19 March, 2019. Spain will help develop international and European standards on cybersecurity and personal data protection. The announcement was made by the Spanish Association for Standardization, UNE, which will carry the opinions of the industry's experts in Spain to international and European standardization forums that will develop key new standards for the competitiveness of organizations.
In order to channel Spanish participation, UNE recently created the CTN 320 Technical Standardisation Committee on cybersecurity and data protection, which met recently at the headquarters of Telefónica. This organisation, as a Spanish company that actively participates in standardisation, and which is one of the experts in CTN 320, allowed the meeting of this committee to be held in its central offices.
The objective of this working group is to develop standards that respond efficiently to the challenges facing organisations in these fields, directly channelling Spain's influence in the development of European and international standards, through UNE, the Spanish standardisation organisation. These standards are developed within European standardisation organisations (CEN, CENELEC, and ETSI), as well as international bodies (ISO and IEC).
In its Standards Plan, this working group includes developments in areas ranging from cloud security to electronic evidence management, including privacy and security for the IoT (Internet of Things), and privacy for Big Data, among other issues. One of the Committee's other activities involves developing support standards for the Cybersecurity Regulation approved by the European Parliament on 12 March, facilitating the deployment of public policies.
In Spain, this committee is responsible for the UNE-ISO/IEC 27000 family of standards on Information Security Management, including ISO/IEC 27001, a benchmark in the certification of organisations, as well as the ISO/IEC 15408 series on Common Criteria for the Security Assessment, basic standards for the National Security Strategy
The standards reflect the market consensus on best practices in key aspects for the competitiveness of organisations, and are developed with the help of all stakeholders and as a result of the consensus. 59 stakeholder companies participate in CTN 320: from sectorial associations and private companies, including SMEs, to public administrations and public bodies, also involving academia, professional associations, and universities, as well as other entities.
This Committee is structured into six working areas or subcommittees: