The Internet has become a critical infrastructure for both businesses and individual users. Growing dependence on networked digital systems has brought with it an increase in both the variety and quantity of cyber-threats.
In addition, the different methods governing secure transactions in the various Member States of the European Union sometimes make it difficult to assess risk and to ensure adequate security.
Standards have a key role to play in protecting the Internet and the communications and business it carries.
Our Cyber Security committee (TC CYBER) is working closely with relevant stakeholders to develop standards to increase privacy and security for organizations and citizens across Europe.
We are looking in particular at the security of infrastructures, devices, services and protocols, as well as security tools and techniques to ensure security.
We are preparing a report on protection measures for Information and Communications Technologies (ICT) in critical infrastructures, specifically power and transport, which underpin all the other critical infrastructures. This report will include resilience, Machine-to-Machine communications and eHealth.
We are also producing standards related to:
- security assurance
- monitoring the security of Network Functions Virtualization (NFV)
- the protection and retention of personally identifiable information
- security aspects of Lawful Interception (LI) and data retention interfaces
- an LI security baseline for NFV and related platforms
- a global cyber security ecosystem
- platform security technology
- the post quantum computing impact on ICT security
In addition, TC CYBER serves as a centre of expertise and offers security advice and guidance to users, manufacturers and network and infrastructure operators as well as other ETSI committees.
We also work with the Cyber Security Co-ordination Group (CSCG), an advisory body which brings ETSI together with CEN and CENELEC and various security-related European institutions.
The following is a list of the latest published ETSI standards on cyber security.
A full list of related standards in the public domain is accessible via the ETSI standards search. Via this interface you can also subscribe for alerts on updates of ETSI standards.
For work in progress see the ETSI Work Programme on the Portal.
|Standard No.||Standard title.|
|TR 103 305-1||CYBER; Critical Security Controls for Effective Cyber Defence; Part 1: The Critical Security Controls|
|TR 103 305-2||CYBER; Critical Security Controls for Effective Cyber Defence; Part 2: Measurement and auditing|
|TR 103 305-3||CYBER; Critical Security Controls for Effective Cyber Defence; Part 3: Service Sector Implementations|
|TR 103 305-4||CYBER; Critical Security Controls for Effective Cyber Defence; Part 4: Facilitation Mechanisms|
|TR 103 331||CYBER; Structured threat information sharing|
|TR 103 304||CYBER; Personally Identifiable Information (PII) Protection in mobile and cloud services|
|TR 103 369||CYBER; Design requirements ecosystem|
|EG 203 310||CYBER; Quantum Computing Impact on security of ICT Systems; Recommendations on Business Continuity and Algorithm Selection|
|TS 103 307||CYBER; Security Aspects for LI and RD Interfaces|
|TR 103 303||CYBER; Protection measures for ICT in the context of Critical Infrastructure|
|TS 103 487||CYBER; Baseline security requirements regarding sensitive functions for NFV and related platforms|
|TR 103 308||CYBER; Security baseline regarding LI and RD for NFV and related platforms|
|TR 103 306||CYBER; Global Cyber Security Ecosystem|
|TR 103 309||CYBER; Secure by Default - platform security technology|
|TR 103 305||CYBER; Critical Security Controls for Effective Cyber Defence|