ITU has developed an online tool to keep track of crucial ICT security standards work through a single access point. For the first time, ICT security vendors, service providers, developers, researchers and the public will now have security standards at their fingertips, with one common user interface.
The guide called the ICT Security Standards Roadmap brings together information about existing standards and work in progress by the world's key standards developers. It is a collaborative effort between ITU, the European Network and Security Information Agency (ENISA) and the Network and Information Security Steering Group (NISSG). Enhancing security in cyberspace is a matter of critical concern in an increasingly networked society. Crime on the Internet alone has led to losses estimated at several billion dollars, both from online theft and from costs related to fixing networks that have been the victim of cyberattack. Cybercrime takes several forms, from breaching network security, financial fraud, invasion of privacy and identity theft to virus attacks or spam. Standards-development bodies have a unique ability to address security vulnerabilities in ICT by bringing together all players. As well as the publication and development of many important security Recommendations, ITU has been behind many open discussions on providing security guidelines to protocol authors and identifying threats and vulnerabilities. The guide provides information for potential users of security standards and other stakeholders to gain an understanding of what standards are available or under development as well as the key organizations that are working in the area. This web-based tool also lists standards-development organizations and the security standards they publish. Acting as a central tracking facility, it not only enables the identification of standards and standards activities but it also fosters coordination among standardization bodies, reducing duplication of effort and making it easier to identify existing gaps.
The guide, to be developed on an ongoing basis to enhance its scope and include other standard-development organizations, is organized in five sections: (i) ICT standards development organizations and their work; (ii) Approved ICT security standards; (iii) Security standards under development; (iv) Future needs and proposed new security standards, and (v) Best practices