Certifications and cybersecurity methodologies are generating interest among companies and organizations at both the national and international levels.

Blog

- Sept

2023

Posted by: José Ruiz

Certifications and cybersecurity methodologies are generating interest among companies and organizations at both the national and international levels.

At jtsec, we have always supported and promoted the building of a more cyber-secure world, and if we can help by sharing our experience, we are more than satisfied. When we talk about cybersecurity assessment methodologies and schemes for IT products, sharing knowledge with the community is one of the most powerful tools we have at our disposal.

Last week, for instance, we collaborated on two webinars. These types of events are one of the most widely used dissemination methods today and have the greatest potential to reach various target audiences. Users, businesses, and public entities all benefit from this format, which also allows for connectivity and visibility from anywhere.

We would like to express our gratitude to both Checkpoint Technologies and the Taiwan Association of Information and Communication Standards (TAICS) for considering us to collaborate on these presentations:

The advantage of implementing a cybersecurity solution certified by the CCN and complying with the National Security Framework

Checkpoint Technologies, a company we have assisted in certifying/qualifying several of their solutions to be part of the CPSTIC / CCN STIC-105 catalog, invited us as speakers to this webinar. During this event, we had the opportunity to explain the following points:

Introduction to the National Cryptologic Center (CCN by its acronyms in Spanish) and the National Security Framework (ENS).

What the Catalog of Information and Communication Technology Security Products and Services (CPSTIC) entails (CPSTIC).

The benefits of certifying/qualifying a solution and complying with the ENS for your organization and its key components.

You can watch the full webinar here:

Cybersecurity certifications for the European market

The Taiwan Association of Information and Communication Standards (TAICS) organized a private event primarily aimed at Taiwanese developers and manufacturers looking to integrate their products into the European market. Due to the multitude of legislation and cybersecurity methodologies in Europe, TAICS hosted a webinar to clarify certain doubts, especially regarding legal milestones and mandatory compliance when introducing an IT product into the European market.

During this webinar, we discussed the following topics:

Certification schemes & methodologies – ICT Products.

Overview of the main EU policies on cybersecurity.

Recommendations for the European market.

You can read the full presentation here:

tags

José Ruiz/CTO

Jose is an expert consultant on the Common Criteria standard with more than 10 years of experience. Jose has a wide background in other security assurance standards in the field of the information technology as Common Criteria, FIPS 140-2, FIPS 140-3, GP TEE, PCI-PTS, LINCE. Jose has served as an evaluator, Technical Leader and CC Consultant for Epoche&Espri and as CC lab manager and Cyber Security Service Manager for Applus+. His experience has led him to participate as a speaker in various editions of the ICCC (International Common Criteria Conference) and ICMC (International Cryptographic Module Conference). He has been the “Chairman” of a subgroup within the ISCI WG1 Eurosmart Initiative to develop the CC Methodology. He is also member of different working groups as ISO SC27 or Global Platform TEE and an active member of the group ERNCIP “IACS Cybersecurity certification“.

In 2017 he founded with Javier what is now known as jtsec. He is currently in charge of promoting the commercial expansion of the company from its headquarters in Madrid as CTO. In addition, he represents jtsec in various national and international forums and is responsible for quality.