CS1 - Cyber Security

• Management of information security and systems
• Management of third party information security service providers
• Intrusion detection
• Network security
• Incident handling
• IT Security evaluation and assurance
• Security assessment of operational systems
• Security requirements for cryptographic modules
• Protection profiles
• Role based access control
• Security checklists
• Security metrics
• Cryptographic and non-crytographic techniques and mechanisms including:
  • confidentiality
  • entity authentication
  • non-repudiation
  • key management
  • data integrity
  • message authentication
  • hash-functions
  • digital signatures
• Future service and applications standards supporting the implementation of control objectives and controls as defined in IS 27001, in the areas of:
  • business continuity
  • outsourcing
• Identity management, inlcuding:
  • identity management framework
  • role based access control
  • single sign-on
• Privacy technologies, including:
  • privacy framework
  • privacy reference architecture
  • privacy infastructure
  • anonymity and credentials
  • specific privacy enhancing technologies

The scope of CS1 explicitly excludes the areas of work on cyber security standardization presently underway in INCITS B10, M1, T3, T10 and T11; as well as other standard groups, such as ATIS, IEEE, IETF, TIA, and X9.