Europe strives to standardise cybersecurity

The EU Network and Information Security Agency (ENISA) has joined forces with the semiconductor industry in a bid to improve the continent’s cybersecurity.

Scott Bicheno

May 24, 2017

2 Min Read
Europe strives to standardise cybersecurity

The EU Network and Information Security Agency (ENISA) has joined forces with the semiconductor industry in a bid to improve the continent’s cybersecurity.

As ever region-wide initiatives such as this tend to be glacial affairs, but this announcement comes at a time when both cyber and physical security are especially prominent topics. The aims of the collaboration are summarised in a position paper, which focuses on four main areas: standardisation and certification, security processes and services, security requirements and implementation, and the economic dimensions.

The main European semiconductor partners are Infineon, NXP and ST Microelectronics. While the recent ransomware epidemic illustrated the vulnerability of legacy IT systems, this initiative seems to be designed more to address emerging security issues, especially around IoT. The exposure of massive organisations such as the NHS in the UK served to illustrate just how much more vulnerable we could all be when a zillion more devices are connected to the network.

The highest set of priorities are around standardisation including baseline requirements for IoT security and privacy that cover the essentials for trust, for example: rules for authentication/authorization, which should set mandatory reference levels for trusted IoT solutions. The other area considered to be highest priority is interoperability, which should be facilitated by standardisation.

“Trusted solutions and a common defined level for the security and privacy of connected and smart devices is both recommended and needed, to allow Europe to reap the benefits of soon to become ubiquitous technologies, said ENISA’s Executive Director Udo Helmbrecht. “As such, standardisation and certification have been identified as a priority, to accelerate the level playing field for the entire industry and reflect the trust of citizens, consumers and businesses in the connected environment”.

“This initiative will increase the much-needed awareness for security in IoT devices and organize a collective effort to establish important standards to help deliver it, which will ultimately bring big benefits to consumers and businesses,” said Marie-France Florentin GM of Secure Microcontroller Division at STMicroelectronics.

Not many companies put security at the top of their investment wish list as it’s rarely revenue-generating, but every time an organisation loses significant sums of money due to a cyber-attack that position is compromised. If we’re going to move the control of everything from devices to the network into the cloud, security needs to be improved considerably.

About the Author

Scott Bicheno

As the Editorial Director of Telecoms.com, Scott oversees all editorial activity on the site and also manages the Telecoms.com Intelligence arm, which focuses on analysis and bespoke content.
Scott has been covering the mobile phone and broader technology industries for over ten years. Prior to Telecoms.com Scott was the primary smartphone specialist at industry analyst Strategy Analytics’. Before that Scott was a technology journalist, covering the PC and telecoms sectors from a business perspective.
Follow him @scottbicheno

Subscribe and receive the latest news from the industry.
Join 56,000+ members. Yes it's completely free.

You May Also Like