Navigating the Digital Transformation Towards 50 Years & Beyond: Collaborative Governance & Innovation Cyber Security Standards

Journey of digital transformation towards the future through collaborative governance and innovation in cyber security standards. Learn about the National Standards Body for Papua New Guinea, the structure of the Standards Development Division, and the process of standards development. Discover the significance of adopting ISO/IEC 27000 series standards in cyber security for long-term sustainability. Stay updated on the progress of the Cyber Security Standards Working Group and their focus on short, medium, and long-term plans.

• Digital Transformation
• Cyber Security Standards
• Collaborative Governance
• Innovation
• ISO/IEC

marqu Follow

Uploaded on Mar 14, 2025 | 0 Views

Download Presentation

Please find below an Image/Link to download the presentation.

The content on the website is provided AS IS for your information and personal use only. It may not be sold, licensed, or shared on other websites without obtaining consent from the author.If you encounter any issues during the download, it is possible that the publisher has removed the file from their server.

You are allowed to download the files provided on this website for personal or commercial use, subject to the condition that they are used lawfully. All files are the property of their respective owners.

The content on the website is provided AS IS for your information and personal use only. It may not be sold, licensed, or shared on other websites without obtaining consent from the author.

Presentation Transcript

1. NAVIGATING THE DIGITAL TRANSFORMATION TOWARDS 50 YEARS & BEYOND: COLLABORATIVE GOVERNANCE & INNOVATION CYBER SECURITY STANDARDS WORKING GROUP UPDATE DATE: 01STOCTOBER 2024 PRESENTER: MR RUSSELL KILALEMA PNG NISIT

2. PRESENTATION OUTLINE 1. Overview of NISIT 2. Standards Development Division Structure 3. Overview of Standards Development Process 4. What is ISO/IEC 27000 series? 5. Why adopt cyber security standards? 6. Cyber Security Standards Working Group (CSSWG) 7. Where the CSSWG is now 8. Our Focus on Short-, Medium- and Long-Term Plans

3. OVERVIEW OF NISIT NISIT is the National Standards Body for Papua New Guinea. Mandated under the NISIT ACT 1993, NISIT is responsible for all the standards and conformance activities in PNG. There are 4 technical divisions in NISIT: Standards Development, Accreditation, Certification, Metrology and Radiation Safety and Control. As the name suggests, the development of PNG Standards is the primary role of the Standards Development Division. Hence, the standards developed and/or adopted in the field of Cyber Security is one of the many standards development projects for the division.

4. STANDARDS DEVELOPMENT DIVISION STRUCTURE Executive Manager Standards Development Division COSC Building and Construction Standards Committee MESC Mechanical Standards Committee BISC Biology and Food Standards Committee CHSC Chemical Standards Committee ELSC Electrical Standards Committee ERESC - Electrical and Renewable Energy Sub Committee CSSWG - Cyber Security Standards Working Group

5. OVERVIEW OF THE STANDARDS DEVELOPMENT PROCESS Stage 1.0 Initiation (proposal) Stage 2.0 Development (preparatory) Stage 6.0 Maintenance Stage 3.0 Comment Stage 5.0 Publication Stage 4.0 Approval

6. OVERVIEW OF THE STANDARDS DEVELOPMENT PROCESS Standards undergo a review of at least 5 years to ensure they remain relevant Stage 1.0 Initiation (proposal) Stage 2.0 Development (preparatory) Stage 6.0 Maintenance Documents are published or adopted as National standards ( PNGS ) Stage 3.0 Comment Stage 5.0 Publication Prepare and edit final draft of the document for approval and gazzetal Stage 4.0 Approval

7. The ISO/IEC 27000 series of standards provides best practice recommendation on information security management the management of information risks through information security controls within the context of an information management systems. (ISMS) WHAT IS ISO/IEC 27000 SERIES? These standards outline general methods, management system requirements, techniques and guidelines for information security and privacy. ISO/IEC 27001 Information security, cybersecurity and privacy protection. Is the best-known standard, providing requirements for an information security management system (ISMS). ISMS is a systematic approach to manage sensitive organizational information so that it remains secure. It considers people, processes and IT systems by applying a risk management process. It can help small, medium and large businesses in any sector keep information assets secure. Source: Pacific Islands Cyber Security Standards Cooperation Agenda

8. WHY ADOPT CYBER SECURITY STANDARDS? In 2019, the Cyber Security Regional Standardization Enhancement Program was developed out of a desire to understand the current cyber ecosystem in the Pacific, and to see how international standards could help enhance the security and the stability in the region. Standard Australia, through collaboration and consultation with various industry experts, organizations and representatives from DICT, NICTA, NISIT and other key stakeholders were able to identify priorities in terms of cyber security and standardization, and to develop a comprehensive plan.

9. CYBER SECURITY STANDARDS WORKING GROUP (CSSWG) The CSSWG was established as part of the recommendation arising out of the Cyber Security Regional Standardization Enhancement Program in the Pacific in 2019. The committee is comprised of the following organizations; Department of Information and Communication Technology PNG Computer Society BSP Information Security National Information and Communication Telecommunication Authority Sahul Link PNG Ltd Department of PM & National Executive Council ISACA PNG ( Information Systems Audit and Control Association PNG )

10. WHERE THE CSSWG IS NOW 3.0 COMMENT Circulate ISO/IEC 27000 / 27001 standard for public comments for 2 months Collate comments and distribute to CSSWG members 1.0 Proposed 1/2 TC/WG Meetings Introductory meeting Nomination of Chair 5.0 PUBLICATION NISIT arranges for printing of approved PNGS Arrange for workshop / Seminar Arrange for workshop / Seminar to create awareness and address industry need NOVEMBER 23 JUNE 24 JULY 24 AUGUST 24 SEPTEMBER 24 OCTOBER 24 NOVEMBER 24 DECEMBER 24 4.0 APPROVAL Proposed 2/2 TC Meeting WG to reconvene to agree on final ISO/IEC 27000 / 27001 as DPNGS Preparation of Draft PNGS and submit for approval by DCI Minister Approval is granted by Minister. PNGS is gazetted 2.0 DEVELOPMENT CSSWG to agree on adoption of ISO/IEC 27000 / 27001 Types of publications 6.0 MAINTENANCE Periodic review of standards to ensure they remain relevant

11. Short term: 2021 - 2024 OUR FOCUS ON SHORT, MEDIUM AND LONG TERM PLANS Establishment of NISIT Cyber Security Working Group with a focus on cyber security standards development and engage in collaboration with other ongoing cybersecurity initiatives. CSSWG is now established, and we had 3 meetings this year to discuss, review and/or adopt ISO/IEC 27000 and ISO/IEC 27001. Medium Term: 2024 - 2027 Establish a NISIT Technical Committee specific to ICT/Cyber Security. The committee will formulate a work program for the adoption of the ISO/IEC 27000 series, and other relevant standards as required by the government, regulators, industries, academia and the public. Long Term: 2027 and beyond Implementation on the ISO/IEC 27000 series and other relevant international standards identified as necessary by the Technical Committee.

12. WE NEED YOU Moving forward into the future, there is a need for continued collaboration and consultation with NISIT, DICT, NICTA, Private Sector, NGOs and relevant key players in the ICT industry.

13. THANK YOU!