top of page
  • Facebook
  • X
  • Linkedin

ETSI TC Cyber

Cybersecurity

ETSI Technical Committee on Cyber Security:

The rapid evolution and growth in the complexity of new systems and networks, coupled with the sophistication of changing threats, present demanding challenges for maintaining the security of Information and Communications Technologies (ICT) systems and networks. Security solutions must include a reliable and secure network infrastructure, but they must also protect the privacy of individuals and organizations. Security standardization, sometimes in support of legislative actions, has a key role to play in protecting the Internet and the communications and business it carries. We offer market-driven cybersecurity standardization solutions, along with advice and guidance to users, manufacturers, network, infrastructure and service operators and regulators.

​

Terms Of Reference:

The main responsibilities of ETSI TC CYBER are:

  • To act as the ETSI centre of expertise in the area of Cyber Security

  • Advise and assist all ETSI Groups with the development of Cyber Security requirements

  • To develop and maintain the Standards, Specifications and other deliverables to support the development and implementation of Cyber Security standardization within ETSI

  • To collect and specify Cyber Security requirements from relevant stakeholders

  • To identify gaps where existing standards do not fulfil the requirements and provide specifications and standards to fill these gaps, without duplication of work in other ETSI committees and partnership projects

  • To ensure that appropriate Standards are developed within ETSI in order to meet these requirements

  • To perform identified work as sub-contracted from ETSI Projects and ETSI Partnership Projects

  • To coordinate work in ETSI with external groups such as ENISA

  • To answer to policy requests related to Cyber Security, and security in broad sense in the ICT sector.

​

Areas of Activity:

​The activities of TC CYBER are performed in close co-operation with relevant standards activities within and outside ETSI. 
The activities of ETSI TC CYBER include the following broad areas:

  • Cyber Security

  • Security of infrastructures, devices, services and protocols

  • Security advice, guidance and operational security requirements to users, manufacturers and network and infrastructure operators

  • Security tools and techniques

  • Provision of security mechanisms to protect privacy

  • Creation of security specifications and alignment with work done in other TCs.

​

TC CYBER has two Working Groups focusing on specific areas::

  • Quantum-Safe Cryptography

  • EU Standardisation Requests, including developing harmonised standards for vertical product categories in support of the Cyber Resilience Act.

Working Group 

EU Standardisation Requests (EUSR)

CYBER-EUSR is responsible for producing EU Standardization Request deliverables and shall cover work relating to the EU Cyber Resilience Act (CRA). Eighteen work items for developing harmonised standards for different product verticals are currently active or in preparation in CYBER-EUSR.

Link to the CRA standardization request

Working on European Standards in response to the CRA Standardization Request, Annex I:

Line 17

European standard(s) on essential cybersecurity requirements for standalone and embedded browsers

Line 18

European standard(s) on essential cybersecurity requirements for password managers

Line 19

European standard(s) on essential cybersecurity requirements for software that searches for, removes, or quarantines malicious software

Line 20

European standard(s) on essential cybersecurity requirements for products with digital elements with the function of virtual private networks

Line 21

European standard(s) on essential cybersecurity requirements for network management systems

Line 22

European standard(s) on essential cybersecurity requirements for security information and event management (SIEM) systems

Line 23

European standard(s) on essential cybersecurity requirements for boot managers

Line 24

European standard(s) on essential cybersecurity requirements for public key infrastructure and digital certificate issuance software

Line 25

European standard(s) on essential cybersecurity requirements for physical and virtual network interfaces

Line 26

European standard(s) on essential cybersecurity requirements for operating systems

Line 27

European standard(s) on essential cybersecurity requirements for routers, modems intended for the connection to the internet, and switches

Line 31

European standard(s) on essential cybersecurity requirements for smart home general purpose virtual assistants

Line 32

European standard(s) on essential cybersecurity requirements for smart home products with security functionality, including smart door locks, security cameras, baby monitoring and alarm systems

Line 33

European standard(s) on essential cybersecurity requirements for internet connected toys covered by Directive 2009/48/EC that have social interactive features or that have location tracking features

Line 34

European standard(s) on essential cybersecurity requirements for personal wearable products to be worn or placed on a human body that have a health monitoring purpose and to which the Regulation (EU) 2017/746 do not apply or personal wearable products that are intended for the use by and for children

Line 35

European standard(s) on essential cybersecurity requirements for hypervisors and container runtime systems that support virtualised execution of operating systems and similar environments

Line 36

European standard(s) on essential cybersecurity requirements for firewalls, intrusion detection and/or prevention systems

bottom of page