Skip main navigation
Home>The Association>UNE Information Room>Press releases>Spain to help develop international cybersecurity standards

Spain to help develop international cybersecurity standards


  • Technical Standardisation Committee CTN 320 of the Spanish Association for Standardisation, UNE, will carry the opinions of the industry's experts in Spain to international and European standardisation forums, where new standards will be developed on cybersecurity and personal data protection.
  • Se trabajará en ámbitos que van desde la seguridad en la nube hasta la gestión de evidencias electrónicas, pasando por la privacidad IoT (Internet de las Cosas) o seguridad y privacidad para Big Data, entre otros.
  • The latest meeting of this new Committee was held in the headquarters of Telefónica and comprised experts from 59 stakeholder companies, responding efficiently to the challenges facing organisations and supporting the deployment of public policies. 

19 March, 2019. Spain will help develop international and European standards on cybersecurity and personal data protection. This announcement was made by the Spanish Association for Standardisation-UNE, which will carry the opinions of the industry's experts in Spain to international and European standardisation forums that will develop key new standards for the competitiveness of organisations.

In order to channel Spanish participation, UNE recently created the CTN 320 Technical Standardisation Committee on cybersecurity and data protection, which met recently at the headquarters of Telefónica. This organisation, as a Spanish company that actively participates in standardisation, and which is one of the experts in CTN 320, allowed the meeting of this committee to be held in its central offices.

The objective of this working group is to develop standards that respond efficiently to the challenges facing organisations in these fields, directly channelling Spain's influence in the development of European and international standards, through UNE, the Spanish standardisation organisation. These standards are developed within European standardisation organisations (CEN, CENELEC, and ETSI), as well as international bodies (ISO and IEC).

In its Standards Plan, this working group includes developments in areas ranging from cloud security to electronic evidence management, including privacy and security for the IoT (Internet of Things), and privacy for Big Data, among other issues. One of the Committee's other activities involves developing support standards for the Cybersecurity Regulation approved by the European Parliament on 12 March, facilitating the deployment of public policies.

In Spain, this committee is responsible for the UNE-ISO/IEC 27000 family of standards on Information Security Management, including ISO/IEC 27001, a benchmark in the certification of organisations, as well as the ISO/IEC 15408 series on Common Criteria for the Security Assessment, basic standards for the National Security Strategy

The standards reflect the market consensus on best practices in key aspects for the competitiveness of organisations, and are developed with the help of all stakeholders and as a result of the consensus. 59 stakeholder companies participate in CTN 320: from sectorial associations and private companies, including SMEs, to public administrations and public bodies, also involving academia, professional associations, and universities, as well as other entities.

This Committee is structured into six working areas or subcommittees:

  • CTN320/SC1 Cybersecurity management systems
  • CTN320/SC2 Cryptography and security mechanisms
  • CTN320/SC3 Security evaluation, testing, and specifications
  • CTN320/SC4 Service security
  • CTN320/SC5 Data protection, privacy, and identity management
  • CTN320/SC6 Product security