3. Formal Standards

An ecosystem of protocols, standards, technology, practices, and organisations keep the internet open, stable, secure, and resilient. Standards ensure that hardware and software developed or manufactured by different entities work together as seamlessly as possible, or are interoperable. Adoption and deployment of security-related internet standards contribute to a secure and resilient internet infrastructure and cyberspace.

Formal standards are endorsed by a formal Standard Development Organisation (SDO). SDOs include the International Electrotechnical Commission (IEC), the International Organisation for Standardization (ISO), and the International Telecommunication Union (ITU).  Quasi-formal organisations including the Institute of Electrical and Electronics Engineers (IEEE), the 3rd Generation Partnership Project (3GPP), and the Internet Engineering Task Force (IETF), industry forums, and consortia play a significant role in the development of security-related internet standards.

The participation of government, regulators, academia, and other stakeholders in SDOs should be aligned with national priorities and obligations as set out in the national cybersecurity strategy, international or regional conventions. This would help governments determine priority standardisation areas, state and non-state representation in various SDO,s and the resource commitment.