david hanlon cybersecurity standardization iec secretary ... · smart grid cloud computing avionics...
TRANSCRIPT
![Page 1: David Hanlon Cybersecurity Standardization IEC Secretary ... · SMART GRID CLOUD COMPUTING AVIONICS ELECTRICITY HEALTH SERVICES ... PowerPoint Presentation Author: Claire Marchand](https://reader035.vdocument.in/reader035/viewer/2022071218/604f057f1a5ae702ed6c1613/html5/thumbnails/1.jpg)
INTERNATIONAL
ELECTROTECHNICAL
COMMISSION
David HanlonIEC Secretary of the
Conformity Assessment Board
Cybersecurity Standardization
and the Cybersecurity Act:Where are we today ?
Brussels, 2019-01-21
![Page 2: David Hanlon Cybersecurity Standardization IEC Secretary ... · SMART GRID CLOUD COMPUTING AVIONICS ELECTRICITY HEALTH SERVICES ... PowerPoint Presentation Author: Claire Marchand](https://reader035.vdocument.in/reader035/viewer/2022071218/604f057f1a5ae702ed6c1613/html5/thumbnails/2.jpg)
2
CRITICAL INFRASTRUCTUR
E
CYBERSECURITY
SMART GRID
CLOUD COMPUTING
AVIONICS
ELECTRICITY
HEALTH SERVICES
Cyber threat is a worldwide phenomenon
Cybersecurity requires a worldwide approach
![Page 3: David Hanlon Cybersecurity Standardization IEC Secretary ... · SMART GRID CLOUD COMPUTING AVIONICS ELECTRICITY HEALTH SERVICES ... PowerPoint Presentation Author: Claire Marchand](https://reader035.vdocument.in/reader035/viewer/2022071218/604f057f1a5ae702ed6c1613/html5/thumbnails/3.jpg)
3
Standards Development (SD)
International Standards
Conformity Assessment (CA)
Global CA Systems
IEC International
Electrotechnical
Commission
Since 1906
Since 1974
80% of CENELEC standards
are adopted from IEC standards
Cybersecurity certification services
since 2017 (to IEC 62443 series)
![Page 4: David Hanlon Cybersecurity Standardization IEC Secretary ... · SMART GRID CLOUD COMPUTING AVIONICS ELECTRICITY HEALTH SERVICES ... PowerPoint Presentation Author: Claire Marchand](https://reader035.vdocument.in/reader035/viewer/2022071218/604f057f1a5ae702ed6c1613/html5/thumbnails/4.jpg)
VARIATION
Doubt in CA resultsLack of trustDuplication of assessmentsAdded costsTrade barriers
ACCREDITATION
In the real world there are
• Competent CABs too strong
• Competent CABs too weak
• Competent CABs correct
• Incompetent CABs
• Fraudulent CABs
In the real world standards are not perfect
Consensus based sometimes needs interpretation
4
Consistent Assessment
Eg: Assessment relies on “professional judgement”
of the application of standards
![Page 5: David Hanlon Cybersecurity Standardization IEC Secretary ... · SMART GRID CLOUD COMPUTING AVIONICS ELECTRICITY HEALTH SERVICES ... PowerPoint Presentation Author: Claire Marchand](https://reader035.vdocument.in/reader035/viewer/2022071218/604f057f1a5ae702ed6c1613/html5/thumbnails/5.jpg)
VARIATION
Doubt in CA resultsLack of trustDuplication of assessmentsAdded costsTrade barriers
ACCREDITATION
In the real world standards are not perfect
Consensus based sometimes needs interpretation
5
Eg: Assessment relies on “professional judgement”
In the real world there are
• Competent CABs too strong
• Competent CABs too weak
• Competent CABs correct
• Incompetent CABs
• Fraudulent CABs
IEC CA Systemcommon interpretation
peer assessment
common rulescommon methodologies
Consistent comparable
CA results, worldwide
World’s Best Practice attested by United Nations
Consistent Assessmentof the application of standards
![Page 6: David Hanlon Cybersecurity Standardization IEC Secretary ... · SMART GRID CLOUD COMPUTING AVIONICS ELECTRICITY HEALTH SERVICES ... PowerPoint Presentation Author: Claire Marchand](https://reader035.vdocument.in/reader035/viewer/2022071218/604f057f1a5ae702ed6c1613/html5/thumbnails/6.jpg)
Highest cost-benefit cybersecurity
Optimization formula
Highest cost-benefit cybersecurity
= requirements based oninternational standards
+ competent CABs (accreditation)
+ consistent & comparable
CA results worldwide
(IEC CA Systems)
6
![Page 7: David Hanlon Cybersecurity Standardization IEC Secretary ... · SMART GRID CLOUD COMPUTING AVIONICS ELECTRICITY HEALTH SERVICES ... PowerPoint Presentation Author: Claire Marchand](https://reader035.vdocument.in/reader035/viewer/2022071218/604f057f1a5ae702ed6c1613/html5/thumbnails/7.jpg)
INTERNATIONAL
ELECTROTECHNICAL
COMMISSION
David HanlonIEC Secretary of the
Conformity Assessment Board
Cybersecurity Standardization
and the Cybersecurity Act:Where are we today ?
Brussels, 2019-01-21