Monthly newsletter Weekly news roundup Breaking news notification    

ENISA issues six recommendations for information security certifications in Europe

Get free weekly news by e-mailThe European Network and Information Security Agency, ENISA’s, latest report gives an overview on information security certifications of products, people and processes. It addresses common concepts, definitions, certifications of different types, as well as clarifies the mandatory and legal background for some certifications. It also explores the analogies and disparities between a number of existing certification schemes. Finally, it analyses current trends in certification and offers six recommendations to improve network and information security in Europe through a wider use of security certification.

Some of the key ENISA recommendations in the report include:

* Generally speaking, organisations should verify their information security management systems, choose certified security products and encourage security employees to choose appropriate personal information security certifications.

* For processes, the development of the complementary standards of the 27000 family for public and private organisations should be encouraged, e.g. an ISO27001 ‘light’ for SMEs.

* As concerns products, the EU should extend the intergovernmental Mutual Recognition Agreement on Common Criteria to all Member States, as a tool for a more secure e-communication market. EU Framework Programme 7 should sponsor research to analyse the economics of the certification of products.

* The EU should strength accreditation schemes related to people certification in IT security and encourage the development of people certification adapted to different profiles, from the end-user level (Computer Driving Licence) to the most professional one (e.g. IT security officer).The EU should also reinforce bridges between education (schools and universities) and the certification process (private training and certificate providers).

Read the full report (PDF).

Date: 13th March 2008• Region: UK/W.Europe •Type: Article •Topic: ISM
Rate this article or make a comment - click here

BC Journal



Copyright 2008 Portal Publishing LtdPrivacy policyContact usSite mapNavigation help