www.sesei.eu | dinesh.chand.sharma@sesei.eu | M: +919810079461 | Tel: +911133521500
Data Protection & privacy

Discover New EN 17529 on Data Protection and Privacy by Design and by Default

Privacy and personal data protection are essential in our current society as our offline and digital experiences are increasingly entwined. To ensure that these essential values are taken into account early on in the development of products and services, newly developed EN 17529 ‘Data protection and privacy by design and by default’ provides manufacturers and service providers with requirements before, or independently of, any specific application integration.


EN 17529 was developed in response to a request from the European Commission and is a perfect example of how European standards can be developed to complement international adoptions to address European values. Under this same mandate, there are also two Technical Reports that are currently being finalized which contain recommendations on how to integrate the principle of ‘data protection and privacy by design’ during the entire lifecycle of biometric access-control products and services, in order to achieve ‘data protection and privacy by default’. EN 17529 was developed by CEN-CLC/JTC 13 ‘Cybersecurity and Data Protection’, the Secretariat of which is currently held by DIN. JTC 13 is currently working on more standards to address similar issues, notably through its Working Group 5 ‘Data Protection, Privacy and Identity Management’.

Security

European Commission proposes new cyber security regulations

The Commission proposed new rules to establish common cybersecurity and information security measures across the EU institutions, bodies, offices and agencies. The proposal aims to bolster their resilience and response capacities against cyber threats and incidents, as well as to ensure a resilient, secure EU public administration, amidst rising malicious cyber activities in the global landscape. 


Cybersecurity Regulation: The proposed Cybersecurity Regulation will put in place a framework for governance, risk management and control in the cybersecurity area. It will lead to the creation of a new inter-institutional Cybersecurity Board, boost cybersecurity capabilities, and stimulate regular maturity assessments and better cyber-hygiene. It will also extend the mandate of the Computer Emergency Response Team for the EU institutions, bodies, offices and agencies (CERT-EU), as a threat intelligence, information exchange and incident response coordination hub, a central advisory body, and a service provider.

Security

Standardization Conference Explores EU Cyber- Security Legislation

The European Standards Organizations (ESOs), CEN, CENELEC and ETSI, joined forces with ENISA, the European Union Agency for Cybersecurity, to organize their 6th annual conference. The virtual conference focused on ‘European Standardization in support of the EU cybersecurity legislation’. The event opened with the European Standards Organizations, ENISA and the European Commission giving an overview of the EU cybersecurity standardization landscape. 

 

The purpose of the conference was twofold. First of all, the event presented current developments in the area of cybersecurity standardization. It also fostered a dialogue among policy makers, industry, research, consumer associations, standardization, and certification organizations, including all of those involved in the development of the ICT certification framework in Europe.


The EU Agency for Cybersecurity seizes the opportunity of the standardization conference to issue two new reports on standardization in support of cybersecurity policy. The first is overview of existing standards in relation to risk management describing methodologies & tools used to meet standards’ requirements. The second report focuses on 5G cybersecurity and analyzes standards contributing to the mitigation of technical and organizational risks in the 5G ecosystem. Both reports identify standardization gaps, and provide recommendations to enhance standards coverage in these areas, based on the needs of stakeholders.