Past Event

The CyberSEA Research Lab will be hosting a session of SECREV 2022: The Cybersecurity Revolution on May 10, 2022. The session will consist of several presentations and a roundtable discussion.

Session Description: The Role of Standards in Engineering Secure Systems

Readily available and accessible standards are often seen to be important in the ensuring minimum levels of security in many arenas, but how much do we know about the role technical and regulatory standards play in promoting cybersecurity practices and fostering cyber-resilience? When engineering security and trustworthy systems, there is a perception that available standards, guidelines, or best practices often lack focus and specificity, making compliance either too difficult or too easy. As a result, many practitioners are never quite sure what needs to be done to demonstrate that they have taken appropriate measures to adequately secure the systems they are developing. To address these issues, recent National Cyber Strategies in both Canada and the United States have underscored the need for more rigorous, outcome-oriented cyber security standards, guidelines, and best practices based on sound technological principles. The aim is to provide better guidance for practitioners to incorporate suitable security measures at all stages of system development, and to generate and gather the evidence needed to support assurance claims can help to improve system security. The presentations and discussion during this session will explore the benefits and drawbacks of standardizing cybersecurity from an engineering perspective and explore ways forward by considering the various stakeholders involved in standards development and compliance.