Navigate to content

CS1 - Cyber Security

About This Committee

INCITS/CS1 was established in April 2005 to serve as the US TAG for ISO/IEC JTC 1/SC 27 and all SC 27 Working Groups. The INCITS/CS1 area of work includes standardization in the following areas:

*Management of information security and systems
*Management of third party information security service providers
*Intrusion detection
*Network security
*Incident handling
*IT Security evaluation and assurance
*Security assessment of operational systems
*Security requirements for cryptographic modules

Protection profiles
* Role based access control
*Security checklists
*Security metrics
*Cryptographic and non-crytographic techniques and mechanisms including:
* confidentiality
* entity authentication
* non-repudiation
* key management
* data integrity
* message authentication
* hash-functions
* digital signatures

*Future service and applications standards supporting the implementation of control objectives and controls as
defined in IS 27001, in the areas of:
* business continuity
* outsourcing

*Identity management, including:
* identity management framework
* role based access control
* single sign-on
*Privacy technologies, including:
* privacy framework
* privacy reference architecture
* privacy
* anonymity and credentials
* specific privacy enhancing technologies

The scope of CS1 explicitly excludes the areas of work on cyber security standardization presently underway in INCITS B10, M1, T3, T10 and T11; as well as other standard groups, such as ATIS, IEEE, IETF, TIA, and X9.


  • Group ChairEric Hibbard, Hitachi Vantara
  • Vice ChairSal Francomacaro, Department of CommerceNIST
  • SecretaryAnnie Sokol, Department of CommerceNIST
  • Int'l. RepLaura Lindsay, Microsoft Corporation

Staff Contacts

Deborah Spittle photo

Deborah Spittle

Associate Manager, Standards Operations