Latest Articles & Resources

 

IEC 62351

What is IEC 62351?  IEC 62351 is the current standard for security in energy management systems an associated data exchange. It describes measures to comply with the four major requirements for secure data communications/data processing: confidentiality, data...

ETSI-EN 303 645

ETSI EN 303 645  The ETSI EN 303 645 standard, officially titled "Cyber Security for Consumer Internet of Things: Baseline Requirements," represents a pioneering effort to establish a secure foundation for consumer Internet of Things (IoT) devices. It's developed by...

UNECE R156

What is UNECE/R156? UNECE/R156, also known as "United Nations Regulation No. 156 - Uniform provisions concerning the approval of vehicles with regard to software updates and the software update management system", is a regulation that sets out the requirements for...

UNECE R155

What is the UNECE/R155?  UNECE/R155 is the cybersecurity regulation that aims primarily to protect vehicles against 70 specific cybersecurity threats that the UN details in the regulation. To comply with this regulation, manufacturers must create a cybersecurity...

ISO 21434

What is ISO/SAE 21434?  The ISO/SAE 21434 standard for Road Vehicles—Cybersecurity Engineering delineates responsibilities across different stages of automotive product development. It mandates executive management commitment to cybersecurity engineering throughout...

ISO 27002

What is ISO/IEC 27002?  ISO/IEC 27002 is an international standard that provides detailed guidelines for implementing information security controls. It complements ISO 27001, which focuses on the requirements for establishing an Information Security Management System...

ISO 27001

What is ISO/IEC 27001:2022?  ISO/IEC 27001 is an international standard that specifies the requirements for establishing, implementing, maintaining, and continually improving an information security management system (ISMS). It is designed to help organizations manage...

ISO 22301

What is ISO 22301?  The ISO 22301 is a global standard for business continuity planning requirements to help organizations protect themselves against disruptions. The most current version is 22301:2019, Security and resilience - Business continuity management systems...

ISO 18045

What is ISO/IEC 18045?  ISO/IEC 18045 is an international standard on Information security, cybersecurity and privacy protection. It describes the criteria and the methodology for IT security evaluation. It is a document intended to be used along with the ISO/IEC...

ISO 15408

ISO/IEC 15408 Common Criteria ISO/IEC 15408 Common Criteria refers to a global standardization for Information Technology (IT) products and systems security certification. ISO/IEC 15408 is also known as Common Criteria for Information Technology Security Evaluation,...
DORA

DORA

Digital Operational Resilience Act (DORA)  The Digital Operational Resilience Act (Regulation (EU) 2022/2554) addresses a significant issue in EU financial regulation. Previously, financial institutions dealt with major operational risks primarily by allocating...

RED Directive

RED Directive

RED DELEGATED REGULATION  RED Directive (Radio Equipment Directive) is a European Union regulation that establishes technical and safety requirements for radio equipment and telecommunications terminal equipment placed on the European market. Its primary goal is to...

Cyber Resilience Act

Cyber Resilience Act

Cyber Resilence Act  Cyber Resilience Act (CRA) of 2023, is a landmark regulation aimed at bolstering the cybersecurity posture of digital products and services. This comprehensive piece of legislation establishes a robust framework for manufacturers, distributors,...

Network Code on Cybersecurity

Network Code on Cybersecurity

Network Code on Cybersecurity  The Network Code on Cybersecurity (NCC) refers to a European Commission initiative for a regulatory framework aiming to develop rules towards the resilience of the EU critical energy infrastructures, notably including the electricity...

CER Directive

CER Directive

Critical Entities Resilence Directive  CER Directive (Critical Entities Resilience) aims to reduce vulnerabilities and strengthen the physical resilience of critical entities in the European Union (EU) to ensure the uninterrupted provision of services that are...

NIS2 Directive

What is the NIS2 Directive?  NIS2 Directive (Network and Information Security), is the EU-wide legislation on cybersecurity. It provides for legal measures boost the overall level of cybersecurity in the EU. The EU cybersecurity rules introduced in 2016 were updated...