Cyber security

Introduction

The Internet has become a critical infrastructure for both businesses and individual users. Growing dependence on networked digital systems has brought with it an increase in both the variety and quantity of cyber-threats.

In addition, the different methods governing secure transactions in the various Member States of the European Union sometimes make it difficult to assess risk and to ensure adequate security.

Standards have a key role to play in protecting the Internet and the communications and business it carries.

Our Role & Activities

ETSI is working closely with relevant stakeholders to develop standards to increase privacy and security for organizations and citizens across Europe and worldwide.

We are looking at providing standards for horizontal and cross-domain applicability, as well as for the security of infrastructures, devices, services and protocols and security tools and techniques. We address the following area:

  • Horizontal cybersecurity
    • Privacy by design
    • Security controls
    • Network and Information Security, critical infrastructures
    • Information Security Indicators
  • Securing technologies and systems
    • Mobile/Wireless systems (3G/4G, TETRA, DECT, RRS, RFID...)
    • IoT and Machine-to-Machine (M2M)
    • Network Functions Virtualisation
    • Intelligent Transport Systems, Maritime
    • Broadcasting
  • Security tools and techniques
    • Lawful Interception and Retained Data
    • Digital Signatures and trust service providers
    • Secure elements
    • Exchangeable CA/DRM solutions
    • Cryptography

Work is carried out by many ETSI groups. TC CYBER mainly works on cross-domain cybersecurity while addressing more specific domains or security tools and techniques if not addressed by other ETSI groups.

In addition, TC CYBER serves as a centre of expertise and offers security advice and guidance to users, manufacturers and network and infrastructure operators as well as other ETSI committees.

Standards

The following is a list of the latest published ETSI standards on cyber security.

A full list of related standards in the public domain is accessible via the ETSI standards search. Via this interface you can also subscribe for alerts on updates of ETSI standards.

For work in progress see the ETSI Work Programme on the Portal.

Standard No. Standard title.
TR 103 421 CYBER; Network Gateway Cyber Defence
TR 103 306 CYBER; Global Cyber Security Ecosystem
TS 103 307 CYBER; Security Aspects for LI and RD Interfaces
TR 103 305-1 CYBER; Critical Security Controls for Effective Cyber Defence; Part 1: The Critical Security Controls
TR 103 305-2 CYBER; Critical Security Controls for Effective Cyber Defence; Part 2: Measurement and auditing
TR 103 305-3 CYBER; Critical Security Controls for Effective Cyber Defence; Part 3: Service Sector Implementations
TR 103 305-4 CYBER; Critical Security Controls for Effective Cyber Defence; Part 4: Facilitation Mechanisms
TR 103 331 CYBER; Structured threat information sharing
TR 103 304 CYBER; Personally Identifiable Information (PII) Protection in mobile and cloud services
TR 103 369 CYBER; Design requirements ecosystem
EG 203 310 CYBER; Quantum Computing Impact on security of ICT Systems; Recommendations on Business Continuity and Algorithm Selection
TS 103 307 CYBER; Security Aspects for LI and RD Interfaces
TR 103 303 CYBER; Protection measures for ICT in the context of Critical Infrastructure
TS 103 487 CYBER; Baseline security requirements regarding sensitive functions for NFV and related platforms
TR 103 308 CYBER; Security baseline regarding LI and RD for NFV and related platforms
TR 103 306 CYBER; Global Cyber Security Ecosystem
TR 103 309 CYBER; Secure by Default - platform security technology
TR 103 305 CYBER; Critical Security Controls for Effective Cyber Defence