Upload
tory
View
54
Download
0
Embed Size (px)
DESCRIPTION
PASC XXVIII. Special session on what PASC can do to contribute to the WSC (World Standards Cooperation) of ISO, IEC and ITU 22 June, 2005. Presented by Dr. George W. Arnold Chairman of the Board of Directors American National Standards Institute. Security: More than Preventing Terrorism. - PowerPoint PPT Presentation
Citation preview
1
PASC XXVIII Special session on what PASC can do to contribute to the WSC (World Standards Cooperation) of ISO,
IEC and ITU 22 June, 2005
Presented by
Dr. George W. ArnoldChairman of the Board of Directors
American National Standards Institute
PASC XXVIII22 June, 2005
Slide 2
PASC XXVIII22 June, 2005
Slide 3
Security: More than Preventing Terrorism
Earthquakes 13,000 fatalities / year
Transportation disasters 7,800 “
Epidemics 6,500 “
Floods 5,000 “
Industrial disasters 2,900 “
Terrorism 2,500 “
Catastrophic storms 1,300 “
Internet attacks 140,000 incidents/yearSources: WHO, CERT
PASC XXVIII22 June, 2005
Slide 4
ISO Advisory Group on Security (AGS)
ISO launched AGS in February 2004 to examine area of international security standards
IEC and ITU were consulted and involved, but focus of this effort was on ISO deliverables in this area Examination of existing ISO deliverables related to the field of
security, an assessment of the needs of relevant stakeholders for international security standards, and recommendations regarding any gaps that are identified
Meetings in New York City (June) and Geneva (September), with teleconference and e-mail collaboration in between
Final report submitted to ISO TMB in December 2004
PASC XXVIII22 June, 2005
Slide 5
Advisory Group Membership
Members AU – Bala Balakrishnan CA – Alice Sturgeon
Husam Mansour DE – Hans-Peter Grode FR – Jean-Marie Decore IL – Avi Ginzburg JP – Ichiro Nakajima NL – Herman Schipper UK – Ted Humphries US – Kathleen Higgins
Chair George Arnold, US
ISO CS Secretariat Mike Smith Keith Brannon
Liaisons IEC – Tim Rotti ITU – Herb Bertine CEN – Alois Sieber
PASC XXVIII22 June, 2005
Slide 6
Questions
What standards are needed? Which already exist? Are they up-to-date? What are the gaps? Where should ISO contribute to address
these gaps?
PASC XXVIII22 June, 2005
Slide 7
ISO Technical Committees Related to Security
Ships and marine technology Aircraft and space vehicles Fire protection and fire safety Food products Financial services Nuclear energy Personal safety – protective
clothing and equipment Design of structures Freight containers Air Quality
Intelligent transportation systems
Environmental management Health informatics Drinking water supply and water
quality Cards and personal identification IT security Biometrics Automatic identification and
data capture
PASC XXVIII22 June, 2005
Slide 8
Observations
35 of 205 ISO TCs have work related to security Some very key activities – biometrics, detecting illicit
movement of radioactive material, maritime port security, information security, …
No work on some topics – emergency preparedness, security of petroleum facilities (there are reasons for this), chemical plants
Outdated standards in some areas (e.g. buildings) Opportunities for new standards (e.g. detecting contamination
of water, food, air supply) Currently, bottom-up process
PASC XXVIII22 June, 2005
Slide 9
Recommendations (1)
ISO Strategic Advisory Group on Security ISO/IEC Guidelines for Technical Committees Web Portal Security Management Framework Standard Emergency Preparedness Standard Reactivate TC 223 on Civil Defense
PASC XXVIII22 June, 2005
Slide 10
Recommendations (2)
Updated and/or New Standards Needs Built Infrastructure Protection for First Responders Equipment for First Responders Healthcare – Infection Control Resources – Security Aspects of Air, Food, Water
Supply Cybersecurity Personal Identification
PASC XXVIII22 June, 2005
Slide 11
Recommendations (3)
Transportation Ships, marine ports, intermodal supply chain – active
work program underway, coordinated by TC 8, but needs to be extended to include land transport
Air, rail, and road transport Current work addresses identity cards, biometrics,
freight container seals, RFID and IT security Potential to address additional requirements requires
consultation with intergovernmental organizations (e.g. ICAO, UIC, UN/ECE)
PASC XXVIII22 June, 2005
Slide 12
Opportunities for PASC
As PASC members are on many ISO technical committees impacted by this report, looking to you for support and also suggestions for successful implementation of the recommendations
PASC could pass resolution encouraging participation on the ISO SAG to be open to all ISO national bodies and IEC national committees
Participate on the joint ISO/IEC group to prepare a Guide on the inclusion of security aspects in International Standards
PASC XXVIII22 June, 2005
Slide 13
Opportunities for PASC (cont.)
Upon its publication, review and provide feedback on PAS 28000 (currently being developed by ISO/TC 8) as a security management system framework standard
Provide input to ISO/CS concerning the establishment of web portal on the subject of security
Participate through ISO P-memberships on ISO/TC 223 – Civil defence
Upon its formation, participate in the workshop that will prepare an IWA on the subject of emergency preparedness
PASC XXVIII22 June, 2005
Slide 14
Conclusion
Evident that ISO and WSC has a large role to play in international security standardization
All recommendations were accepted by ISO TMB at February 2005 meeting
Initial implementation steps set in motion Permanent Strategic Advisory Group on Security to be formed
following June TMB meeting Number of opportunities for PASC member involvement and input For further information:
George W. Arnold, [email protected], +1.732.949.1029