Cybersecurity and Privacy

  Group Description  
The scope of Technical Committee INCITS/Cybersecurity and Privacy is focused on the development of international standards in information security, cybersecurity, and privacy protection. This includes generic methods, techniques, and guidelines to address both security and privacy aspects, such as:

o Management of cybersecurity; in particular, information security management system (ISMS) standards, security processes, security controls and services.
o Cryptographic and other security mechanisms, including but not limited to mechanisms for protecting the accountability, availability, integrity and confidentiality of information.
o Security management support documentation including terminology, guidelines as well as procedures for the registration of security components.
o Security aspects of identity management, biometrics, and privacy.
o Conformance assessment, accreditation, and auditing requirements in the area of information security management systems.
o Security evaluation criteria and methodology and security requirements for cryptographic modules.
o Security requirements capture methodology.

The scope of CS1 also includes the development of U.S. standards in information security, cybersecurity, and privacy protection. Additionally, CS1 can collaborate with other INCITS technical committee to ensure that security and privacy are adequately addressed in U.S. standards that do not have information security, cybersecurity, and privacy protection as a primary focus.

The scope of CS1 explicitly excludes the areas of work on cyber security standardization presently underway in INCITS B10, M1, T3, T10 and T11 as well as other standard groups, such as ATIS, IEEE, IETF, TIA, and X9.

Note: This technical committee was formerly known as INCITS/CS1 until January 2022.