16.4 C
Nairobi
Wednesday, December 8, 2021

How to access and download KEBS standards for information, cyber security and consumer privacy

Must Read

The Kenya Bureau of Standards (KEBS) has approved forty (40) new standards to enhance information and cybersecurity and safeguard consumer privacy.

The new standards outline various techniques and methods for securing corporate information by an individual or managers charged with the responsibility of ensuring institutional data is safe.

The standards also stipulate a framework for ensuring privacy in information and communication technology (ICT) systems that store and process personally identifiable information (PII).

The new standards will be used by auditors, managers and management teams, trainers and assessors in the ICT

“Consumers are increasingly adopting digital technology, the data generated creates both an opportunity for enterprises to improve customer engagement and a responsibility to keep it safe. The new guidelines provide a robust system to fight against cyber security threats, breach of privacy and other information security measures to ensure that Confidentiality, Integrity and Authenticity (CIA) of information is maintained during the creation, usage, storage and transfer of information,” says Lt Col (Rtd.) Bernard Njiraini, Managing Director, KEBS.

The World Economic Forum Report 2017 places technology threats in the top 5 societal and economic risks by likelihood and scale of impact, next to weapons of mass destruction. The public sector continues to dominate as the primary target of cyberattacks followed by financial services. Globally, 40% of SMEs that experience data breach due to cybersecurity attacks are likely to close within a year.

SUMMARY OF APPROVED STANDARDS

  1. KS ISO/IEC 27007:2020 Information security, cybersecurity and privacy protection — Guidelines for information security management systems auditing
  2. KS ISO/IEC TS 27008:2019 Information technology — Security techniques — Guidelines for the assessment of information security controls
  3. KS ISO/IEC 27009:2020 Information security, cybersecurity and privacy protection — Sector-specific application of ISO/IEC 27001 — Requirements
  4. KS ISO/IEC 27050-1:2019 Information technology — Electronic discovery — Part 1: Overview and concepts
  5. KS ISO/IEC 27050-3:2020 Information technology — Electronic discovery — Part 3: Code of practice for electronic discovery
  6. KS ISO/IEC 27018:2019 Information technology — Security techniques — Code of practice for protection of personally identifiable information (PII) in public clouds acting as PII processors
  7. KS ISO/IEC 14888-3:2018 Information technology — Security techniques — Digital signatures with appendix — Part 3: Discrete logarithm-based mechanisms
  8. KS ISO/IEC 24760-1:2019 IT Security and Privacy — A framework for identity management — Part 1: Terminology and concepts
  9. KS ISO/IEC 30111:2019 Information technology — Security techniques — Vulnerability handling processes
  10. KS ISO/IEC 9798-2:2019 IT Security techniques — Entity authentication — Part 2: Mechanisms using authenticated encryption
  11. KS ISO/IEC 19772:2020 Information security — Authenticated encryption
  12. KS ISO/IEC 18032:2020 Information security — Prime number generation
  13. KS ISO/IEC 13888-1:2020 Information security — Non-repudiation — Part 1: General
  14. KS ISO/IEC 13888-3:2020 Information security — Non-repudiation — Part 3: Mechanisms using asymmetric techniques
  15. KS ISO/IEC 11770-5:2020 Information security — Key management — Part 5: Group key management
  16. KS ISO/IEC 29192-2:2019 Information security — Lightweight cryptography — Part 2: Block ciphers
  17. KS ISO/IEC 18013-2:2020 Personal identification — ISO-compliant driving licence — Part 2: Machine-readable technologies
  18. KS ISO/IEC 29184:2020 Information technology — Online privacy notices and consent
  19. KS ISO/IEC 22624:2020 Information technology — Security techniques — Privacy architecture framework
  20. KS ISO/IEC 23188:2020 Information technology — Cloud computing — Edge computing landscape
  21. KS ISO/IEC 23613:2020 Information technology — Cloud computing — Cloud service metering elements and billing modes
  22. KS ISO/IEC 23951:2020 Information technology — Cloud computing — Guidance for using the cloud SLA metric model
  23. KS ISO/IEC 19086-4:2019 Cloud computing — Service level agreement (SLA) framework — Part 4: Components of security and of protection of PII
  24. KS ISO/IEC TS 19608:2018 Guidance for developing security and privacy functional requirements based on ISO/IEC 15408
  25. KS ISO/IEC 19896-2:2018 Information technology — security techniques — Competence requirements for information security testers and evaluators — Part 2: Knowledge, skills and effectiveness requirements for ISO/IEC 19790 testers
  26. KS ISO/IEC 19896-3:2018 Information technology — security techniques — Competence requirements for information security testers and evaluators — Part 3: Knowledge, skills and effectiveness requirements for ISO/IEC 15408 evaluators (First Edition)
  27. KS ISO/IEC TS 20540:2018 Information technology — Security techniques — Testing cryptographic modules in their operational New environment
  28. KS ISO/IEC 20889:2018 Privacy enhancing data de-identification terminology and classification of techniques
  29. KS ISO/IEC 21878:2018 Information technology — Security techniques — Security guidelines for design and implementation of virtualized servers
  30. KS ISO/IEC 27034-3:2018 Information technology — Application security — Part 3: Application security management process
  31. KS ISO/IEC 27034-7:2018 Information technology — Application security — Part 7: Assurance prediction framework
  32. KS ISO/IEC TS 27034-5-1:2018 Information technology — Application security — Part 5-1: Protocols and application security controls data structure, XML schemas
  33. KS ISO/IEC 27050-2:2018 Information technology — Electronic discovery — Part 2: Guidance for governance and management of electronic discovery
  34. KS ISO/IEC 29101:2018 Information technology — Security techniques — Privacy architecture framework
  35. KS ISO/IEC 19086-2:2018 Cloud computing — Service level agreement (SLA) framework — Part 2: Metric model
  36. KS ISO/IEC TR 22678:2019 Cloud computing — Guidance for policy development
  37. KS ISO/IEC TR 23186:2018 Cloud computing — Framework of trust for processing of multi-sourced data
  38. KS ISO/IEC 20924:2018 Internet of Things — Vocabulary
  39. KS ISO/IEC 30140-3:2018 Underwater acoustic sensor network (UWASN) — Part 3: Entities, interface and Interoperability
  40. KS ISO/IEC 30140-1:2018 Information technology — Underwater acoustic sensor network (UWASN)

How to access and download KEBS Standards

To access a full list of the Standards approved or confirmed by the National Standards Council in May 2021, please visit the KEBS website www.kebs.org under what we do < Standards development.>SAC approved standards or using the link https://kebs.org/index.php?option=com_phocadownload&view=category&id=62:year-2020&Itemid=134

- Advertisement -
- Advertisement -
Latest News

Shelter Afrique Voted Africa’s Top Real Estate Financier

Pan African housing development financier, Shelter Afrique has won the Africa's Best Real Estate Finance Company Award for the year 2021. The...
- Advertisement -

More Articles Like This

- Advertisement -