CS1 - Cyber Security

About This Committee

INCITS/CS1 was established in April 2005 to serve as the US TAG for ISO/IEC JTC 1/SC 27 and all SC 27 Working Groups. The INCITS/CS1 area of work includes standardization in the following areas:

*Management of information security and systems
*Management of third party information security service providers
*Intrusion detection
*Network security
*Incident handling
*IT Security evaluation and assurance
*Security assessment of operational systems
*Security requirements for cryptographic modules

Protection profiles
* Role based access control
*Security checklists
*Security metrics
*Cryptographic and non-crytographic techniques and mechanisms including:
* confidentiality
* entity authentication
* non-repudiation
* key management
* data integrity
* message authentication
* hash-functions
* digital signatures

*Future service and applications standards supporting the implementation of control objectives and controls as
defined in IS 27001, in the areas of:
* business continuity
* outsourcing

*Identity management, including:
* identity management framework
* role based access control
* single sign-on
*Privacy technologies, including:
* privacy framework
* privacy reference architecture
* privacy
* anonymity and credentials
* specific privacy enhancing technologies

The scope of CS1 explicitly excludes the areas of work on cyber security standardization presently underway in INCITS B10, M1, T3, T10 and T11; as well as other standard groups, such as ATIS, IEEE, IETF, TIA, and X9.

Group Participants

  • NIST
  • NetApp Inc
  • Oracle
  • Orcatec
  • Plum Hall Inc
  • Raytheon Company
  • Ricoh Corporation
  • Salesforce.com
  • Scott S. Perry CPA PLLC
  • Symantec
  • The Open Group
  • Unified Compliance Framework
  • United States Dept of Defense
  • United States Dept of Defense - NSA
  • United States Dept of Homeland Security
  • Utilities Telecom Council
  • VHA CHIO
  • WidePoint Corporation
  • Yaana Technologies
  • Zygma LLC
  • kCura
  • Alcatel-Lucent
  • Amazon Web Services Inc
  • Atsec Information Security Corporation
  • Booz Allen & Hamilton Inc
  • CERT Coordination Center
  • Cisco Systems Inc
  • Cummings
  • Data Security Inc
  • Deloitte
  • EMC Corporation
  • Futurewei Technologies Inc
  • Gemalto
  • HackerOne
  • Hewlett-Packard Company
  • Hitachi Data Systems
  • Intel Corporation
  • International Association of Privacy Professionals (IAPP)
  • Kantara Initiative
  • Lexmark International
  • Microsoft Corporation
  • Mitre Corporation