Appendix: compendium of cybersecurity requirements and guidelines

This appendix contains an extensive compendium of existing requirements that provide the basis for the Cybersecurity Information Exchange Framework as well as guidelines for its use.

Generic Cybersecurity

X.1205 Overview of cybersecurity

X.gopw Guideline on preventing malicious code spreading in a data communication network

WD27032 (N7558) Guidelines for cybersecurity

WD27033-1 (N7584) Guidelines for Network security

WD27034 (N7564) Application security

Y.2701 Next Generation Network security

X.tsgf Information security governance framework

WD27014 (N7820) information security governance framework

[ed. The ITU-D Q22/I cybersecurity report seems appropriate here.]

Vulnerability Exchange

X.1206 automatic notification of security related information and dissemination of updates

WD29147 (N7901) Responsible Vulnerability disclosure

Generic Security Information

X.sisfreq Requirement for security information exchange

X.gpn Mechanism and procedure for distributing policies for network security

Incident Forensics

X.1056 Security Incident Management for telecommunications organizations

WD27035 (N7566) Information Security Incident Management

X.bots Framework for botnet detection and response

X.tb-ucc Traceback use cases and capabilities

X.abnot Abnormal traffic detection and control guideline for telecommunication network

X.sips Framework for countering cyber attacks in SIP-based services

Y.dpireq NGN deep packet inspection requirements

WD27037 (N7570) Guidelines for identification, collection and/or acquisition and preservation of digital evidence

LEA Forensics

TS102656 Retained Data Requirements

TS101331 Requirements of Law Enforcement Agencies