Standards are essential for human civilization. Standards enable the global interoperability of technical solutions while ensuring that the technical progress can be applied smoothly on a global scale.
Without International Standards it would be much more difficult to interact with partners in different countries or on different continents. This proved to be important for the first time during the industrial revolution more than 100 years ago, and became even more important as globalization progressed.
In the past, we have seen that any technology of importance has been accompanied by mechanisms to ensure its safety and security, and that the availability of such mechanisms was an indication for the maturity of these technologies. These former technologies included the steam engine and the automobile, to mention but a few.
Today, information and communication technology is one of the key technologies and may very well be the most important one of our time.
In terms of function, computer networks have now reached tremendous performance levels, computers are everywhere, and artificial intelligence is leveraging the algorithmic capabilities of IT systems to unprecedented levels.
Some people say that these developments are at least as important as the industrial revolution a century ago. Similar to the mechanisms that ensured the safety of steam engines in the past, society today needs mechanisms to protect us from the risks we face due to IT systems.
And this is where IT security and privacy standards come into play. Since the very Web itself is global, IT security and privacy need to be considered on a global level too. International standards have proven to be a good tool when it comes to reaching a global scale.
Neither IT security nor privacy can be addressed in a simple manner.
There is no such thing as: “The IT security”. There are many approaches to a vast range of challenges. But they can all be categorized and their impact can be measured and evaluated with respect to common rules developed by an international community of experts.
Requirements and recommendations like these determine the value of international standards because they were developed by applying best practices and the wisdom of a countless number of experts from many different countries. In this sense, standards educate the industry, they help avoid unnecessary mistakes, and they support the efficient use of intellectual resources.
The aspect of privacy is even more complicated. While IT security aspects are evaluated more or less similarly around the globe, privacy issues are influenced by cultural and societal factors. It is a matter of fact that different countries or regions have different cultural backgrounds, different traditions, and different legislation on data protection and privacy.
This makes it all the more important to define a common vocabulary on privacy concepts, and to make the privacy features and properties of IT systems or applications measurable and comparable. The best way to achieve this is to develop sound and appropriate international standards.
IT security has departed from its niche as a topic of interest merely for governments, the military and the financial sector and has become relevant to everyone who owns a computer or smartphone, i.e. virtually to all of us. Coming full circle with the industrial revolution: IT technology will reach maturity and will be trusted by society as soon as we have a set of well-established international standards in place that covers all relevant aspects of IT security and privacy.
Continue reading here.