Organisations today need to move faster than ever before to address both customer and regulator needs while remaining competitive. It makes sense to have an embedded security rganization within and across the rest of the operations, where multiple stakeholders can present their views and address those different needs.
Public and private institutions are introducing regulations on the nature of data and data security. These regulations consider the nature of the free data movement as well as privacy concerns and informed consent. They address the complexity of accessing lots of data from individuals as well as entities and groups. Most of these regulations are in response to the need for data governance, as a consequence of policies and risk.
In addition to security evaluations leading to certification (where testing is based on scheme requirements), Brightsight also offers security evaluation services testing products against cybersecurity standards and regulations. Examples of these are:
- ISO 21434
- UNECE wp29
- ETSI EN 303 645 (IoT)
- Cybersecurity Act
- NIS directive (Industrial/Energy)
- FDA Cybersecurity (Medical)