• Home
  • News
  • Academy
  • Family
  • CAB
  • SMB

The IEC and cyber security

September 05, 2018
by Editorial Team
certification, cyber security, IEC, standards, testing
0 Comment


The new IEC publication on cyber security is an executive introduction to strategy and best practices for decision-makers. Here is a quick overview of the management structure — IEC committees, working groups and systems — not covered in the new brochure.

IEC advocates a holistic approach to building cyber resilience, incorporating people, processes and technology and combining best practices with testing and certification. The collaboration of the IEC’s Standardization Management Board (SMB) and Conformity Assessment Board (CAB) reflects the systems-based approach adopted by the organization’s technical experts towards developing short, medium and long-term strategies.

The SMB has set up an Advisory Committee on Information security and data privacy (ACSEC). Its scope includes:

  • Dealing with information security and data privacy matters which are not specific to a single IEC Technical Committee (TC);
  • Coordinating activities related to information security and data privacy;
  • Providing guidance to TCs and subcommittees (SCs) for the implementation of information security and data privacy in a general perspective and for specific sectors.

CAB manages and supervises all IEC conformity assessment (CA) activities and represents the IEC CA community. CAB also oversees the four IEC CA Systems but delegates their management and overall operational responsibility to the management body of each CA System.

CAB has set up a working group, CAB WG 17, to investigate the market need and time frame for CA services (global certification schemes) for products, services, personnel and integrated systems in the domain of cyber security. The working group collaborates with the United Nations Economic Commission for Europe (UNECE) on a project to create a Common Regulatory Objectives document focusing on cyber security.

The objective will be to describe a “world best practice process for a systems approach to conformity assessment for cyber security”, which will be a comprehensive but generic process that can be applied to any technical system.

In its analysis of and discussions with different sectors, CAB WG 17 found that there is a convergence towards two main series of Standards, IEC 62443 and the ISO/IEC 27000 family of Standards. The IEC 62443 series focuses on operational technology (OT), which is concerned with keeping cyber-physical systems operating as intended, while the ISO/IEC 27000 family of Standards focuses on information technology (IT), which is concerned about the flow and accuracy of data, data privacy, etc.

For a complete cyber security strategy both are needed, as well as some sector-specific Standards, including for example IEC 62645 for the nuclear industry or the IEC 62351 series of Standards for the electrical energy sector.

IECEE, the IEC System of Conformity Assessment Schemes for Electrotechnical Equipment and Components, has developed a testing and certification programme to address the expanding need for CA solutions related to cyber security in the industrial automation sector. The rules of procedure for the IECEE industrial cyber security programme have been approved by the Certification Management Committee.

The service provides a framework for assessments in accordance with the IEC 62443 series of International Standards on security for industrial automation and control systems. This will result in an IECEE certificate of conformity – industrial cyber security capability.

Related content

The ABC of cyber security

Read more blog posts about cyber security
Find out more about the IEC and cyber security

Social Share
  • google-share

Categories

Archives

RSS IEC e-tech

  • 166th SMB meeting held in Shanghai
  • Health and environment at risk
  • 2019 Council Statutory Session
  • Medical device standards experts and regulators discuss closer collaboration
  • Standing straight
  • Cyber security strategies for the energy sector: how to achieve resilience
  • Answers in the cloud
  • Standards advance the fourth industrial revolution
  • Artificial intelligence and big data: a paradigm shift in healthcare
  • JPEG is awarded 2019 Engineering Emmy
  • Standards help ensure safety of medical devices using artificial intelligence
  • Bright lights, big city
  • New ground-breaking standard saves time and money
  • Have you taken your medication today?
  • Equal opportunities to good health
  • Mind games
  • Building an age-friendly world
  • Protection from cyber threats and beyond
  • Certification advances renewable energy industries
  • Cyber security-by-design

RSS IEC Webstore – latest publications

  • IEC 60570:2003/AMD2:2019
  • IEC 60747-5-9:2019
Follow IEC
facebook
twitter
linkedin
pinterest
youtube
Copyright © IEC . All rights reserved.