NEWS

IEC 1906 Award goes to Dr Edward Humphreys 2021-07

 

 

The following SC 27 standards were published in 2023

ISO/IEC 4922-1:2023 Information security — Secure multiparty computation — Part 1: General 2023-07
ISO/IEC TR 6114:2023 - Cybersecurity — Security considerations throughout the product life cycle 2023-10
ISO/IEC TS 9569:2023 - Information security, cybersecurity and privacy protection — Evaluation criteria for IT security — Patch Management Extension for the ISO/IEC 15408 series and ISO/IEC 18045 2023-11
ISO/IEC 9797-1:2011/Amd 1:2023 - Information technology — Security techniques — Message Authentication Codes (MACs) — Part 1: Mechanisms using a block cipher — Amendment 1 2023-08
ISO/IEC 20008-2:2013/Amd 2:2023 - Information technology — Security techniques — Anonymous digital signatures — Part 2: Mechanisms using a group public key — Amendment 2 2023-04
ISO/IEC 23837-1:2023 - Information security — Security requirements, test and evaluation methods for quantum key distribution — Part 1: Requirements 2023-08
ISO/IEC 23837-2:2023 - Information security — Security requirements, test and evaluation methods for quantum key distribution — Part 2: Evaluation and testing methods 2023-09
ISO/IEC 24392:2023 - Cybersecurity — Security reference model for industrial internet platform (SRM- IIP) 2023-07
ISO/IEC 24760-1:2019/Amd 1:2023 - IT Security and Privacy — A framework for identity management — Part 1: Terminology and concepts — Amendment 1 2019-05
ISO/IEC 24760-3:2016/Amd 1:2023 - Information technology — Security techniques — A framework for identity management — Part 3: Practice — Amendment 1: Identity Information Lifecycle processes 2023-01
ISO/IEC 27032:2023 - Cybersecurity — Guidelines for Internet security 2023-06
ISO/IEC 27033-7:2023 - Information technology – Network security — Part 7: Guidelines for network virtualization security 2023-11
ISO/IEC 27035-1:2023 - Information technology — Information security incident management — Part 1: Principles and process 2023-02
ISO/IEC 27035-2:2023 - Information technology — Information security incident management — Part 2: Guidelines to plan and prepare for incident response 2023-02
ISO/IEC 27036-3:2023 - Cybersecurity — Supplier relationships — Part 3: Guidelines for hardware, software, and services supply chain security 2023-06
ISO/IEC 27071:2023 - Cybersecurity — Security recommendations for establishing trusted connections between devices and services 2023-07
ISO/IEC 27402:2023 - Cybersecurity — IoT security and privacy — Device baseline requirements 2023-11
ISO/IEC TS 27560:2023 - Privacy technologies — Consent record information structure 2023-08
ISO/IEC TR 27563:2023 - Security and privacy in artificial intelligence use cases — Best practices 2023-05
ISO/IEC 29128-1:2023 - Information security, cybersecurity and privacy protection — Verification of cryptographic protocols — Part 1: Framework 2023-03
ISO/IEC 29134:2023 - Information technology — Security techniques — Guidelines for privacy impact assessment 2023-05

 

The following SC 27 standards were published in 2022

ISO/IEC 15946-5:2022
Information security — Cryptographic techniques based on elliptic curves — Part 5: Elliptic curve generation		 2022-02
ISO/IEC 20009-3:2022
Information security — Anonymous entity authentication — Part 3: Mechanisms based on blind signatures		 2022-02
ISO/IEC 24745:2022
Information security, cybersecurity and privacy protection — Biometric information protection		 2022-02
ISO/IEC 27002:2022
Information security, cybersecurity and privacy protection — Information security controls		 2022-02
ISO/IEC 18033-7:2022
Information security — Encryption algorithms — Part 7: Tweakable block ciphers		 2022-04
ISO/IEC 18045:2022
Information security, cybersecurity and privacy protection — Evaluation criteria for IT security — Methodology for IT security evaluation		 2022-04
ISO/IEC 20897-2:2022
Information security, cybersecurity and privacy protection — Physically unclonable functions — Part 2: Test and evaluation methods		 2022-05
ISO/IEC TR 22216:2022
Information security, cybersecurity and privacy protection — New concepts and changes in ISO/IEC 15408:2022 and ISO/IEC 18045:2022		 2022-05
ISO/IEC 27036-2:2022
Cybersecurity — Supplier relationships — Part 2: Requirements		 2022-06
ISO/IEC TR 5895:2022 
Cybersecurity — Multi-party coordinated vulnerability disclosure and handling		 2022-06
ISO/IEC 27400:2022
Cybersecurity — IoT security and privacy — Guidelines		 2022-06
ISO/IEC 27099:2022
Information technology — Public key infrastructure — Practices and policy framework		 2022-07
ISO/IEC 15408-1:2022
Information security, cybersecurity and privacy protection — Evaluation criteria for IT security — Part 1: Introduction and general model		 2022-08
ISO/IEC 15408-2:2022
Information security, cybersecurity and privacy protection — Evaluation criteria for IT security — Part 2: Security functional components		 2022-08
ISO/IEC 15408-3:2022
Information security, cybersecurity and privacy protection — Evaluation criteria for IT security — Part 3: Security assurance components		 2022-08
ISO/IEC 15408-4:2022
Information security, cybersecurity and privacy protection — Evaluation criteria for IT security — Part 4: Framework for the specification of evaluation methods and activities		 2022-08
ISO/IEC 15408-5:2022
Information security, cybersecurity and privacy protection — Evaluation criteria for IT security — Part 5: Pre-defined packages of security requirements		 2022-08
ISO/IEC 29146:2016/Amd 1:2022
Information technology — Security techniques — A framework for access management — Amendment 1		 2022-08
ISO/IEC 29192-8:2022
Information security — Lightweight cryptography — Part 8: Authenticated encryption		 2022-09

 

Related links

ISO/IEC 27001 - Information security Management System