A final recommendation by CSPCERT to the European Commission was accomplished at the Amsterdam Plenary of the Digital Single Market. Co-Authored by the speaker, this presentation will focus on the... Read More
The project “European Security Certification Framework” (EU-SEC)* aims to create a European framework for certification schemes and evaluation concepts to secure cloud infrastructures. Within this framework, existing national and international... Read More
With GDPR being the law now for 18 month and privacy legislation emerging in more jurisdictions, organizations are seeking to utilize a common framework to demonstrate their commitment to PII... Read More
When the Joint Research Centre’s IACS cybersecurity certification Thematic Group started in 2014, it was quickly obvious that IACS components would be the right object to certify in the near... Read More
The Cybersecurity Act was one of the most debated legal packages under the Juncker’s Commission. Its adoption has requested a number of compromises and months of discussions by hundreds of... Read More
IEC 62443 has steadily developed into an internationally recognized standard for the security of connected products. Initially designed to serve the domain of Industrial Control Systems and Applications, IEC 62443... Read More
5G is the safest and most up-to-date telecommunications system created by mankind. Why, after all this long-term innovation, collaboration, standardization, certification and testing do we see only negative headlines about... Read More
This presentation will share experiences in the use of existing security certification frameworks for commercial mass-market products, both from the perspective of chairing the Trusted Computing Group’s certification program for... Read More
A vendor self–assessment of the security of his IT products is in general a good idea – if it is done right. Generally vendors always do some kind fo self–assessment of their products for... Read More
Today, SIMs & Secure Elements (SEs) are well proven hardware components, enabling various devices to be connected and trusted across many different applications such as payment, travel and authentication for... Read More
ISCI is a working group which works for decades in Europe for developing methodology and supportive documents for Common Criteria Standard. This presentation will present: The uniqueness mixture of the... Read More
At the ICMC conference in 2018, Oracle presented concerns that the EU’s Cybersecurity Act could balkanize Common Criteria and its community. Now that the Act has come into force this... Read More
This session will look at what is required to ensure that the connected world is secure. Specifically it will look at third party certification and what we need to do... Read More
Modern feature-oriented development requires fast release cycles for SW of connected devices already deployed in the field. For IoT sectors such as critical infrastructures as well as industrial IoT, the... Read More
This presentation will look at the processes to be applied if an already-certified product needs to be updated. The problem is known: Every product needs to be updated from time... Read More
Can modern product assurance programs be designed to keep pace with agile development? Yes! Not only is it possible, but a shift to “agile assurance” is a necessary step towards... Read More
There is an increasing awareness of the need for CyberSecurity as a hygiene factor for cyber products in general, as well as for more specialised security applications. That means we... Read More
The next generation of cybersecurity required for the digital economy will be led by a collective effort from ICT vendors, government agencies, and academia. Their collaboration in regulation and standardization,... Read More
The IOT certification landscape is huge and it is probably an area where regulation is more than desirable as certification schemes are heterogeneous in so many ways. To conduct our... Read More
SESIP (Security Evaluation Standard for IoT Platforms) is a light-weight standard and methodology to apply Common Criteria to IoT Platforms. From the experience of the already running operational scheme, this... Read More
Millions of IoT devices are expected to be granted security certifications with a Substantial security assurance level as defined by the Cybersecurity Act. At this level of assurance, the requirements... Read More
How high-secure Technologies support IoT devices on level “basic“ and “substantial.“ The question of how to secure the Internet-of-Things in a simple way is not easy to answer. It is... Read More
With a great variety of devices, new attack schemes, complex software, and limited security awareness, IoT represents a challenge for security certification. Traditional approaches remain suitable for the roots of... Read More
The Open Web Application Security Project (OWASP) IoT Project is designed to help manufacturers, developers, and consumers better understand the security issues associated with the Internet of Things, and to... Read More
With the introduction of the European Cyber Security Act (CSA), there is a lot of attention on the nature of mandatory versus optional product certification. This presentation will explore the... Read More
The next generation of cybersecurity required for the digital economy will be led by a collective effort from ICT vendors, government agencies, and academia. Their collaboration in regulation and standardization,... Read More
This panel, featuring founding and contributing partners to the Charter of Trust, will discuss some of Key Principles of the Charter: (Principle 2) Responsibility throughout the digital supply chain, and... Read More
Securing network and information systems in the European Union has been deemed as a key objective in an effort to keep the EU online economy functional and secure. The purpose... Read More
The certification related parts of the Cybersecurity act generally refer to ‘products, processes, and services’. This presentation will show how these elements interact to provide meaningful confidence of cybersecurity. It... Read More
Cyber-attacks know no borders and therefore cybersecurity standards and certifications play an indispensable role in achieving a safer ICT environment. While working towards a common cybersecurity product certification framework, the... Read More
As a chief information security officer (CISO) at a federal agency in the United States, the presenter will provide a practical perspective on the importance of standards as well as... Read More