Humble Hamilton is set to be a buzz of activity in April as a major cybersecurity forum comes to town.
Hosted by Cloud Security Alliance on behalf of Standards New Zealand, the annual International Organization for Standardization (ISO) event will bring together 400 cybersecurity experts to discuss major security and privacy issues.
Dr Ryan Ko, the University of Waikato’s Head of Cyber Security Lab, says the event is one of two held each year by ISO, which aims to shape how the industry progresses and operates.
“The SC 27 working groups create and manage prominent international security and privacy standards such as the ISO/IEC 27001 and ISO/IEC 27018, which are used to evaluate the best practices of major organisations. With the support of Tourism New Zealand, we were able to win the hosting bid ahead of prominent member nations such as China. This is a great achievement for New Zealand cyber security on the global stage,” Ko says.
ISO is an independent organisation that now includes 163 national standards bodies, including Standards New Zealand. The ISO standards, developed by international experts in response to request from industry or stakeholders such as consumer groups. ISO standards include the ISO/IEC 27000 series.
Ko is the principal investigator in the $12.2 million MBIE-funded project STRATUS (Security Techniques Returning Accountability, Trust and User-centric Services in the Cloud), a six-year-long programme that aims to create a suite of security capabilities, techniques and tools that return data control back to cloud computing users.
The STRATUS project is made up of New Zealand’s leading cloud researchers and practitioners from the University of Waikato, University of Auckland, Unitec Institute of Technology and Cloud Security Alliance.
Ko says participation in ISO standards is crucial to STRATUS to ensure its products meet a recognised international standard. He has been involved as an editor in both the cyber security international standards committee SC27.
In April 2015, Ko proposed a new project for a new cybersecurity standard, 'Security guidelines for design and implementation of virtualised servers'.