Cyberspace is a complex environment consisting of interactions between people, software and services, supported by worldwide distribution of information and communication technology (ICT) devices and networks. Collaboration is essential to ensure a safe online environment. The new standard addresses security gaps arising from the lack of communication between the different users and providers of cyberspace. It tackles any risks not covered by current Internet, network and information and communication technology security.

Johann Amsenga, Convenor of the working group that developed the standard explains, “Devices and connected networks that support cyberspace have multiple owners – each with their own business, operational and regulatory concerns. Not only do the different users and providers share little or no input, but each has a different focus when dealing with security. Such a fragmented state opens up vulnerabilities in cyberspace. ISO/IEC 27032 will provide an overarching, collaborative, multi-stakeholder solution to reduce these risks.”

ISO/IEC 27032 provides a framework for:

• Information sharing
• Coordination
• Incident handling

The standard facilitates secure and reliable collaboration that protects the privacy of individuals everywhere in the world. In this way, it can help to prepare, detect, monitor, and respond to attacks such as:

• Social engineering attacks
• Hacking
• Malicious software (malware)
• Spyware
• Other unwanted software

ISO/IEC 27032:2012, Information technology – Security techniques – Guidelines for cybersecurity, was developed by joint technical committee ISO/IEC JTC 1, Information technology, subcommittee SC 27, IT security techniques. It costs 154 Swiss francs and is available from ISO national member institutes (see the complete list with contact details) and from ISO Central Secretariat through the ISO Store or by contacting the Marketing, Communication and Information department.