l. to r.: Kevin McKinley (Acting Secretary-General of ISO), ISO President Dr. Zhang Xiaogang, Dr. Walter Fumy, Ms Krystyna Passia, Dr. Elisabeth Stampfl-Blaha, ISO Vice-President (technical management)
© ISO

During the 2015 ISO General Assembly held in Seoul, Korea from the 14th to the 18th of September, ISO/IEC JTC1/SC 27 "IT Security techniques" was presented with the Lawrence D. Eicher Leadership Award for its excellent technical work.

The award, which was first presented in 2003, is named after Dr. Lawrence D. Eicher who served as ISO Secretary General  from 1986 to 2002. The "LDE award" is presented to ISO technical committees (TC) or subcommittees (SC) who have shown great leadership, use innovative approaches and promote the involvement of developing countries.

DIN holds the secretariat of this year's winner, ISO/IEC JTC 1/SC 27, which is responsible for the standardization of IT security techniques. Its work is subdivided up into the areas IT management systems, cryptography, security evaluation, security controls and services, and identity management and privacy technologies.

ISO President Dr. Zhang Xiaogang handed the award over to the subcommittee's Chairperson Dr. Walter Fumy, Chief Scientist at the German Federal Printing Office GmbH in Berlin, and secretary Krystyna Passia of DIN. In his laudatory speech, Acting ISO Secretary-General Kevin McKinley listed the special achievements of the subcommittee.
These include the development of a number of globally recognized standards dealing with security risks in information technology. Because companies from all over the world are being faced with such risks, these standards are important for every sector. Some of the best-known standards developed by the subcommittee are: 

• ISO/IEC 27001 “Information technology - Security techniques - Information security management systems – Requirements”
• ISO/IEC 27002 “Information technology - Security techniques - Code of practice for information security controls”
• ISO/IEC 15408 series “Information technology - Security techniques - Evaluation criteria for IT security” (these are known as the "Common Criteria")
• ISO/IEC 24760 series “Information technology - Security techniques - A framework for identity management”
• ISO/IEC 29100  “Information technology - Security techniques - Privacy framework”
• ISO/IEC 29192 series “Information technology - Security techniques - Lightweight cryptography“

Also noteworthy is the special commitment of the subcommittee's experts and their strong ties to industry. For example, whenever an SC 27 meeting is held, special seminars for industry members of that country are held in parallel with the meeting. This promotes the involvement of companies in each host country and helps gather feedback regarding further needs for standardization. The company also works closely with a number of other standardizing bodies.

Dr. Walter Fumy thanked ISO in the name of his experts and the SC 27 management team. He pointed out the subcommittee's strong international presence, with members coming from 71 countries, many of whom have been active for several years. These members put a large amount of work into the committee, which was founded 25 years ago. The multi-national character of SO/IEC JTC1/SC 27 reflects the horizontal nature of its work and the global need for IT security solutions. Dr. Fumy also thanked DIN for its support, as well as the superordinate Joint Technical Committee, ISO/IEC JTC 1 "Information Technology".