The 2020 International Conference on the EU Cybersecurity Act has been developed to help standards community prepare for the evolution of risk-based frameworks meant to address market fragmentation in the EU. The EU Cybersecurity Act, now in the early stages of development, will eventually create a wide-ranging, independent European body of cybersecurity regulation as part of the “single digital market” goal. This landmark regulatory mandate will have a wide-ranging effect on the international standards community—now is the time to begin planning for and participating in ongoing changes.
The Cybersecurity Act will establish a European cybersecurity certification framework for ICT products, services and processes. Current schemes may be incorporated into this new framework, or may need to evolve to the fit the regulatory changes. The Conference will cover the potential effect on current schemes and regulatory mandates like Common Criteria, eIDAS, Payment Services Directive 2, GDPR, ISO 27001, and EU standards for cryptographic modules. The conference will also cover the effect on current private schemes like GSMA, GlobalPlatform, EMVCo, PCI PTS, PCI SPoC, Eurosmart, Felica, Mifare, and OWASP and will discuss the new potential candidate schemes for key industry verticals such as IoT, cloud, communications, payments, automotive, and more.
Industry Alignment: Efforts by the international technical community to align frameworks with government standards while responding to the needs of the market.
Industrial Strategies: An analysis of current voluntary certification standards for industrial automation and energy, and potential transitions to mandatory international certification.
IoT Challenges: A survey of the large, fast-growing certification landscape for connected devices and the cost, performance, and power constraints that necessitate security compromises.
Public Policy: Updates from public schemes and associations on the development of standards in response to evolving security risks across multiple sectors.
Cloud and GDPR Frameworks: A look at cloud scheme initiatives and efforts to leverage existing certifications in the transition to frameworks that align with international regulations such as GDPR.
Outlook/Opportunities: Updates on leading government initiatives for global certification and perspectives on the business benefits of security evaluations.
Standards for Success: Review of standardization efforts under various national frameworks (a key factor for CSA success) and the limitations of standards in a real-world environment.
Innovations in Assurance: Best practices for maintaining certification in the face of new cybersecurity regulations, expanding product lines, and frequent product updates.
ICCC20 Virtual, 16-18 Nov, welcomes Ryan Thomas, CST Laboratory Manager, @acumensec, United States, presenting: You, Me and FIPS 140-3: Open for Business!, iccconference.org pic.twitter.com/9HdpQwvqmI
ICCC20 Virtual, 16-18 Nov, welcomes Joshua Brickman, Director, Security Evaluations, @Oracle, United States, presenting: Cloud and Common Criteria: NWI ISO Proposal, iccconference.org pic.twitter.com/KgT90Hit3L
ICCC20 Virtual, 16-18 Nov, welcomes Anne-Lise Thieblemont, Vice President, @Qualcomm, United States, presenting: Qualcomm’s View on EUCC and Importance of Composition and Re-Use in Certification, iccconference.org pic.twitter.com/1XbDuBHrTH
The Eighth Annual International Cryptographic Module Conference
The leading annual event for global expertise in commercial cryptography.
The International Common Criteria Conference
The leading forum for the community of professionals involved in Common Criteria.