem, IoT security and privacy, cybersecurity for critical national infrastructures, protection of personal data and communication, enterprise and individual cybersecurity, cybersecurity tools, support to EU legislation, forensics, and quantum-safe cryptography. You can find out more about each area on the Roadmap page.
Definition of terms, symbols and abbreviations
Terms
For the purposes of the present document, the following terms apply:
centre of excellence: educational or research & development organization recognized as a leader in accomplishing its cyber security mission
cyber environment: users, networks, devices, all software, processes, information in storage or transit, applications, services, and systems that can be connected directly or indirectly to networks [i.1]
cyber security (or cybersecurity): collection of tools, policies, security concepts, security safeguards, guidelines, risk management approaches, actions, training, best practices, assurance and technologies that can be used to protect the cyber environment and organization and user's assets
NOTE: Organization and user's assets include connected computing devices, personnel, infrastructure, applications, services, telecommunications systems, and the totality of transmitted and/or stored information in the cyber environment. Cybersecurity strives to ensure the attainment and maintenance of the security properties of the organization and user's assets against relevant security risks in the cyber environment. The general security objectives comprise the following:
§ Availability.
§ Integrity, which may include authenticity and non-repudiation.
§ Confidentiality [i.1].
cybersecurity: preservation of confidentiality, integrity and availability of information in the Cyberspace [i.2]
cyberspace: complex environment resulting from the interaction of people, software and services on the Internet by means of technology devices and networks connected to it, which does not exist in any physical form [i.2]
heritage site: place (such as a building or complex) that is listed by a recognized accrediting body as a place where significant cyber security innovations occurred
historical collection: place, both real and virtual, dedicated to the structured gathering and availability of cyber security materials of historical significance; frequently denominated as a museum
information exchange mechanism: real or virtual activity established for providing continuing structured exchange of cyber security information content
reference library: collection of available published material useful for consultation for cyber security purposes
NOTE: The present document also includes significant dedicated publications in this category.
techniques, technical standards and operational practices forum: any continuing body established for the purposes of reaching agreement on techniques, technical standards or operational practices for enhancing cyber security
Abbreviations
For the purposes of the present document, the following abbreviations apply:
NOTE: Not all abbreviations are used in the present document. Some are included purposely to provide a unique global reference set of cyber security abbreviations.
3GPP 3rd Generation Partnership Project
A*STAR Agency for Science, Technology and Research (Singapore)
ABW Agencja Bezpieczenstwa Wewnetrznego (Poland)
AC Authentication Code (TCG)
ACDC Advanced Cyber Defence Centre
ACE-CSR Academic Centres of Excellence in Cyber Security Research (UK)
ACI Austrian Critical Infrastructure (Austria)
ACI Österreichische kritische Infrastruktur (Austria)
ACMA Australian Communications and Media Authority (Australia)
ACSS Austrian Cyber Security Strategy (Austria)
ADCC Algemene Directie Crisiscentrum (Belgium)
ADIV Algemene Dienst Inlichting en Veiligheid (Belgium)
AEPD Spanish Data Protection Agency (Spain)
AFNOR Association Française de Normalisation (France)
AFP Australian Federal Police (Australia)
AGCOM Autorità per le Garanzie nelle Comunicazioni (Italy)
AGIMO Australian Government Information Management Office (Australia)
AIK Attestation Identity Key (TCG)
AIOTI Alliance of IoT Innovation
AISI Australian Internet Security Initiative (Australia)
AMSS Anti-Malware Support Services Working Group (IEEE)
ANS Autorité Nationale de Sécurité (Belgium)
ANSAC ASEAN Network Security Action Council
ANSES Ambient Network Secure Eco System (Singapore)
ANSSI Agence Nationale de la Sécurité des Systèmes d'Information (France)
ANSSI Agence Nationale de la Sécurité des Systèmes d'Information (Luxembourg)
APCERT Asia Pacific Computer Emergency Response Team (Japan)
APCIP Austrian Programme for Critical Infrastructure Protection (Austria)
APCIP Österreichisches Programm zum Schutz kritischer Infrastruktur (Austria)
APT Advanced Persistent Threat
ARCSI Association des Réservistes du Chiffre et de la Sécurité de l'Information (France)
ARF Assessment Results Format or Asset Reporting Format
ARIB Association of Radio Industries and Businesses (Japan)
ASD Australian Signals Directorate (Australia)
ASEAN CERT Association of Southeast Asian Nations CERT
ASIO Australian Security Intelligence Organisation (Australia)
A-SIT Secure Information Technology Centre - Austria (Austria)
A-SIT Zentrum für sichere Informationstechnologie - Austria (Austria)
ASS Austrian Security Strategy (Austria)
ATIS Alliance for Telecommunications Industry Solutions
ATT&CK™ Adversarial Tactics Techniques and Common Knowledge (MITRE)
BBK Bundesamt für Bevölkerungsschutz und Katastrophenhilfe (Germany)
BBK Biuro Badan Kryminalistycznych (Poland)
BCM Business Continuity Management (Germany)
BCSS Banque Carrefour de la Sécurité Sociale (Belgium)
Belac Organisme belge d'accréditation (Belgium)
Belac Belgische accredidatie-instelling (Belgium)
Belnet Belgian national research network (Belgium)
BelNIS Belgian Network Information Security (Belgium)
BEREC Euroopan sähköisen viestinnän sääntelyviranomaisten yhteistyöelin (Finland)
BEREC Body of European Regulators for Electronic Communications (Norway)
BfV Bundesamt für Verfassungsschutz (Germany)
BLOB Binary Large OBject (TCG)
BIPT Belgisch Instituut voor Postdiensten en Telecommunicatie (Belgium)
BIS Department for Business, Innovation and Skills (UK)
BMI Bundesministerium des Innern (Germany)
BORE Break Once Run Everywhere (TCG)
BSI Bundesamt für Sicherheit in der Informationstechnik (Germany)
BSI British Standards Institute (UK)
BYOD Bring Your Own Device
C3 Computer Competence Certificate (Egypt)
C3 Cybersecurity Competence Center (Luxembourg)
CA Certification Authority
CA/B Certificate of Authority/Browser Forum
CACAO Collaborative Automated Course of Action Operations (OASIS)
CAE Centers of Academic Excellence (UK)
CAK Communications Authority of Kenya (Kenya)
CAN Computer Network Attack (Italy)
CAPEC Common Attack Pattern Enumeration and Classification
CASES Cyberworld Awareness and Security Enhancement Services (Luxembourg)
CBM Confidence Building Measures
CBPL Commissie voor de Bescherming van de Persoonlijke Leverssfeer (Belgium)
CCC Chaos Computer Club
CCDB Common Criteria Development Board
CCDCOE NATO Cooperation Cyber Defence Center of Excellence
CCE Common Configuration Enumeration
CCIP Centre for Critical for Infrastructure Protection (New Zealand)
CCIRC Canadian Cyber Incident Response Centre (Canada)
CCN National Cryptologic Centre (Spain)
CCN-CERT Spanish Government National Cryptologic Center - CSIRT (Spain)
CCRA Common Criteria Recognition Agreement
CCSA China Communications Standards Association
CCSB Centre pour Cyber Securité Belgique (Belgium)
CCSB Centrum voor Cyber Security Belgie (Belgium)
CD Cyber Defense
CDT Centres for Doctoral Training (UK)
CDU Cyber Defence Unit of the National Armed Forces (Latvia)
CEEE Common Event Expression Exchange
CEN Comité Européen de Normalisation
CENELEC European Committee for Electrotechnical Standardization
CEPOL European police college
CERT Computer Emergency Response Team (Belgium)
CERT Poland (Poland)
CERT.at Computer Emergency Response Team - Austria (Austria)
CERT.GOV.PL Governmental Computer Security Incident Response Team (Poland)
CERT.GOV.PL Rzadowego Zespolu Reagowania na Incydenty Komputerowe (Poland)
CERT.LU Grouping of all Luxembourg CERTs
CERT.LY Information Technology Security Incident Response Institution (Latvia)
CERT-AU CERT Australia (Australia)
CERT-EU CERT Europe
CERT-FR CERT France
CERT-in National Level Computer Emergency Response Team (India)
CERT-LT National Electronic Communications Network and Information Security Incidents Investigation Service (Lithuania)
CERT-PA Computer Emergency Response Team of the Public Administration (Italy)
CERT-PA CERT - Pubblica Amministrazione (Italy)
CERT-SA CERT Saudi Arabia (Saudi Arabia)
CERT-SI Computer Emergency Response Team for Security and Industry (Spain)
CERT-SPC CERT Sistema Pubblico de Connettività (Italy)
CERT-UK CERT United Kingdom
CERT-US CERT United States
CESG Communications-Electronics Security Group (UK) (now NCSC)
CFRG Crypto Forum Research Group
CHOD Chief of Defence (Netherlands)
CI Critical Infrastructure
CIC Critical Infrastructure Council (Saudi Arabia)
CII Critical Information Infrastructures (Austria)
CII Kritische Informationsinfrastrukturen (Austria)
CIIP Critical Information Infrastructure Protection
CII-SA Critical Infocomm Infrastructure Security Assessment (Singapore)
CIO Chief Information Officer
CIP Critical Infrastructure Protection
CIPMA Critical Infrastructure Protection Modelling and Analysis (Australia)
CIRCL The Computer Incident Response Center Luxembourg
CIRT Computer Incident Response Team
CIS Center for Internet Security
CISA Civilian Intelligence Service (Switzerland)
CISA Cybersecurity and Infrastructure Security Agency (US)
CiSP Cyber-security Information Sharing Partnership (UK)
CISR Comitato interministeriale per la sicurezza della Repubblica (Italy)
CloudAuthZ Cloud Authorization (OASIS)
CMK Certified Migration Key (TCG)
CMRS Comité Ministériel du Renseignement et de la Sécurité (Belgium)
CN subcommittee on Core Network (3GPP)
CNAIPIC Centro Nazionale Anticrimine Informatico per la Protezione delle Infrastructure Critiche (Italy)
CNC National Cyber Security Council (Spain)
CNCERT/CC National Computer Network Emergency Response Technical Team/Coordination Center (China)
CND Computer Network Defence (Italy)
CNDP National Commission for Data Protection (Morocco)
CNE Computer Network Exploitation (Italy)
CNI National Intelligence Centre (Spain)
CNIP Critical National Infrastructure Protection Program (Jordan)
CNO Computer Network Operations (Italy)
CNO Computer Network Operations (Switzerland)
CNPIC National Centre for Critical Infrastructure Protection (Spain)
CNSS Committee on National Security Systems (USA)
COMCYBER Commandement de cyberdéfense (France)
CONNECT Directorate on Communications Networks, Content and Technology (EC)
COSC Consiliul Operativ de Securitate Cibernetica (Romania)
CPB Constitution Protection Bureau (Latvia)
CPE Common Platform Enumeration
CNPD Commission Nationale pour la Protection des Données (Luxembourg)
CPNI Centre for the Protection of National Infrastructure (UK)
CPS Cyber Physical System (Italy)
CPVP Commission de la Protection de la Vie Privée (Belgium)
CRP Cyberprzestrzen Rzeczypospolitej Polskiej (Poland)
CRTM Core Root of Trust for Measurement (TCG)
CSA Cloud Security Association
CSAF Common Security Advisory Framework (OASIS)
CSBM Confidence and Security Building Measures (Italy)
CSBN Cyber Security Beeld Nederland (Netherlands)
CSC Council on Cyber Security (now the Centre for Internet Security)
CSCG Cyber Security Coordination Group
CSCP Cyber Security Cooperation Program (Canada)
CSEC Communications Security Establishment Canada (Canada)
CSIAC Cyber Security and Information Systems Information Analysis Center (USA)
CSIRT Computer Security Incident Response Team (South Africa)
CSIRT.SK National centre for computer security incidents.Slovakia (Slovakia)
CSIS Canadian Security Intelligence Service (Canada)
CSN National Security Council (Spain)
CSO Armed Forces Command Support Organisation (Switzerland)
CSOC Cyber Security Operations Centre (Australia)
CSOC National Cyberspace Security Operations Centre (Jordan)
CSOC National Cyber Security Operations Centre (Netherlands)
CSPC Cyber Security Policy and Coordination Committee (Australia)
CSSC Control System Security Centre (Japan)
CSSF Commission de Surveillance du Secteur Financier (Luxembourg)
CTI Cyber Threat Intelligence (OASIS)
CTWIN Critical Infrastructure Warning Information Network (Lithuania)
CVE Common Vulnerabilities and Exposures
CVE-ID CVE Identifier
CVRF Common Vulnerability Reporting Format
CVSS Common Vulnerability Scoring System
CWC Cyber Watch Centre (Singapore)
CWE Common Weakness Enumeration
CWRAF Common Weakness Risk Analysis Framework
CWSS Common Weakness Scoring System
CYBER Cybersecurity Technical Committee (ETSI)
CYBEX Cybersecurity Information Exchange (ITU-T)
CybOX Cyber Observable Expression
CYCO Cybercrime Coordination unit Switzerland (Switzerland)
CYIQL Cybersecurity Information Query Language
DAA Direct Anonymous Attestation (TCG)
DCE Dynamic root of trust for measurement Configuration Environment (TCG)
DCEC Defence Cyber Expertise Centre (Netherlands)
D-CRTM Dynamic Core Root of Trust for Measurement (TCG)
DDoS Distributed Denial of Service
DDPS Federal Department of Defence, civil Protection and Sport (Switzerland)
DeitY Department of electronics & information technology (India)
DETEC Federal Department of Environment, Transport, Energy and Communications (Switzerland)
DF Digital Forensics (Italy)
DGCC Direction Générale Centre de Crise (Belgium)
DGSE Direction Générale de la Sécurité Extérieure (France)
DHS Department of Homeland Security (USA)
DIGIT Directorate on Informatics (EC)
DIN Deutsches Institut für Normung
DISS Defence Intelligence and Security Service (Latvia)
DISS Defence Intelligence and Security Service (Netherlands)
DL Dynamic Launch (TCG)
DLME Dynamically Launched Measured Environment (TCG)
DNS Domain Name System
DoC Department of Communications (South Africa)
DOD Department Of Defence (Australia)
DoD&MV Department of Defence and Military Veterans (South Africa)
DOJ&CD Department Of Justice and Constitutional Development (South Africa)
DoS Denial of Service
dots DDoS open threat signaling (IETF)
DRDC Defence Research and Development Canada (DRDC)
DRSD Direction du Renseignement et de la Sécurité de la Défense (France)
D-RTM Dynamic Root of Trust Measurement (TCG)
DSD [See ASD] (Australia)
DSG Federal Act on Data Protection (Switzerland)
DSI Data State Inspectorate (Latvia)
DSN National Security Department (Spain)
DSS-X Digital Signature Services eXtended (OASIS)
DST Department of Science and Technology (South Africa)
E2NA End-to-End Network Architectures (ETSI)
EAP Extensible Authentication Protocol
EAPC Euro-Atlantic Partnership Council (Switzerland)
EBIOS Expression of Needs and Identification of Security Objectives
EC European Commission
ECI European Critical Infrastructure
EI-ISAC Elections Infrastructure Information Sharing and Analysis Center
ECRG Electronic Communications Reference Group (EC)
EMAD Chiefs of the Defence Staff (Spain)
ENFSI European Network of Forensic Institutes
ENISA European Network and Information Security Agency
EOC Electronic Operations Centre (Switzerland)
EPCIP European Programme for Critical Infrastructure Protection
ESA European Space Agency (Belgium)
ESI Electronic Signatures and Infrastructures (ETSI)
ESPCERTDEF Computer Emergency Response Team in the field of the Ministry of Defence (Spain)
ESRIM European Security Research & Innovation forum
ETI Encrypted Traffic Inspection working group (IEEE)
ETSI European Telecommunication Standards Institute
EU European Union
EU CSS EU CyberSecurity Strategy (EU)
Europol European Police Office
EVCERT Extended Validation Certificate
FASG GSM Association Fraud and Security Working Group
FCC Federal Communications Commission (USA)
FCCU Federal Computer Crime Unit (Belgium)
FCMC Financial and Capital Market Commission (Latvia)
FCP Federal Criminal Police (Switzerland)
FDEA Federal Department of Economic Affairs (Switzerland)
FDF Federal Department of Finance (Switzerland)
FDJP Federal Department of Justice and Police (Switzerland)
FDPIC Federal Data Protection and Information Commissioner (Switzerland)
Fedict FOD voor informatie-en communicatietechnologie (Belgium)
Fedoct SPF Technologie de l'Information et de la Communication (Belgium)
fedpol federal office of police (Switzerland)
FIA Federal Investigation Agency (Pakistan)
FIC Forum International de la Cybersécurité (Europe)
FICORA Finnish COmmunications Regulatory Authority (Finland)
FIDO Fast IDentity Online
FIPS Federal Information Processing Standards (USA)
FIRST Forum of Incident Response and Security Teams
FIS Federal Intelligence Service (Switzerland)
FISMA Federal Information Security Management Act (USA)
FITO Federal IT Ordinance (Switzerland)
FITSU Federal IT Steering Unit (Switzerland)
FOCA Federal Office of Civil Aviation (Switzerland)
FOCP Federal Office for Civil Protection (Switzerland)
FOD Federal OverheiDsdienst (Belgium)
FOITT Federal Office of Information Technology, systems and Telecommunication (Switzerland)
FONES Federal Office for National Economic Supply (Switzerland)
FS-ISAC Financial Services Information Sharing and Analysis Centre
GFCE Global Forum on Cyber Expertise
GCHQ Government Communications HeadQuarters (UK)
GISS General Intelligence and Security Service (Netherlands)
GovCERT CERT gouvernemental du Grand-Duché de Luxembourg
GovCERT Governmental Computer Emergency Response Team (Austria)
GovCERT Staatliches Computer Emergency Response Team (Austria)
GovCERT Government Computer Emergency Response Team (Switzerland)
GovCERT.au Australian Government's Computer Emergency Readiness Team (Australia)
GROW Directorate on Internal Market, Industry, Entrepreneurship and SMEs (EC)
GSA Government Services Administration (USA)
GSMA GSM Association
GSS Government Security Secretariat (UK)
H2020 Horizon 2020
HCPN Haut-Commissariat à la Protection Nationale (Luxembourg)
Healthnet CSIRT Healthsector CERT (Luxembourg)
HOME Directorate on Migration and Home Affairs (EC)
HR Directorate on Human Resources and Security (EC)
i2nsf interface to network security functions (IETF)
IA Information Assurance
IAAGs Infrastructure Assurance Advisory Groups (Australia)
IAB Internet Architecture Board
IAD Information Assurance Directorate (USA)
IANA Internet Assigned Numbers Authority
IBPT Institut Belge des services Postaux et des Télécommunications (Belgium)
ICANN Internet Corporation for Assigned Names and Numbers
ICASA Independent Communications Authority of SA (South Africa)
ICASI Industry Consortium for Advancement of Security on the Internet
ICE Infrastructure Critiche Europe (Italy)
ICE European Critical Infrastructure
INCIBE Spanish National Cybersecurity Institute (Spain)
ICPO International Criminal Police Organization (Japan)
ICSG Industry Connections Security Group (IEEE)
ICT Information and Communication Technology
IDA Infocomm Development Authority of Singapore (Singapore)
IE Internet Explorer
IEEE Institute for Electrical and Electronic Engineers
IETF Internet Engineering Task Force
IGF-Bpf Internet Governance Forum Best Practice Forum on Cybersecurity
ILNAS Institut Luxembourgeois de la Normalisation, de l'Accréditation, de la Sécurité et qualité des produits et services
ILP Initiating Logical Processor (TCG)
ILR Institut Luxembourgeois de Régulation
IMEI International Mobile station Equipment Identity
IMS IP Multimedia Subsystem (3GPP)
INRIA Institut national de recherche en sciences et technologies du numérique (France)
IODEF Incident Object Description Exchange Format
IP Internet Protocol
IPC International Police Cooperation (Switzerland)
ipsecme IP security maintenance and extensions working group (IETF)
IRAP Information security Registered Assessors Program (Australia)
IRTF Internet Research Task Force
ISA Internal Security Agency (Poland)
ISA Federal Act on Measures to Safeguard Internal Security (Switzerland)
ISA Intelligence Service Act (Switzerland)
ISF Information Security Forum
ISFP Information Security and Facility Protection (Switzerland)
ISM Australian government Information and communications technology Security Manual (Australia)
ISMP Infocomm Security Master Plan (Singapore)
ISO International Organization for Standardization
IT Infrastrutture Critiche (Italy)
IT Information Technology
ITIDA Information Technology Industry Development Agency (Egypt)
ITU International Telecommunication Union
ITU-T International Telecommunication Union - Telecommunication Standardization sector
IWWN International Watch and Warning Network (Australia)
IXP Internet eXchange Point
J-CAT Cybercrime Action Task Force (Europol)
JASPER Japan-ASEAN Security PartnERship (Japan)
JCPS Justice, Crime Prevention and Security cluster (South Africa)
JOA Joint Operating Arrangements of DSD, AFP and ASIO (Australia)
JOCERT National Computer Emergency Response Team (Jordan)
JP CERT Japan CERT (Japan)
JRC Directorate on Joint Research Centre (EC)
JSON JavaScript Object Notation
JUST Directorate on Justice and Consumers (EC)
JVN Japan Vulnerability Notes (Japan)
KCC Korea Communications Commission (Korea)
KIS Koordineringsutvalget for forebyggende Informasjonssikkerhet (Norway)
KITS Koordinierungsstelle IT-Sicherheit
kitten common authentication technology next generation working group (IETF)
KMIP Key Management Interoperability Protocol (OASIS)
KMU Kleine und Mittlere Unternehmen (Austria)
KRITIS Kritische Infrastrukturen (Germany)
KSZ Kruispuntbank van de Sociale Zekerheid (Belgium)
LECC Law Enforcement/CSIRT Cooperation (FIRST)
LI Lawful Interception
LIBGUIDE reference library on cybersecurity (NATO)
lisp locator/ID separation protocol (IETF)
LÜKEX Länderübergreifende Krisenmanagement Exercise (Germany)
MACCSA Multinational Alliance for Collaborative Cyber Situational Awareness
MA-CERT Morocco CERT (Morocco)
MCCD Joint Cyber Command (Spain)
MAEC Malware Attribute Enumeration and Characterization
MCI Ministry of Communications and Information (Singapore)
MCIT Ministry of Communications and Information Technology (Egypt)
MCIT Ministry of Communications and Information Technology (Saudi Arabia)
MCIV Ministerieel Comité voor Inlichting en Veiligheid (Belgium)
MD Ministry of Defence (Montenegro)
MELANI Melde- und Analysestelle Informationssicherung (Switzerland)
MHA Ministry of Home Affairs (Singapore)
MI Ministry of the Interior (Montenegro)
MIIT Ministry of Industry and Information Technology (China)
MilCERT Military Computer Emergency Response Team (Austria)
MilCERT Militärisches Computer Emergency Response Team (Austria)
milCERT Military Computer Emergency Response Team (Switzerland)
mile Managed incident lightweight exchange working group (IETF)
MINDEF MINistry of DEFence (Singapore)
MIS Military Intelligence Service (Switzerland)
MISP Malware Information Sharing Platform & Threat Sharing (Luxembourg)
MIST Ministry for Information Society and Telecommunications (Montenegro)
MMDEF Malware Metadata Exchange Format Working Group (IEEE)
MNiSW Ministry of Science and Higher Education (Poland)
MNiSW Ministerstwo Nauki i Szkolnictwa Wyzszego (Poland)
MOD Ministry Of Defence (Latvia)
MoE Ministry of Economics (Latvia)
MoEPRD Ministry of Environmental Protection and Regional Development (Latvia)
MoES Ministry of Education and Science (Latvia)
MOF Ministry Of Finance (Singapore)
MoFA Ministry of Foreign Affairs (Latvia)
MoI Ministry of the Interior (Latvia)
MoJ Ministry of Justice (Latvia)
MOPAS Ministry Of Public Administration and Security (Korea)
MoT Ministry of Transport (Latvia)
Mow Ministry of welfare (Latvia)
MP Member of Parliament
MS-ISAC Multi-State Information Sharing and Analysis Center
MTS Methods for Testing and Specification (ETSI)
NAF National Armed Forces (Latvia)
NASK Research and Academic Computer Network (Poland)
NASK Naukowej i Akademickiej Sieci Komputerowej (Poland)
NATO North Atlantic Treaty Organization
NAVONVO Nord-Atlantische Verdragsorganisatie (Belgium)
NBU Národný Bezpecnostný Úrad (Slovakia)
NCAC National Cybersecurity Advisory Council (South Africa)
NCCC National Cyber Coordination Centre (India)
NCCoE National Cybersecurity Centre of Excellence (USA)
NCDC National Centre for Digital Certification (Saudi Arabia)
NCIA National Computing and Information Agency (Korea)
NCIIPC National Critical Information Infrastructure Protection Centre (India)
NCP National Checklist Program
NCPF National Cybersecurity Policy Framework (South Africa)
NCSC National Cyber Security Centre (Korea)
NCSC National Cyber Security Centre (Lithuania)
NCSC Nationaal Cyber Security Centrum (Netherlands)
NCSC National Cyber Security Centre (New Zealand)
NCSC National Cyber Security Coordinating Centre (South Africa)
NCSC National Cyber Security Centre (U.K.)
NCSP National Cyber Security Programme (UK)
NCSRA Nationale Cyber Security Research Agenda (Netherlands)
NCSS National Cybersecurity Strategie (Netherlands)
NCSS National Cyber Security Strategies
NCIRC NATO Communications and Information Agency
NEC National Encryption Centre (Jordan)
NEOC National Emergency Operations Centre (Switzerland)
NERC North American Electric Reliability Corporation
NES National Economic Supply (Switzerland)
NESAG Network Equipment Security Assurance Group (3GPP)
NetSafe Safer Internet Centre of Latvia Net-Safe Latvia (Latvia)
NFSA National Forensic Science Agency (Pakistan)
NFV Network Functions Virtualisation (ETSI)
NIACSA National Information Assurance and Security Agency (Jordan)
NIACSS National Information Assurance and Cyber Security Strategy (Jordan)
NICI National Information Security Authority (Slovakia)
NICT National institute of Information and Communications Technology (Japan)
NIS Network and Information Security (EU)
NIS National Intelligence Service (Korea)
NISC National Information Security Centre (Japan)
NISC National Infocomm Security Committee (Singapore)
NISE National Information Security Environment (Saudi Arabia)
NISE NISE Instructions (Saudi Arabia)
NISED NISE Directives (Saudi Arabia)
NISEMs NISE Manuals (Saudi Arabia)
NISS National Information Security Strategy (Saudi Arabia)
NIST National Institute of Standards and Technology (USA)
NITC National Information Technology Centre (Jordan)
NorCERT Norway CERT (Norway)
NorSIS Norsk senter for informasjonssikring (Norway)
NPA National Prosecuting Authority (South Africa)
NPSI Nationaler Plan zum Schutz der Informationsinfrastrukturen (Germany)
NRAF National IS Risk Assessment Function (Saudi Arabia)
NRF National Research Foundation (Singapore)
NSA National Security Authority (Czech)
NSA National Security Authority (Hungary)
NSA National Security Agency (Montenegro)
NSA National Security Authority (Slovakia)
NSA National Security Agency (USA)
NSC-CSC National Security Council Cyber Security Committee (Spain)
NSCS National Security Coordination Secretariat (Singapore)
NSIS National Strategy for Information Security in the Slovak Republic (Slovakia)
NSM Nasjonal SikkerhetsMyndighet (Norway)
NSS National Security Strategy (Jordan)
NSSIS National Security Science and Innovation Strategy (Australia)
NTECH Network Technologies (ETSI)
NTRA National Telecommunication Regulatory Authority (Egypt)
NV (Storage) Non-Volatile (shielded location) (TCG)
NVD National Vulnerability Database (USA)
nvo3 network virtualization overlays working group (IETF)
NZ-CERT New Zealand Computer Emergency Response Team (New Zealand)
NZSIS New Zealand Security Intelligence Service (New Zealand)
OAG Office of the Attorney General (Switzerland)
OASIS Organization for the Advancement of Structured Information Standards
oauth web authorization protocol working group (IETF)
OCAD Coördinatieorgaan voor dreigingsanalyse (Belgium)
OCAM Organe de Coordination pour l'Analyse de la Menace (Belgium)
OCC Cybernetics Coordination Office (Spain)
OCP Operator Cyber security Plan
OCSIA Office of Cyber Security & Information Assurance (UK)
OFCOM Federal Office of COMmunications (Switzerland)
OGCIO Office of the Government Chief Information Office (UK)
OIV Opérateur d'Importance Vitale (France)
OMB Office of Management and Budget (USA)
OMG Object Management Group
OpenC2 Open Command and Control (OASIS)
opsec operational security capabilities for IP network infrastructure working group (IETF)
OS Operating System
OSCE Organization for Security and Co-operation in Europe
ÖSCS Österreichische Strategie für Cyber Sicherheit (Austria)
ÖSS Österreichischen SicherheitsStrategie (Austria)
OSZE Organisation für Sicherheit und Zusammenarbeit in Europa (Germany)
OTAN Organisation du Traité de l'Atlantique Nord (Belgium)
OTS Ordinance on Telecommunication Services (Switzerland)
OVAL Open Vulnerability and Assessment Language
PBC pelnomocnika ds. bezpieczenstwa cyberprzestrzeni (Poland)
PC Personal Computer
PCA Privacy CA (TCG)
PCR Platform Configuration Register (TCG)
PCS Plenipotentiary for Cyberspace Security (Poland)
PDCA Plan-Do-Check-Act (Germany)
PHAROS Platform for Harmonization, Analysis, Cross-check and Orientation of Reportings (France)
PISA Pakistan Information Security Association (Pakistan)
PKCS Public-Key Cryptography Standards
PKI Public Key Infrastructure
PMRM Privacy Management Reference Model (OASIS)
PPP Public Private Partnership (Austria)
PRACTICE Proactive Response Against Cyber-attacks (Japan)
PrivEK Private Endorsement Key (TCG)
PSN Public Sector Network
PTA Police Tasks Act (Switzerland)
PubEK Public Endorsement Key (TCG)
RAN subcommittee on Radio Access Network (3GPP)
RCMP Royal Canadian Mounted Police (Canada)
Restena CSIRT Research and education CERT (Luxembourg)
RGISSP Research Group Information Society and Security Policy (Switzerland)
RGS Référentiel Général de Sécurité (France)
RID Real-time Inter-network Defense
RoT Root of Trust (component) (TCG)
RTD Directorate on Research and Innovation (EC)
RTM Root of Trust for Measurement (TCG)
RTR Root of Trust for Reporting (TCG)
RTS Root of Trust for Storage (TCG)
SA CISRS Saudi Arabian Critical Security and Resilience Strategy (Saudi Arabia)
SA2 Subcommittee on Architecture (3GPP)
SA3 Subcommittee on Security (3GPP)
SA5 Subcommittee on Telecom Management (3GPP)
sacm security automation and continuous monitoring working group (IETF)
SAGE Security Algorithms Group of Experts (ETSI)
SAI Securing Artificial Intelligence (ETSI)
SAML Security Services (OASIS)
SAMRISK Samfunnssikkerhet og risiko (Norway)
SANS SysAdmin, Audit, Networking, and Security
SAPS South African Police Service (South Africa)
SAS Security Assurance Specification (3GPP)
SC27 ISO/IEC JTC1 Committee on Security techniques
SC6 ISO/IEC JTC1 Committee on Telecommunications and information exchange between systems
SC7 ISO/IEC JTC1 Committee on Software and systems engineering
SCADA Supervisory Control And Data Acquisition (Belgium)
SCAP Security Content Automation Protocol
SCP Smart Card Platform
SIG Special Interest Group
SE Secure Element
SECAM Study on Security Assurance Methodology (3GPP)
SeP Security Police (Latvia)
SERI Senter for rettsinformatikk (Norway)
SES Secretariat of State for Security
SESIAD Secretariat of State for the Information Society and the Digital Agenda (Spain)
SFOE Swiss Federal Office of Energy (Switzerland)
SG 2 Study Group on Operational aspects (ITU-T)
SG11 Study Group on Protocols and test specifications (ITU-T)
SG13 Study Group on Future networks (ITU-T)
SG17 Study Group on Security (ITU-T)
SGDSN Secrétariat Général de la Défense et de la Sécurité Nationale (France)
SGRS Service Général du Renseignement et de la Sécurité (Belgium)
sidr secure inter-domain routing working group (IETF)
SIEM Security Information and Event Management
SIGINT-CYBER Joint General Intelligence and Security Service Unit (Netherlands)
SIIO State Internet Information Office (China)
SIM Subscriber Identity Module, including USIM and ISIM (ETSI, 3GPP)
SIS State Information Systems (Latvia)
SKKM Staatliches Krisen- und KatastrophenschutzManagement (Austria)
SLT Samordning av Lokale kriminalitetsforebyggende Tiltak (Norway)
SN Standard Norge (Norway)
SNSC Sistemul |National de Securitate Cibernetica (Romania)
SOC Security Operations Centre
SOME Cyber Incident Response Team (Turkey)
SOME Siber Olaylara Mildahale Ekipleri (Turkey)
SONIA Special Task Force on Information Assurance (Switzerland)
SOSMT Slovak Standards Institute (Slovakia)
SP State Police (Latvia)
SPF Service Public Fédéral (Belgium)
SPIK Swiss Police IT Congress (Switzerland)
SPOC Single Point of Contact
SPTA Surveillance of Postal and Telecommunications traffic Act (Switzerland)
SRDA State Regional Development Agency (Latvia)
SRK Storage Root Key (TCG)
SSA State Security Agency (South Africa)
SSP Smart Secure Platform
stir secure telephone identity revisited working group (IETF)
STIX Structured Threat Information eXpression
TAC Threat Analysis Centre (Singapore)
TAXII Trusted Automated eXchange of Indicator Information
TBB Trusted Building Block (TCG)
TC Technical Committee
TCG Trusted Computing Group
TCP Transmission Control Protocol
tcpinc TCP increased security working group (IETF)
TEE Trusted Execution Environment
TISN Trusted Information Sharing Network for critical infrastructure protection (Australia)
TLP Traffic Light Protocol
TLS Transport Layer Security
tls transport layer security working group (IETF)
TMI Trusted Multi-tenant Infrastructure (TCG)
TNC Trusted Network Connect (TCG)
TPM Trusted Platform Module (TCG)
TPS Trusted Platform Support services (TCG)
trans public notary transparency (IETF)
Trust Elevation electronic identity credential trust elevation methods (OASIS)
TSS TPM Software Stack -or- TCG Software Stack (TCG)
TSUBAME International network traffic monitoring project (Japan)
TT CSIRT Trinidad and Tobago CSIRT (Trinidad & Tobago)
TTA Telecommunications Technology Association (Korea)
TTC Telecommunication Technology Committee (Korea)
TTCSA Trinidad and Tobago Cyber Security Agency (Trinidad & Tobago)
TUVE turvallisuusverkkohanke (Finland)
UKE Office of Electronic Communications (Poland)
UKE Urzedem Komunikacji Elektronicznej (Poland)
UNSW University of New South Wales
UP KRITIS Umsetzungsplan KRITIS (Germany)
URI Uniform Resource Identifier
USOM National Centre for Cyber Incident Response (Turkey)
USOM Ulusal Siber Olaylara Mildahale Merkezi (Turkey)
uta using TLS in applications (IETF)
UTM Unified Threat Management (Italy)
UVTA Ulko- ja turvallisuuspoliittinen ministerivaliokunta (Finland)
VAHTI Valtionhallinnon tietoturvallisuuden johtoryhmä (Finland)
VDRX Vulnerability Reporting and Data eXchange SIG (FIRST)
VDSG Ordinance to the Federal Act on Data Protection (Switzerland)
VSSE Veiligheid van de Staat, Sûreté de l'Etat (Belgium)
W3C World Wide Web Consortium
websec web security working group (IETF)
wpkops web PKI OPS working group (IETF)
WS-SX Web Services Secure eXchange (OASIS)
XCCDF eXtensible Configuration Checklist Description Format
XDI XRI Data Interchange (OASIS)
XML eXtensible Markup Language
XSPA Cross-Enterprise Security and Privacy Authorization (OASIS)
YTS Yhteiskunnan turvallisuusstrategiassa (Finland)
ZNIIS Центральный научно-исследовательский институт связи (Russia)
Global cyber security ecosystem
[null 4.1 Organization of the ecosystem forums and activities]
This clause organizes the global cyber security ecosystem as six groups of forums and activities that are fundamental collaborative mechanisms for cyber security and its evolution:
1) forums that develop techniques, technical standards and operational practices;
2) major IT developer forums affecting cyber security;
3) activities for continuous information exchange;
4) centres of excellence;
5) reference libraries, continuing conferences; and
6) heritage sites and historical collections.
In some cases, the same parent organization hosts multiple forums and activities that are attributed to different groups. In other cases, the organization hosts numerous forums where several of them have fully or substantially dedicated cyber security functions - which are indented under the parent. Because of the very large numbers of forums, and in the interests of providing a useful understanding of the ecosystem, only very short descriptions are provided, and the reader is encouraged to use the URI links to fully appreciate the work being done.
This compilation attempts to be an inclusive as possible to expand the collective insight into the extent of the ecosystem. Toward this objective, it includes collaborative mechanisms that are frequently overlooked but enormously significant in the cyber security arena such as developer forums for the major IT platforms, centres of excellence that are rapidly growing in numbers worldwide, and continuing conferences - even hacker major global hacker events that regularly reveal cyber security vulnerabilities that were previously unknown.
This material is augmented by annex A which contains national cyber security ecosystems that have been published in national strategy or other publicly available material. Annex B contains depictions of relationships among these ecosystems.
[null 4.2 Fora that develop techniques, technical standards and operational practices]
The forums listed below are well known venues engaging in significant global collaboration to produce techniques, technical standards and operational practices for cyber security. Where the venues operate substantially at a national level, they are placed in annex A.
3GPP - 3rd Generation Partnership Project. 3GPP unites six telecommunications standard development organizations (ARIB, ATIS, CCSA, ETSI, TTA, TTC), and provides their members with a stable environment to produce the Reports and Specifications that define the world's principal mobile communication technologies. The scope includes cellular telecommunications network technologies, including radio access, the core transport network, and service capabilities - including work on codecs, security and quality of service. The specifications also provide hooks for non-radio access to the core network, and for interworking with Wi-Fi networks. http://www.3gpp.org/.
· SA1 - Services. Service and feature requirements applicable to mobile and fixed communications technology for 2G, 3G and future communication technologies, evolved industry-wide IP Multimedia Subsystem (IMS), and converged fixed-mobile communication technologies. http://www.3gpp.org/specifications-groups/sa-plenary/sa1-services.
· SA2 - Architecture. Identifies the main functions and entities of the network, how these entities are linked to each other and the information they exchange. http://www.3gpp.org/Specifications-groups/sa-plenary/53-sa2-architecture.
· SA3 - Security. Determine the security and privacy requirements for mobile systems, and specifies the security architectures and protocols, including the availability of any cryptographic algorithms. SA3 notably includes two significant security assurance activities: SECAM (Study on Security Assurance Methodology) and NESAG (Network Equipment Security Assurance Group). SA3LI also operates as part of SA3 to meet lawful interception security obligations. http://www.3gpp.org/Specifications-groups/sa-plenary/54-sa3-security.
· SA5 - Telecom Management. Specifies the requirements, architecture and solutions for provisioning and management of the network (RAN, CN, IMS) and its services. Also the principal venue for coordinating NFV‑SDN and 5G activities. http://www.3gpp.org/specifications-groups/sa-plenary/sa5-telecom-management/home.
· SA6 - Mission-critical Applications. Responsible for the definition, evolution and maintenance of technical specification(s) for application layer functional elements and interfaces supporting critical communications. http://www.3gpp.org/specifications-groups/sa-plenary/sa6-mission-critical-applications.
5GACIA - 5G Alliance for Connected Industries and Automation. The 5G Alliance for Connected Industries and Automation (5G-ACIA) has been established to serve as the central and global forum for addressing, discussing, and evaluating relevant technical, regulatory, and business aspects with respect to 5G for the industrial domain. It reflects the entire ecosystem, encompassing all relevant stakeholder groups. https://www.5g-acia.org/.
ACDC - Advanced Cyber Defence Centre. Provides a complete set of solutions accessible online to mitigate on-going attacks and targeted both to end-users and to network operators. It also consolidates the data provided by various stakeholders into a pool of knowledge, accessible through the ACDC central clearing house. https://www.acdc-project.eu/.
AIOTI - The European Alliance of IoT Innovation. An inclusive body of IoT industrial players - large companies, successful SMEs and dynamic start-ups - as well as well-known European research centres, universities, associations and public bodies. Its thirteen working groups cover a broad array of IoT sectors including security. https://aioti.eu/.
APCERT - Asia Pacific Computer Security Response Team. Based in Japan, a trusted contact network of computer security experts in the Asia Pacific region to improve the region's awareness and competency in relation to computer security incidents. http://www.apcert.org/about/structure/secretariat.html.
BEREC - Body of European Regulators for Electronic Communications. BEREC facilitates independent, regulation of European electronic communications markets. http://berec.europa.eu/eng/about_berec/what_is_berec/.
CA/B - Certificate of Authority/Browser Forum. The Forum advances industry best practices to improve the ways that digital certificates are used to the benefit of network users and the security of their communications. The Forum produces the specification for Extended Validation Certificates, oversees their implementation, coordinates their recognition through ubiquitous network trust mechanisms. https://cabforum.org/about-us/.
CableLabs®. CableLabs is the principle standards body globally for the providers and vendors in the cable industry. Its standards are republished by ETSI and ITU-T. http://www.cablelabs.com/.
CCRA - Common Criteria Recognition Agreement. The CCRA is an organization among 26 countries to raise the general security of certified information and communications technology products through compliance with sets of security functional and security assurance requirements. https://www.commoncriteriaportal.org/ccra/.
CEN - Comité Européen de Normalisation. Provides a platform for the development of European Standards and other technical documents in relation to various kinds of products, materials, services and processes. Notably it is a member of the CSCG (Cybersecurity Coordination Group) to the EC. https://www.cen.eu/.
CENELEC - European Committee for Electrotechnical Standardization. CENELEC is responsible for standardization in the electrotechnical engineering field. Its cyber security activity relates to coordination on smart grid information security. Notably it is a member of the CSCG (Cybersecurity Coordination Group) to the EC. CEN/CLC/JTC13 on Cybersecurity and Data Protection develops standards for cybersecurity and data protection covering all aspects of the evolving information society. http://www.cenelec.eu/.
CEPOL - European Police College. An EU agency dedicated to providing training and learning opportunities to senior police officers on issues vital to the security of the European Union and its citizens. Activities are designed to facilitate the sharing of knowledge and best practice and to contribute to the development of a common European law enforcement culture. https://www.cepol.europa.eu/education-training/what-we-teach/residential-courses/20141026/132014-cybercrime-vs-cybersecurity.
CIS - Center for Internet Security. The Center is focused on enhancing the cybersecurity readiness and response of public and private sector entities and encompasses two major activities. http://www.cisecurity.org/. Standards to maintain and promote use of the set of Critical Security Controls as recommended actions for cyber defence that provide specific and actionable ways to thwart the most pervasive attacks and the Open Vulnerability and Assessment Language (OVAL) specifications. It also maintains the MS-ISAC - the U.S. DHS mechanism for exchanging cyber threat information among state and local governments, and the EI-ISAC - the U.S. DHS mechanism for securing elections infrastructure.
CSA - Cloud Security Alliance. CSA develops best practices for providing security assurance within Cloud Computing, and provides education on the uses of Cloud Computing to help secure all other forms of computing. https://cloudsecurityalliance.org/.
EC - European Commission. The European Commission is the EU's executive body. Multiple directorates have significant cyber security roles: CONNECT (Communications Networks, Content and Technology; DIGIT (Informatics); GROW (Internal Market, Industry, Entrepreneurship and SMEs) Enterprise and Industry); HR (Human Resources and Security), JRC (Joint Research Centre), JUST (Justice and Consumers); HOME (Migration and Home Affairs); RTD (Research and Innovation). http://ec.europa.eu/about/index_en.htm.
· CSCG - Cybersecurity Coordination Group. The CSCG - comprised by CEN, CENELEC, and ETSI - acts as a single point of contact for pan‐European interchange on Cyber Security standardization and provides a set of recommendations and advice to the European Commission and EU Member States in the area of Cyber Security standardization. Additionally, the Coordination Group liaises actively with the European Union Agency for Network and Information Security (ENISA) and the Multi‐Stakeholders Platform on ICT standardization.
· ENISA - European Network and Information Security Agency. ENISA helps the European Commission, the Member States and the business community to address, respond and especially to prevent Network and Information Security problems. Notably it operates the EU-CERT and provides support for the ECRG, NIS activities, including harmonization of national cyber security strategies. https://www.enisa.europa.eu/.
· EOS - European Organization for Security. EOS' main objective is the development of a harmonised European security market in line with political, societal and economic needs through the efficient use of budgets. EOS works towards achieving a better level of technology independence for European strategic autonomy and supports the development and use of European reference solutions as well as the growth of a genuine European industry. http://www.eos-eu.com/.
· ECSO - European Cybersecurity Organization. ECSO represents an industry-led contractual counterpart to the European Commission for the implementation of the Cyber Security contractual Public-Private Partnership (cPPP). The main objective of ECSO is to support all types of initiatives or projects that aim to develop, promote, encourage European cybersecurity. http://www.ecs-org.eu/.
· ECRG - Electronic Communications Reference Group. ECRG includes European providers of public electronic communications networks and services (mobile and fixed telecom operators, VoIP providers, ISPs, IXP providers, etc.) and it addresses security topics across the Electronic Communications area - including security measures, incident reporting, data protection, botnet mitigation, interconnection security and other topics. https://resilience.enisa.europa.eu/ecrg.
· H2020 - Horizon 2020. H2020 is the financial instrument implementing the Innovation Union, a Europe 2020 flagship initiative aimed at securing Europe's global competitiveness. http://ec.europa.eu/programmes/horizon2020/. It includes a cybersecurity component.
· Cybersecurity cPPP - Cybersecurity contractual Public Private Partnership. Signed as part of the EU cybersecurity strategy by the European Commission and the European Cyber Security Organisation (ECSO). The aim of the partnership is to foster cooperation between public and private actors at early stages of the research and innovation process in order to allow people in Europe to access innovative and trustworthy European solutions (ICT products, services and software).
· NIS - Network and Information Security. The NIS Platform is part of the European Strategy for Cybersecurity. It serves the 2 priorities of achieving cyber-resilience in the EU and developing industrial and technological resources for cybersecurity https://resilience.enisa.europa.eu/nis-platform.
ETSI - European Telecommunications Standards Institute. ETSI produces globally-applicable standards for Information and Communications Technologies (ICT), including fixed, mobile, radio, converged, broadcast and internet technologies. Notably, it hosts the Technical Committee for Cybersecurity and is a member of the CSCG (Cybersecurity Coordination Group) to the EC. https://www.etsi.org/.
· CYBER - Cybersecurity Technical Committee. CYBER is tasked to develop and maintain the Standards, specifications and other deliverables to support the development and implementation of Cyber Security standardization within ETSI, to collect and specify Cyber Security requirements from relevant stakeholders, to identify gaps where existing standards do not fulfil the requirements and provide specifications and standards to fill these gaps, without duplication of work in other ETSI committees and partnership projects, and to ensure that appropriate Standards are developed within ETSI in order to meet these requirements. https://portal.etsi.org/tb.aspx?tbid=824&SubTB=824. It also hosts the subgroup CYBER QSC which makes assessments and recommendations on the various proposals from industry and academia regarding real-world deployments of quantum-safe cryptography.
· ESI - Electronic Signatures and Infrastructures. ESI develops generic standards, guides and reports relating to electronic signatures and related trust infrastructures to protect electronic transactions and ensure trust and confidence. https://portal.etsi.org/tb.aspx?tbid=607&SubTB=607.
· LI - Lawful Interception technical committee. Responsible for developing standards that support the requirements of national and international law for lawful interception and retained data of electronic communications. https://portal.etsi.org/tb.aspx?tbid=608&SubTB=608.
· MTS-SIG - Methods for Testing and Specification Security Special Interest Group. Responsible generally for the identification and definition of advanced specification and testing methods, and with respect to security, advanced model-based security testing methods, risk-based security testing methods, and security assurance life cycle. https://portal.etsi.org/tb.aspx?tbid=97&SubTB=97.
· NFV - Network Functions Virtualisation. NFV is a very large and active Industry Specification Group focused on a broad array of specifications for Network Functions Virtualization, including cyber security techniques and mechanisms through its NFVsec subgroup. https://portal.etsi.org/tb.aspx?tbid=789&SubTB=789,832,831,795,796,801,800,798,799,797,802,828.
· NTECH - Network Technologies. Provide detailed architecture and protocol (profile) specifications for use in networks addressing the control, data and management planes in both the service and transport layers of future networks, including security. https://portal.etsi.org/tb.aspx?tbid=785&SubTB=785,808.
· SAGE - Security Algorithms Group of Experts. SAGE is responsible for creating reports (containing confidential specifications), draft ETSI deliverables in the area of cryptographic algorithms and protocols specific to fraud prevention/unauthorized access to public/private telecommunications networks and user data privacy. https://portal.etsi.org/tb.aspx?tbid=160&SubTB=160.
· SAI - Securing Artificial Intelligence. SAI develops technical specifications that mitigate against threats arising from the deployment of AI, and threats to AI systems, from both other AIs, and from conventional sources. https://portal.etsi.org/tb.aspx?tbid=877&SubTB=877#/.
· SCP - Smart Card Platform. SCP is responsible for the development and maintenance of specifications for secure elements (SEs) in a multi-application capable environment, the integration into such an environment, as well as the secure provisioning of services making use of SEs. TC SCP developed the UICC, the smart card platform used for the SIM, and is currently developing the next generation Smart Secure Platform, the SSP. https://portal.etsi.org/tb.aspx?tbid=534&SubTB=534,639,640,714#/.
CERT-EU - Community Emergency Response Team - Europe. A permanent CERT for EU institutions, agencies and bodies made up of IT security experts from the main EU Institutions. It cooperates closely with other CERTs in the Member States and beyond as well as with specialized IT security companies. http://cert.europa.eu/cert/filteredition/en/CERT-LatestNews.html.
Europol - European Police Office. Located at The Hague, Europol is the EU's law enforcement agency whose main goal is to help achieve a safer Europe for the benefit of all EU citizens through assistance to the Member States in their fight against serious international crime and terrorism, including cyber security investigations. J-CAT (Cybercrime Action Task Force) has been active in dealing with mobile malware. https://www.europol.europa.eu/.
FIDO Alliance. The Fast IDentity Online organization develops technical specifications that define an open, scalable, interoperable set of mechanisms that reduce the reliance on passwords to authenticate users and promotes their use. https://fidoalliance.org/.
FIRST - Forum of Incident Response and Security Teams. FIRST is the international organization of CERTs/CSIRTs who cooperatively handle computer security incidents and promote incident prevention programs. FIRST members develop and share technical information, tools, methodologies, processes and best practices. It also promotes the creation and expansion of Incident Response teams globally though global, regional, and national workshops and conferences. http://www.first.org. Through FIRST's Special Interest Groups (SIGs) and BOFs, it develops significant cyber security techniques and standards that include:
· Standards:
- Common Vulnerability Scoring System (CVSS)
- Information Exchange Policy
- Traffic Light Protocol (TLP)
- Passive DNS Exchange
· Discussion Groups:
- Internet Infrastructure Vendors
- Malware Analysis
- Metrics SIG
- Industrial Control Systems (ICS)
· Working Groups:
- Ethics SIG
- Red Team SIG
- Vulnerability Reporting and Data eXchange
- Vulnerability Coordination
- Information Sharing SIG
GlobalPlatform®. GlobalPlatform is a cross industry, non-profit association which identifies, develops and publishes specifications that promote the secure and interoperable deployment and management of multiple applications on secure chip technology. Its proven technical specifications, which focus on the Secure Element (SE), Trusted Execution Environment (TEE) and system messaging. https://www.globalplatform.org/default.asp.
GSMA™ - GSM Association. GSMA is the global organization of GSM and related mobile providers and vendors, and today the largest telecommunication industry entity. GSMA's Fraud and Security Working Group is the global mechanism for exchanging information, developing standards and techniques, and collaborating on mobile cyber security in many other forums. It works closely with 3GPP groups, especially SA3 (Security) - providing support for cyber security information assurance initiatives. http://www.gsma.com/.
· GSMA™ FASG - GSM Association Fraud and Security Working Group. The newly integrated FASG group operates through several groups addressing mobile device security and malware, and NESAG (Network Equipment Security Assurance Group) which supports the 3GPP SA3 security assurance platforms. http://www.gsma.com/aboutus/leadership/committees-and-groups/working-groups/fraud-security-group.
ICANN - Internet Corporation for Assigned Names and Numbers. ICANN is responsible for the coordination of maintenance and methodology of several databases of unique identifiers through its operation of the Internet Assigned Numbers Authority (IANA), oversight of key identifier registration and query capabilities, and maintenance of digital certificates for the Domain Name System. https://www.icann.org/.
IEEE Standards Association. The IEEE SA is a leading consensus building organization that nurtures, develops & advances global technologies. Its work drives the functionality, capabilities and interoperability of a wide range of products and services. http://standards.ieee.org/index.html.
· Industry Connections Security Group (ICSG). The Group promotes collaboration and information sharing across the IT security industry. Working group's aim is to help develop an accepted way of traffic inspection, on top of encrypted transport standards. The ICSG has five working groups related to security. http://standards.ieee.org/develop/indconn/icsg/index.html.
- AMSS - Anti-Malware Support Services Working Group
- ETI - Encrypted Traffic Inspection Working Group
- MMDEF - Malware Metadata Exchange Format Working Group
- Malware Working Group
IETF - Internet Engineering Task Force. The IETF is a global standards making activity of the Internet Society that influences the way people design, use, and manage the Internet. Many of these activities are cyber security related. Its Internet Architecture Board (IAB) also oversees development of cyber security capabilities. IETF groups change frequently and its website should be consulted for the latest activities. https://www.ietf.org.
· MILE - Managed Incident Lightweight Exchange. The MILE working group develops standards to support computer and network security incident management; an incident is an unplanned event that occurs in an information technology (IT) infrastructure. Its platforms such as IODEF and RID have been in widespread use by CERTs for many years and new extensions have been produced. https://datatracker.ietf.org/wg/mile/documents/.
· SACM - Security Automation and Continuous Monitoring. Standardized protocols to collect, verify, and update system security configurations would allow this process to be automated, which would free security practitioners to focus on high priority tasks and should improve their ability to prioritize risk based on timely information about threats and vulnerabilities. https://datatracker.ietf.org/wg/sacm/charter/.
· Other IETF Security Area and related groups include:
- ace - Authentication and Authorization for Constrained Environments
- acme - Automated Certificate Management Environment
- cose - CBOR Object Signing and Encryption
- curdle - CURves, Deprecating and a Little more Encryption
- dots - DDoS Open Threat Signalling
- emu - EAP Method Update
- i2nsf - Interface to Network Security Functions
- ipsecme - IP Security Maintenance and Extensions
- kitten - Common Authentication Technology Next Generation
- lake - Lightweight Authenticated Key Exchange
- lamps - Limited Additional Mechanisms for PKIX and SMIME
- mls - Messaging Layer Security
- oauth - Web Authorization Protocol
- rats - Remote ATtestation ProcedureS
- secdispatch - Security Dispatch
- suit - Software Updates for Internet of Things
- teep - Trusted Execution Environment Provisioning
- tls - Transport Layer Security
- tokbind - Token Binding
- trans - Public Notary Transparency
IRTF - Internet Research Task Force. The IRTF focuses on longer term Internet research issues. Its Crypto Forum Research Group (CFRG) is a general forum for discussing and reviewing uses of cryptographic mechanisms, both for network security. https://irtf.org/.
ISF - Information Security Forum. ISF is comprised of major companies dedicated to investigating, clarifying and resolving key issues in information security and risk management, by developing best practice methodologies, processes and solutions that meet the business needs of their Members. https://www.securityforum.org/membership/.
ISO - International Organization for Standardization. The ISO is a Swiss based private international standards development and publishing body composed of representatives from various national standards organizations with multiple committees - several of which have significant cyber security related activity. http://www.iso.org.
· JTC1/SC27 - Information security, cybersecurity and privacy protection. SC27 publishes security technique standards. http://www.iso.org/iso/iso_technical_committee?commid=45306. SC27 has five working groups dealing with:
- Information security management systems
- Cryptography and security mechanisms
- Security evaluation, testing and specification
- Security controls and services
- Identity management and privacy technologies
· JTC1/SC7 - Software and systems engineering. SC 7 publishes software development, testing, and tagging standards. http://www.iso.org/iso/iso_technical_committee%3Fcommid%3D45086.
· JTC1/SC6 - Telecommunications and information exchange between systems. SC 6 publishes together with the ITU-T Study Group 17, the legacy X.509 PKI standard that is implemented using IETF, ETSI, and CA/B Forum profiles. http://www.iso.org/iso/iso_technical_committee.html?commid=45072.
ITU - International Telecommunication Union. The ITU is a Swiss based intergovernmental body with three sectors dealing with the development and publication of Recommendations for radio systems (ITU-R), telecommunications (ITU-T), and development assistance (ITU-D). https://www.itu.int.
· ITU-R - Telecommunication Radiocommunication Sector. The ITU-R consists of an Assembly that meets every four years to approve its structure and general work areas, six Study Groups that meet annually, and a Secretariat that publishes the materials and maintains several radiocommunication databases. The ITU-R cyber security activity is confined to legacy materials, and contemporary radio cyber security work occurs predominantly in ETSI, 3GPP, and GSMA. https://www.itu.int/en/ITU-R/Pages/default.aspx.
· ITU-T - Telecommunication Standardization Sector. The ITU-T consists of an Assembly that meets every four years to approve its structure and general work areas, eleven Study Groups that meet annually, and a Secretariat that publishes the materials and maintains several legacy telecommunications databases. The ITU‑T cyber security activity is focussed in Group Q4 of SG17 which produces a series of Recommendations for Cybersecurity Information Exchange (CYBEX). http://www.itu.int/en/ITU-T/studygroups/2017-2020/Pages/default.aspx/.
· The cyber security relevant Study Groups include:
- SG 2 - Operational aspects
- SG 9 - Broadband cable and TV
- SG11 - Protocols and test specifications
- SG13 - Future networks (& cloud)
- SG15 - Transport, Access and Home
- SG16 - Multimedia
- SG17 - Security
- SG20 - IoT and applications, smart cities
· ITU-D - Development Sector. Provides technical assistance and in the creation, development and improvement of telecommunications in developing countries. http://www.itu.int/en/ITU-D/Pages/default.aspx. ITU-D has cyber security activity in group Q3 of Study Group 2. ITU-T also maintains Cybersecurity Country Profiles at https://www.itu.int/en/ITU-D/Cybersecurity/Documents/Forms/AllItems.aspx.
MITRE - MITRE is a globally active non-profit research and development centre that is responsible for multiple significant global cyber security techniques, standards making and related secretariat activities. The activity occurs through multiple individual on-line activities, frequent workshops, and significant involvement in other global forums listed below. http://www.mitre.org/capabilities/cybersecurity/overview/cybersecurity-resources/standards.
· ATT&CK™ - Adversarial Tactics Techniques and Common Knowledge: a globally-accessible knowledge base of adversary tactics and techniques based on real-world observations. It is a structured list of known attacker behaviors that have been compiled into tactics and techniques and expressed in a handful of matrices as well as via STIX/TAXII. The list is a fairly comprehensive representation of behaviors attackers employ when compromising networks, it is useful for a variety of offensive and defensive measurements, representations, and other mechanisms. https://attack.mitre.org/.
· Cybersecurity Languages/Formats & Protocols: Malware Attribute Enumeration and Characterization (MAEC™), Common Vulnerabilities and Exposures (CVE®), Common Weakness Scoring System (CWSS™), Common Weakness Risk Analysis Framework (CWRAF™).
· Cybersecurity Registries: Common Attack Pattern Enumeration and Classification (CAPEC™), Common Weakness Enumeration (CWE™).
NATO - North Atlantic Treaty Organization. Against the background of increasing dependence on technology and on the Internet, the Alliance is advancing its efforts to confront the wide range of cyber threats targeting NATO's networks on a daily basis. NATO has moved forward with five cyber security actions: developing NATO Policy on Cyber Defence, assisting individual Allies, increasing NATO cyber defence capacity, cooperating with partners, and cooperating with industry. The Allies have also committed to enhancing information sharing and mutual assistance in preventing, mitigating and recovering from cyber attacks. http://www.nato.int/cps/en/natohq/topics_78170.htm.
· LIBGUIDE - NATO reference library on cybersecurity. LIBGUIDE provides a few starting points to assist with research on issues related to cyberspace security. Notably, it includes a National Cyber Security Framework Manual. http://www.natolibguides.info/cybersecurity.
· CCDCOE - NATO Cooperation Cyber Defence Center of Excellence. CCDCOE is a comprehensive and easy to navigate collection of legal and policy documents adopted by international organizations active in cyber security. https://ccdcoe.org/library/strategy-and-governance/.
OASIS - Organization for the Advancement of Structured Information Standards. OASIS is a major global industry body for developing and publishing worldwide standards for security, Internet of Things, cloud computing, energy, content technologies, emergency management, and other areas requiring structured information exchange. Although it began focussed on XML language schema, it has subsequently expanded to JSON.
· The four most significant cyber security specifications activities consist of:
- Technical Committee for Cyber Threat Intelligence (CTI). https://www.oasis-open.org/committees/tc_home.php?wg_abbrev=cti. It hosts development and publication of the specifications for Trusted Automated eXchange of Indicator Information (TAXII), Structured Threat Information eXpression (STIX), and Cyber Observable Expression (CybOX).
- Common Security Advisory Framework (CSAF). https://www.oasis-open.org/committees/tc_home.php?wg_abbrev=csaf. Responsible of the former Common Vulnerability Reporting Framework (CVRF) designed standardize existing practice in structured machine-readable vulnerability-related advisories.
- Collaborative Automated Course of Action Operations (CACAO). https://www.oasis-open.org/committees/tc_home.php?wg_abbrev=cacao. It is developing a standard to implement the course of action playbook model for cybersecurity operations through a sequence of cyber defense actions that can be executed for each type of playbook.
- Open Command and Control (OpenC2). https://www.oasis-open.org/committees/tc_home.php?wg_abbrev=openc2. It is developing documents, specifications, lexicons or other artifacts to fulfill the needs of cyber security command and control in a standardized manner. It has published a language description document (RC4), actuator profiles, and open source prototype implementations.
· OASIS currently hosts other cyber security technical committees listed below. https://www.oasis-open.org/org:
- Biometric Services (BIOSERV)
- Cross-Enterprise Security and Privacy Authorization (XSPA)
- Digital Signature Services eXtended (DSS-X)
- Electronic Identity Credential Trust Elevation Methods (Trust Elevation)
- Key Management Interoperability Protocol (KMIP)
- PKCS 11 TC
- Privacy Management Reference Model (PMRM)
- Security Services (SAML)
- Web Services Secure Exchange (WS-SX)
- XRI Data Interchange (XDI)
OIC-CERT - Organisation of Islamic Cooperation - Computer Emergency Response Teams. OIC-CERT provides a means for member countries to develop collaborative initiatives and partnerships relating to cyber security. https://www.oic-cert.org/en/.
OMG - Object Management Group®. OMG is a computer industry consortium to develop enterprise integration standards. The Group's principal current cyber security work deals with threat modelling where its System Assurance Task Force Security Fabric Working Group is developing a Unified Modelling Language Threat & Risk Model. http://sysa.omg.org/.
OSCE - Organisation for Security and Co-operation in Europe. (OSZE Organisation für Sicherheit und Zusammenarbeit in Europa). The OSCE maintains an informal working group on cyber security and workshops devoted to Confidence Building Measures (CBMs). http://www.osce.org/.
TCG - Trusted Computing Group®. TCG develops, defines and promotes open, vendor-neutral, global industry standards, supportive of a hardware-based root of trust, for interoperable trusted computing platforms. Its platforms provide for authentication, cloud security, data protection, mobile security, and network access & identity. TCG presently has twelve working groups. http://www.trustedcomputinggroup.org/:
· Cloud Work Group
· CYRES - Cyber Resilient Technologies Work Group
· DICE - Device Identifier Composition Engine Architectures Work Group
· ESWG - Embedded Systems Work Group
· Industrial Work Group
· IWG - Infrastructure Work Group
· IoTWG - Internet of Things Work Group
· MPWG - Mobile Platform Work Group
· Network Equipment Work Group
· PCCWG - PC Client Work Group
· SWG - Server Work Group
· TWG - Storage Work Group
· TSSWG - TSS Software Stack Work Group
· TNCWG - Trusted Network Communications Work Group
· TPM - Trusted Platform Module Work Group
· VPWG - Virtualized Platform Work Group
W3C® - World Wide Web Consortium. W3C develops protocols and guidelines for WWW services. It maintains four cyber security groups. http://www.w3c.org/:
· Web Authentication Working Group
· Web Application Security
· Web Payments
· Privacy Interest Group
· Technical Architecture Group (TAG)
· Hardware Based Secure Services Group
· XML Security