ANSI - American National Standards Institute
 Print this article  Previous Next 

ISO and IEC Release Information Security Standard to Help Detect IT Intrusions


New York, Jul 11, 2006

Information system security violations—such as network intrusion, data sabotage and the diffusion of malware—pose a serious threat to businesses and organizations worldwide. Such breaches put important personal, financial, and security information at risk, and account for nearly 15 billion dollars in financial losses each year. With the type and scope of computer security attacks growing in sophistication, information system security has become a focal concern of businesses around the world.

A new standard published by the International Organization for Standardization (ISO) and the International Electrotechnical Commission (IEC) is designed to help organizations identify and respond to information system security violations. ISO/IEC 18043:2006, Information Technology – Security Techniques – Selection, Deployment and Operations of Intrusion Detection Systems guides the selection and implementation of an intrusion detection system (IDS)—a security management tool that detects and signals anomalous network activity. Scanning all inbound and outbound network traffic, an IDS identifies and responds to suspicious attempts to access or modify networks and data, deploy spyware, or spread destructive viruses throughout the system.

"One of the problems that businesses have is being able to detect when their systems are being intruded upon in order that effective action can be taken to prevent harm or loss to their assets,” said Ted Humphreys, one of the standard’s lead developers. “The development of ISO/IEC 18043:2006 is an important step forward in dealing with the growing problem of intrusions and provides a good basis for progressing solutions and implementations.”

ISO/IEC 18043:2006 guides an organization through the selection, deployment, and management of an IDS. The document outlines various deployment strategies for integrating an IDS into an organization's security practices and provides a checklist to identify the features of a system that are most appropriate for a specific IT environment. In addition, ISO/IEC 18043 provides guidance on managing alerts as well as the management and legal considerations associated with the use of an IDS.

The standard was developed by ISO/IEC Joint Technical Committee 1 on Information Technology (JTC 1), and its subcommittee on IT security techniques (SC 27).

 Homeland Defense and Security Standardization Collaborative