British coming to push standard on data security

British coming to push standard on data security

By William Jackson

GCN Staff

The British Standards Institution is working to drum up interest among systems and network administrators on this side of the Atlantic in its newly adopted standard for information security management.

'In the U.S., you have no equivalent document' to BS 7799, said Kay Ruddeforth, BSI product manager, at the recent SuperComm '99 trade show in Atlanta.

Ruddeforth said BS 7799, which received final approval in April, has been submitted to the International Standards Organization for adoption.

She said at least one U.S. company, Internet commerce vendor CyberSource Corp. of San Jose, Calif., has announced its intent to obtain BS 7799 certification from BSI, which has offices in Reston, Va. But, she said, she has not received any expression of interest from the U.S. government.

Reg Blake, BSI regulatory affairs manager, said the Defense Department has scrutinized BSI's project management standards, however.

The British standard is not mandated by the European Union's directive on data security, but if compliance with EU security standards becomes necessary for doing business in Europe, BS 7799 could become widespread in the United States.

Code and specs

BS 7799 has two parts: a code of practice for information security management and specifications for information security management systems.

Part 1 covers best practices for risk assessment and control related to topics ranging from mobile computing to site housekeeping. Part 2 deals with designing and implementing an information security system, documenting it and managing a security policy.

The standard can be applied at different security levels depending on an organization's identified threats and associated risks.


  • Russia prying into state, local networks

    A Russian state-sponsored advanced persistent threat actor targeting state, local, territorial and tribal government networks exfiltrated data from at least two victims.

  • Marines on patrol (US Marines)

    Using AVs to tell friend from foe

    The Defense Advanced Research Projects Agency is looking for ways autonomous vehicles can make it easier for commanders to detect and track threats among civilians in complex urban environments without escalating tensions.

Stay Connected