标准2025这是德意志联邦共和国的欧盟常驻代表于2017年7月11日在布鲁塞尔举行的德国标准化协学会(DIN)研讨会的主题。
在对80多名与会者的发言中,DIN执行理事会成员Rüdiger Marquardt指出标准化作为一种工具,可以用以制定符合德国NIS指令和《通用数据保护条例》立法要求的详细解决方案。ISO / IEC 27000系列标准中依然存在许多关于IT安全管理的基本标准。现在具体行业标准必须跟进,各标准化组织之间应相互合作,以保持跨国标准体系的一致性的方式,承担起这一责任。
Rüdiger Marquardt向Andrus Ansip委员会的内阁成员Maximillian Strotmann介绍了由KITS发布的《德国IT安全标准化路线图》。
对于标准化对网络安全的贡献和创建数字化单一市场,Strotmann先生表示欢迎。 Strotmann说委员会不希望对标准化进行非必要的政治化,并表示在分配标准化任务时,各行动总署必须更密切地合作。
DIN的政府关系主管Sibylle Gabler与高水平的座谈小组讨论了物联网网络安全立法方面的一些缺陷。讨论的其他主题包括有关产品IT安全的ISO标准“通用准则”、基于风险的方法和许多未来IT安全认证可能性。
参加讨论小组成员包括:欧洲议会议员和NIS指令报告人Andreas Schwab博士、欧洲网络安全组织总秘书Luigi Rebuffi、联邦信息安全局局长Bernd Kowalski、西门子技术规范和标准化总监Markus Reigl以及网络安全协调小组主席Jean-PierreQuémard。
“How does standardization contribute to IT security in the Digital Single Market?”
This was the topic of the DIN discussion event hosted by the Permanent Representative of the Federal Republic of Germany to the European Union in Brussels on 11 July 2017.
Presenting to over 80 participants, DIN Executive Council member Rüdiger Marquardt proffered standardization as an instrument that can be used to develop detailed solutions pursuant both to the legislative requirements of the German NIS directive and the General Data Protection Regulation. Many fundamental standards already exist in the ISO/IEC 27000 series on IT security management. Sector-specific standards must now follow, the responsibility lying with standards organizations to cooperate with one another in a manner that preserves the consistency of the transnational body of standards.
Rüdiger Marquardt presented Maximillian Strotmann, member of Commissioner Andrus Ansip’s cabinet, with the German Standardization Roadmap on IT Security, published by KITS.
Mr Strotmann welcomed the contribution of standardization to cyber security and the creation of a Digital Single Market. The Commission does not wish to politicize standardization unnecessarily, said Strotmann, acknowledging that individual Directorates General would have to cooperate more closely when assigning standardization mandates.
Sibylle Gabler, Head of Government Relations at DIN, discussed possible gaps in legislation governing network security of the Internet of Things with a highly qualified panel. Further topics discussed were the ISO standard “Common Criteria” pertaining to IT security of products, a risk-based approach and numerous future possibilities for an IT security certification.
The following panellists took part: Dr. Andreas Schwab, Member of the European Parliament and Rapporteur on the NIS directive, Luigi Rebuffi, General Secretary of the European Cyber Security Organisation, Bernd Kowalski, Head of the Federal Office for Information Security, Markus Reigl, Director of the Technical Regulation and Standardization at Siemens as well as Jean-Pierre Quémard, Chair of the Cyber Security Coordination Group.