Cover Image

Governance framework of the European standardization : aligning policy, industry and research, v1.0

In response to the European Union's Cybersecurity Strategy, the CSCG has published a White Paper with recommendations on digital security. The CSCG's recommendations underline the importance of Cybersecurity standardisation to complete the European internal market and to raise the level of Cybersecurity in Europe in general. CSCG Recommendation #1 proposes a review of the current governance framework. This document analyses the good practices within the governance framework of the European Union and proposes recommendations for stakeholders. It has been written by CSCG and ENISA experts as a response to the Recommendation #1 and forms a logical entity together with the response to the CSCG Recommendation #2, Definition of Cybersecurity - Gaps and overlaps in standardisation, published by ENISA at the same time. Cybersecurity differs from other areas because the systems to which best practices (including formal guidelines and standards) are to be applied are by nature socio-technical systems, where people and technological elements are strictly intertwined. The social part of the systems comprises a plurality of actors and stakeholders. In technical domains primarily a restricted and controllable set of actors is to be found. All these different actors can have conflicting interests in protecting their security - the ongoing debate on the confidentiality of individual users of Cyberspace versus the necessities of national security is only the most striking example. The role of standardisation and policy, in their interaction with Cyberspace and Cybersecurity is similarly complex and this is possibly best exemplified with regard to privacy legislation. From these considerations it follows that a purely technical, classical standardisation approach is likely to fail in such a domain as Cybersecurity. With people being part of the system to be secured, purely technical standards and guidelines have to be complemented by organisational, societal ones. In standardisation policy a multi-disciplinary approach would be very useful but it appears hard to achieve.
Year of publication:
[2015]
Institutions: European Network and Information Security Agency (issuing body)
Publisher: Heraklion : ENISA
Extent:
1 Online-Ressource (22 p...)
Type of publication: Book / Working Paper
Language: English
Notes:
December 2015. - Includes bibliographical references
ISBN: 978-92-9204-154-0
Other identifiers:
10.2824/358519 [DOI]
Source:
ECONIS - Online Catalogue of the ZBW
Persistent link: https://www.econbiz.de/10015296873
Similar items by person