1、 ETSI TR 103 306 V1.3.1 (2018-08) CYBER; Global Cyber Security Ecosystem TECHNICAL REPORT ETSI ETSI TR 103 306 V1.3.1 (2018-08) 2 Reference RTR/CYBER-0038 Keywords cybersecurity, ecosystem ETSI 650 Route des Lucioles F-06921 Sophia Antipolis Cedex - FRANCE Tel.: +33 4 92 94 42 00 Fax: +33 4 93 65 47
2、 16 Siret N 348 623 562 00017 - NAF 742 C Association but non lucratif enregistre la Sous-Prfecture de Grasse (06) N 7803/88 Important notice The present document can be downloaded from: http:/www.etsi.org/standards-search The present document may be made available in electronic versions and/or in p
3、rint. The content of any electronic and/or print versions of the present document shall not be modified without the prior written authorization of ETSI. In case of any existing or perceived difference in contents between such versions and/or in print, the only prevailing document is the print of the
4、 Portable Document Format (PDF) version kept on a specific network drive within ETSI Secretariat. Users of the present document should be aware that the document may be subject to revision or change of status. Information on the current status of this and other ETSI documents is available at https:/
5、portal.etsi.org/TB/ETSIDeliverableStatus.aspx If you find errors in the present document, please send your comment to one of the following services: https:/portal.etsi.org/People/CommiteeSupportStaff.aspx Copyright Notification No part may be reproduced or utilized in any form or by any means, elect
6、ronic or mechanical, including photocopying and microfilm except as authorized by written permission of ETSI. The content of the PDF version shall not be modified without the written authorization of ETSI. The copyright and the foregoing restriction extend to reproduction in all media. ETSI 2018. Al
7、l rights reserved. DECTTM, PLUGTESTSTM, UMTSTMand the ETSI logo are trademarks of ETSI registered for the benefit of its Members. 3GPPTM and LTETMare trademarks of ETSI registered for the benefit of its Members and of the 3GPP Organizational Partners. oneM2M logo is protected for the benefit of its
8、Members. GSMand the GSM logo are trademarks registered and owned by the GSM Association. ETSI ETSI TR 103 306 V1.3.1 (2018-08) 3 Contents Intellectual Property Rights 4g3Foreword . 4g3Modal verbs terminology 4g3Executive summary 4g3Introduction 5g31 Scope 7g32 References 7g32.1 Normative references
9、. 7g32.2 Informative references 7g33 Definitions and abbreviations . 7g33.1 Definitions 7g33.2 Abbreviations . 8g34 Global cyber security ecosystem 18g34.1 Organization of the ecosystem forums and activities . 18g34.2 Fora that develop techniques, technical standards and operational practices . 19g3
10、4.3 Major IT developer forums affecting cyber security 27g34.4 Activities for continuous information exchange . 28g34.5 Centres of excellence 29g34.6 Reference libraries, continuing conferences, and publications . 30g34.7 Heritage sites and historical collections . 31g34.8 Additional exchange source
11、s and methods . 32g34.8.1 Twitter accounts 32g34.8.2 Web sites . 32g34.8.3 Diffusion lists 33g3Annex A: National cyber security ecosystems . 34g3Annex B: Relationship diagrams 54g3Annex C: Bibliography 55g3History 56g3ETSI ETSI TR 103 306 V1.3.1 (2018-08) 4 Intellectual Property Rights Essential pat
12、ents IPRs essential or potentially essential to normative deliverables may have been declared to ETSI. The information pertaining to these essential IPRs, if any, is publicly available for ETSI members and non-members, and can be found in ETSI SR 000 314: “Intellectual Property Rights (IPRs); Essent
13、ial, or potentially Essential, IPRs notified to ETSI in respect of ETSI standards“, which is available from the ETSI Secretariat. Latest updates are available on the ETSI Web server (https:/ipr.etsi.org/). Pursuant to the ETSI IPR Policy, no investigation, including IPR searches, has been carried ou
14、t by ETSI. No guarantee can be given as to the existence of other IPRs not referenced in ETSI SR 000 314 (or the updates on the ETSI Web server) which are, or may be, or may become, essential to the present document. Trademarks The present document may include trademarks and/or tradenames which are
15、asserted and/or registered by their owners. ETSI claims no ownership of these except for any which are indicated as being the property of ETSI, and conveys no right to use or reproduce any trademark and/or tradename. Mention of those trademarks in the present document does not constitute an endorsem
16、ent by ETSI of products, services or organizations associated with those trademarks. Foreword This Technical Report (TR) has been produced by ETSI Technical Committee Cyber Security (CYBER). Modal verbs terminology In the present document “should“, “should not“, “may“, “need not“, “will“, “will not“
17、, “can“ and “cannot“ are to be interpreted as described in clause 3.2 of the ETSI Drafting Rules (Verbal forms for the expression of provisions). “must“ and “must not“ are NOT allowed in ETSI deliverables except when used in direct citation. Executive summary The present document is a basic referenc
18、e document for undertaking the responsibilities, areas of activity, organization and working methods enumerated in the Terms of Reference for Cyber Security Technical Committee. Cyber security is inherently diverse, dynamic, and spread across a complex array of bodies and activities worldwide, and c
19、onstitutes a specialized ecosystem. The Committees effectiveness is predicated in large measure by constantly discovering, analysing, and understanding the diverse requirements and work occurring in this ecosystem in some kind of structured fashion. The present document should also be useful to the
20、many constituents that are part of the cyber security ecosystem. The present document attempts to discover and assemble enumerated lists in alphabetic order of global cyber security constituents. It attempts to be as inclusive as possible to expand collective insight into the extent and diversity of
21、 the ecosystem: Fora that develop techniques, technical standards and operational practices. Major IT developer forums affecting cyber security. Activities for continuous information exchange. Global and national centres of excellence. Reference libraries, continuing conferences, and publications. H
22、eritage sites and historical collections. ETSI ETSI TR 103 306 V1.3.1 (2018-08) 5 The present document is augmented by annex A which contains national cyber security ecosystems that have been published in national cyber security strategies and publicly available material. Where groups exist within a
23、 common organization, they are grouped together. Only brief summaries of bodies are included, and available URLs are provided for further information. Where the body or activity is significantly associated with a national or regional government, that relationship forms the basis of the alphabetic or
24、der. The present document also includes an extensive list of acronym abbreviations and an annex of use cases of the relationships among the different groups. This ecosystem changes constantly, so URIs provide links to the activities for the latest information. The present document may also be implem
25、ented on the ETSI website to allow continuing maintenance both by the ETSI Secretariat research, outreach and cooperation with the included forums. Introduction Cyber security consists of a continuing cycle of structured actions to: Identify (understand state and risks to systems, assets, data, and
26、capabilities) Protect (implement the appropriate safeguards) Detect (implement ability to identify a cybersecurity event) Respond (implement ability to take action following a cybersecurity event) Recover (implement resilience and restoration of impaired capabilities) All of these activities rely on
27、 the trusted, timely sharing of related structured information. See figure 1. Almost every provider or major user of information or communication of products and services today is involved in a large array of bodies and activities advancing these actions and constitutes a cyber security ecosystem at
28、 global regional, national, and local levels down small business, households and individuals. All those involved in the ecosystem seek solutions to protect the integrity and availability of their communications and information to the extent that is feasible and within cost constraints. As is apparen
29、t from the present document, there is so much information and activity, it has created what one notable security community leader describes as “a fog of more“. Indeed, some of the activities now ongoing are dedicated to distilling and prioritizing the techniques and mechanisms that have been produce
30、d by other groups. There are so many cyber security activities occurring today in diverse, frequently insular industry, academic, and government groups, that it is beyond the comprehension of any single persons or groups ability to discover and understand them all. The existence of an ecosystem livi
31、ng document in the form of the present document that is structured, regularly updated, and collectively maintained by everyone helps itself to strengthen cyber security. Especially significant is the recent publication of a large array of formal national cyber security strategy plans and related mat
32、erial in countries worldwide which describe individual national ecosystems that are profiled in annex A. Discovering and providing a common structured understanding of these national ecosystems is ultimately essential to global cyber security work such as that of the Technical Committee for Cyber Se
33、curity. ETSI ETSI TR 103 306 V1.3.1 (2018-08) 6 Figure 1: Basic components of the cyber security ecosystem ETSI ETSI TR 103 306 V1.3.1 (2018-08) 7 1 Scope The present document provides a structured overview of cyber security work occurring in multiple other technical forums worldwide. The overview i
34、ncludes global identification of Cyber Security Centres of Excellence, heritage sites, historical collections, and reference libraries. It is intended to be continuously updated to account for the dynamics of the sector. 2 References 2.1 Normative references Normative references are not applicable i
35、n the present document. 2.2 Informative references References are either specific (identified by date of publication and/or edition number or version number) or non-specific. For specific references, only the cited version applies. For non-specific references, the latest version of the referenced do
36、cument (including any amendments) applies. NOTE: While any hyperlinks included in this clause were valid at the time of publication, ETSI cannot guarantee their long term validity. The following referenced documents are not necessary for the application of the present document but they assist the us
37、er with regard to a particular subject area. i.1 Recommendation ITU-T X.1205 (04/2008): “Overview of cybersecurity“. i.2 ISO/IEC JTC-1 SC 27: “Standing Document 6 (SD6): Glossary of IT Security Terminology,“ N12806 (2013.10.03). i.3 NIST SP 800-70: “National Checklist Program for IT Products: Guidel
38、ines for Checklist Users and Developers“. 3 Definitions and abbreviations 3.1 Definitions For the purposes of the present document, the following terms and definitions apply: centre of excellence: educational or research frequently denominated as a museum information exchange mechanism: real or virt
39、ual activity established for providing continuing structured exchange of cyber security information content reference library: collection of available published material useful for consultation for cyber security purposes NOTE: The present document also includes significant dedicated publications in
40、 this category. techniques, technical standards and operational practices forum: any continuing body established for the purposes of reaching agreement on techniques, technical standards or operational practices for enhancing cyber security 3.2 Abbreviations For the purposes of the present document,
41、 the following abbreviations apply: NOTE: Not all abbreviations are used in the present document. Some are included purposely to provide a unique global reference set of cyber security abbreviations. 3GPP 3rdGeneration Partnership Project A*STAR Agency for Science, Technology and Research (Singapore
42、) ABW Agencja Bezpieczenstwa Wewnetrznego (Poland) AC Authentication Code (TCG) ACDC Advanced Cyber Defence Centre ACE-CSR Academic Centres of Excellence in Cyber Security Research ACI Austrian Critical Infrastructure (Austria) ACI sterreichische kritische Infrastruktur (Austria) ACMA Australian Com
43、munications and Media Authority (Australia) ACSS Austrian Cyber Security Strategy (Austria) ADCC Algemene Directie Crisiscentrum (Belgium) ADIV Algemene Dienst Inlichting en Veiligheid (Belgium) AEPD Spanish Data Protection Agency (Spain) AFNOR Association Franaise de Normalisation (France) AFP Aust
44、ralian Federal Police (Australia) AGCOM Autorit per le Garanzie nelle Comunicazioni (Italy) AGIMO Australian Government Information Management Office (Australia) AIK Attestation Identity Key (TCG) AIOTI Alliance of IOT Innovation AISI Australian Internet Security Initiative (Australia) AMSS Anti-Mal
45、ware Support Services Working Group (IEEE) ANS Autorit National de Scurit (Belgium) ANSAC ASEAN Network Security Action Council ANSES Ambient Network Secure Eco System (Singapore) ANSSI Agence Nationale de la Scurit des Systmes dInformation (France) ANSSI Agence Nationale de la Scurit des Systmes dI
46、nformation (Luxembourg) APCERT Asia Pacific Computer Emergency Response Team (Japan) APCIP Austrian Programme for Critical Infrastructure Protection (Austria) APCIP sterreichisches Programm zum Schutz kritischer Infrastruktur (Austria) ETSI ETSI TR 103 306 V1.3.1 (2018-08) 9 APT Advanced Persistent
47、Threat ARF Assessment Results Format or Asset Reporting Format ARIB Association of Radio Industries and Businesses (Japan) ASD Australian Signals Directorate (Australia) ASEAN CERT Association of Southeast Asian Nations CERT ASIO Australian Security Intelligence Organisation (Australia) A-SIT Secure
48、 Information Technology Centre - Austria (Austria) A-SIT Zentrum fr sichere Informationstechnologie - Austria (Austria) ASS Austrian Security Strategy (Austria) ATIS Alliance for Telecommunications Industry Solutions BBK Bundesamt fr Bevlkerungsschutz und Katastrophenhilfe (Germany) BBK Biuro Badan
49、Kryminalistycznych (Poland) BCM Business Continuity Management (Germany) BCSS Banque-Carrefoir de la Scurit Sociale (Belgium) Belac Organisme belge daccrditation (Belgium) Belac Belgische accredidatie-instelling (Belgium) Belnet Belgian national research network (Belgium) BelNIS Belgian Network Information Security (Belgium) BEREC Euroopan shkisen viestinnn sntelyviranomaisten yhteistyelin (Finland) BEREC Body of European Regulators for Electronic Communications (Norway) BfV Bundesamt fr Verfassungsschutz (Germany) BLO
