Related standards or drafts

• Cybersecurity
• Requirements for the competence of it security testing and evaluation laboratories
• Information security, cybersecurity and privacy protection
• Evaluation criteria for it security
• Security techniques
• Iot security and privacy
• Information security management systems
• New concepts and changes in iso/iec 15408:2022 and iso/iec 18045:2022
• Guidelines for information security management systems auditing
• Verification of cryptographic protocols
• Fixed-time cybersecurity evaluation methodology for ict products
• Security evaluation standard for iot platforms
• Supplier relationships
• Health informatics - device interoperability
• Road vehicles — guidelines for auditing cybersecurity engineering
• Road vehicles — cybersecurity engineering
• Road vehicles — safety and cybersecurity for automated driving systems
• Railway applications - cybersecurity
• Maritime navigation and radiocommunication equipment and systems - cybersecurity
• Nuclear power plants - instrumentation, control and electrical power systems - cybersecurity requirements
• Nuclear power plants - instrumentation and control systems - requirements for coordinating safety and cybersecurity

Cyber-attacks on crucial infrastructure, like power plants or hospitals, can significantly impact people's physical welfare and affect their ability to undertake basic activities. The security of these systems, apart from their broader IT systems, is ensured by Operational Technologies (OT) which supervise the proper performance of automated tasks like shutting down a generator to prevent a blackout or stopping a valve to avoid chemical overflow.

Cybersecurity is an important topic for connected devices and systems. ISO, IEC and CEN or CENELEC standards support cybersecurity and the application of the Cybersecurity Act.

European standards and International standards support the application of the Cybersecurity act and associated implementing legislation in Europe.

The line distinguishing Informational Technologies (IT) and Operational Technologies (OT) has been blurred thanks to the Industrial Internet of Things (IIoT) which connects physical machines to networked sensors and software. This connectivity and interaction have increased the potential entry points for cybercriminals, hence the need for a defense strategy that considers IT and OT environments.

Standards have been developed to protect information and ICT measures. These include security requirements capture methodology, management of information, and multiple security mechanisms. Such standards offer guidelines for security controls, services, and the management of information security systems. They also cover areas such as cryptographic and other security mechanisms, security aspects of identity management, and conformance assessment. As such, organizations must follow these standards to ensure the integrity of their IT and OT systems and minimize the risk of cyber-attacks. They span areas from cybersecurity evaluation methodology for ICT products, to supplier relationships in cybersecurity, health informatics cybersecurity, IoT security, and privacy requirements.

These stringent standards are a vital tool in the ongoing fight against cybercrime, providing clear guidelines for protecting the IT and OT environments within our critical infrastructure.

You may find below link to the European and International standards on Cybersecurity.

Click on the links below for accessing the standards or information about them.

Keywords: European Standards, International Standard, CEN standard, CENELEC standard, ISO/IEC Standard, ENISA, ENISA Regulation, ENISA, Cybersecurity Regulation, Cyber, EU Cyber, EU cyber security, Cyber security Europe