Secure Application Development
Home faculty program location registration subscribe related past events	International standardization of IT security Over the last 10 years security has evolved from being exclusive to the IT department of a company to an inherent part of the corporate governance and strategy. Previously there was a lack of management buy-in. Now security is put more and more under senior management control. ICT security has evolved from a very fragmented “reactive” approach to an integrated “pro-active” one. Two important drivers for this are business interoperability and cost effectiveness and “standardization” plays a major supporting role in this. The presentation will provide an overview on the most important IT security standardization bodies. Next it will focus mainly on the activities of ISO/IEC JTC 1 SC27. It is a primary resource of international standards on application-independent IT security techniques for use by industry and other standardization groups. It has developed many standards already in use by commerce and industry and its current development programme is set to shape an even better future for protecting those assets critical to the success and well-being of businesses world wide. Its scope ranges from cryptographic techniques to security guidelines, criteria and methods.

Secure Application Development

International standardization of IT security

Over the last 10 years security has evolved from being exclusive to the IT department of a company to an inherent part of the corporate governance and strategy. Previously there was a lack of management buy-in. Now security is put more and more under senior management control. ICT security has evolved from a very fragmented “reactive” approach to an integrated “pro-active” one. Two important drivers for this are business interoperability and cost effectiveness and “standardization” plays a major supporting role in this. The presentation will provide an overview on the most important IT security standardization bodies. Next it will focus mainly on the activities of ISO/IEC JTC 1 SC27. It is a primary resource of international standards on application-independent IT security techniques for use by industry and other standardization groups. It has developed many standards already in use by commerce and industry and its current development programme is set to shape an even better future for protecting those assets critical to the success and well-being of businesses world wide. Its scope ranges from cryptographic techniques to security guidelines, criteria and methods.