- Table View
- List View
Security Management: A Critical Thinking Approach
by Michael Land Truett Ricks Bobby RicksSecurity is a paradox. It is often viewed as intrusive, unwanted, a hassle, or something that limits personal, if not professional, freedoms. However, if we need security, we often feel as if we can never have enough. Security Management: A Critical Thinking Approach provides security professionals with the ability to critically examine their organ
Security Monitoring: Proven Methods for Incident Detection on Enterprise Networks
by Chris Fry Martin NystromHow well does your enterprise stand up against today's sophisticated security threats? In this book, security experts from Cisco Systems demonstrate how to detect damaging security incidents on your global network--first by teaching you which assets you need to monitor closely, and then by helping you develop targeted strategies and pragmatic techniques to protect them.Security Monitoring is based on the authors' years of experience conducting incident response to keep Cisco's global network secure. It offers six steps to improve network monitoring. These steps will help you:Develop Policies: define rules, regulations, and monitoring criteriaKnow Your Network: build knowledge of your infrastructure with network telemetrySelect Your Targets: define the subset of infrastructure to be monitoredChoose Event Sources: identify event types needed to discover policy violationsFeed and Tune: collect data, generate alerts, and tune systems using contextual informationMaintain Dependable Event Sources: prevent critical gaps in collecting and monitoring eventsSecurity Monitoring illustrates these steps with detailed examples that will help you learn to select and deploy the best techniques for monitoring your own enterprise network.
Security Operations for Microsoft® Exchange 2000 Server
by Microsoft CorporationThis guide delivers procedures and best practices for system administrators to create and maintain a secure environment on servers running Microsoft Exchange 2000 with a focus on two specific server roles: Microsoft Outlook® Web Access (OWA) front end servers and back-end servers. This guide was created as a supplement to Security Operations Guide for Microsoft Windows 2000 Server.
Security Opportunities in Nano Devices and Emerging Technologies
by Mark Tehranipoor, Domenic Forte, Garrett S. Rose and Swarup BhuniaThe research community lacks both the capability to explain the effectiveness of existing techniques and the metrics to predict the security properties and vulnerabilities of the next generation of nano-devices and systems. This book provides in-depth viewpoints on security issues and explains how nano devices and their unique properties can address the opportunities and challenges of the security community, manufacturers, system integrators, and end users. This book elevates security as a fundamental design parameter, transforming the way new nano-devices are developed. Part 1 focuses on nano devices and building security primitives. Part 2 focuses on emerging technologies and integrations.
Security Orchestration, Automation, and Response for Security Analysts: Learn the secrets of SOAR to improve MTTA and MTTR and strengthen your organization's security posture
by Benjamin KovacevicBecome a security automation expert and build solutions that save time while making your organization more secureKey FeaturesWhat’s insideAn exploration of the SOAR platform’s full features to streamline your security operationsLots of automation techniques to improve your investigative abilityActionable advice on how to leverage the capabilities of SOAR technologies such as incident management and automation to improve security postureBook DescriptionWhat your journey will look like With the help of this expert-led book, you’ll become well versed with SOAR, acquire new skills, and make your organization's security posture more robust. You’ll start with a refresher on the importance of understanding cyber security, diving into why traditional tools are no longer helpful and how SOAR can help. Next, you’ll learn how SOAR works and what its benefits are, including optimized threat intelligence, incident response, and utilizing threat hunting in investigations. You’ll also get to grips with advanced automated scenarios and explore useful tools such as Microsoft Sentinel, Splunk SOAR, and Google Chronicle SOAR. The final portion of this book will guide you through best practices and case studies that you can implement in real-world scenarios. By the end of this book, you will be able to successfully automate security tasks, overcome challenges, and stay ahead of threats.What you will learnReap the general benefits of using the SOAR platformTransform manual investigations into automated scenariosLearn how to manage known false positives and low-severity incidents for faster resolutionExplore tips and tricks using various Microsoft Sentinel playbook actionsGet an overview of tools such as Palo Alto XSOAR, Microsoft Sentinel, and Splunk SOARWho this book is forYou'll get the most out of this book if You're a junior SOC engineer, junior SOC analyst, a DevSecOps professional, or anyone working in the security ecosystem who wants to upskill toward automating security tasks You often feel overwhelmed with security events and incidents You have general knowledge of SIEM and SOAR, which is a prerequisite You’re a beginner, in which case this book will give you a head start You’ve been working in the field for a while, in which case you’ll add new tools to your arsenal
Security Patch Management
by Felicia NicastroAlthough the patch management process is neither exceedingly technical nor extremely complicated, it is still perceived as a complex issue that's often left to the last minute or resolved with products that automate the task. Effective patch management is not about technology; it's about having a formal process in place that can deploy patches to v
Security Patterns
by Frank Buschmann Peter Sommerlad Eduardo Fernandez-Buglioni Markus Schumacher Duane HybertsonMost security books are targeted at security engineers and specialists. Few show how build security into software. None breakdown the different concerns facing security at different levels of the system: the enterprise, architectural and operational layers. Security Patterns addresses the full spectrum of security in systems design, using best practice solutions to show how to integrate security in the broader engineering process. Essential for designers building large-scale systems who want best practice solutions to typical security problemsReal world case studies illustrate how to use the patterns in specific domainsFor more information visit www.securitypatterns.org
Security Patterns in Practice
by Eduardo Fernandez-BuglioniLearn to combine security theory and code to produce secure systemsSecurity is clearly a crucial issue to consider during the design and implementation of any distributed software architecture. Security patterns are increasingly being used by developers who take security into serious consideration from the creation of their work. Written by the authority on security patterns, this unique book examines the structure and purpose of security patterns, illustrating their use with the help of detailed implementation advice, numerous code samples, and descriptions in UML. Provides an extensive, up-to-date catalog of security patternsShares real-world case studies so you can see when and how to use security patterns in practiceDetails how to incorporate security from the conceptual stage Highlights tips on authentication, authorization, role-based access control, firewalls, wireless networks, middleware, VoIP, web services security, and moreAuthor is well known and highly respected in the field of security and an expert on security patternsSecurity Patterns in Practice shows you how to confidently develop a secure system step by step.
Security Planning
by Susan LinckeThis book guides readers through building an IT security plan. Offering a template, it helps readers to prioritize risks, conform to regulation, plan their defense and secure proprietary/confidential information. The process is documented in the supplemental online security workbook. Security Planning is designed for the busy IT practitioner, who does not have time to become a security expert, but needs a security plan now. It also serves to educate the reader of a broader set of concepts related to the security environment through the Introductory Concepts and Advanced sections. The book serves entry level cyber-security courses through those in advanced security planning. Exercises range from easier questions to the challenging case study. This is the first text with an optional semester-long case study: Students plan security for a doctor's office, which must adhere to HIPAA regulation. For software engineering-oriented students, a chapter on secure software development introduces security extensions to UML and use cases (with case study). The text also adopts the NSA's Center of Academic Excellence (CAE) revamped 2014 plan, addressing five mandatory and 15 Optional Knowledge Units, as well as many ACM Information Assurance and Security core and elective requirements for Computer Science.
Security Policies and Implementation Issues
by Robert Johnson Chuck EasttomPART OF THE NEW JONES & BARTLETT LEARNING INFORMATION SYSTEMS SECURITY & ASSURANCE SERIES Security Policies and Implementation Issues, Third Edition offers a comprehensive, end-to-end view of information security policies and frameworks from the raw organizational mechanics of building to the psychology of implementation. Written by industry experts, the new Third Edition presents an effective balance between technical knowledge and soft skills, while introducing many different concepts of information security in clear simple terms such as governance, regulator mandates, business drivers, legal considerations, and much more. With step-by-step examples and real-world exercises, this book is a must-have resource for students, security officers, auditors, and risk leaders looking to fully understand the process of implementing successful sets of security policies and frameworks. Instructor Materials for Security Policies and Implementation Issues include: PowerPoint Lecture Slides Instructor's Guide Sample Course Syllabus Quiz & Exam Questions Case Scenarios/Handouts About the Series This book is part of the Information Systems Security and Assurance Series from Jones and Bartlett Learning. Designed for courses and curriculums in IT Security, Cybersecurity, Information Assurance, and Information Systems Security, this series features a comprehensive, consistent treatment of the most current thinking and trends in this critical subject area. These titles deliver fundamental information-security principles packed with real-world applications and examples. Authored by Certified Information Systems Security Professionals (CISSPs), they deliver comprehensive information on all aspects of information security. Reviewed word for word by leading technical experts in the field, these books are not just current, but forward-thinking—putting you in the position to solve the cybersecurity challenges not just of today, but of tomorrow, as well.
Security Policy in System-on-Chip Designs: Specification, Implementation and Verification
by Sandip Ray Swarup Bhunia Abhishek BasakThis book offers readers comprehensive coverage of security policy specification using new policy languages, implementation of security policies in Systems-on-Chip (SoC) designs – current industrial practice, as well as emerging approaches to architecting SoC security policies and security policy verification. The authors focus on a promising security architecture for implementing security policies, which satisfies the goals of flexibility, verification, and upgradability from the ground up, including a plug-and-play hardware block in which all policy implementations are enclosed. Using this architecture, they discuss the ramifications of designing SoC security policies, including effects on non-functional properties (power/performance), debug, validation, and upgrade. The authors also describe a systematic approach for “hardware patching”, i.e., upgrading hardware implementations of security requirements safely, reliably, and securely in the field, meeting a critical need for diverse Internet of Things (IoT) devices.Provides comprehensive coverage of SoC security requirements, security policies, languages, and security architecture for current and emerging computing devices;Explodes myths and ambiguities in SoC security policy implementations, and provide a rigorous treatment of the subject;Demonstrates a rigorous, step-by-step approach to developing a diversity of SoC security policies;Introduces a rigorous, disciplined approach to “hardware patching”, i.e., secure technique for updating hardware functionality of computing devices in-field;Includes discussion of current and emerging approaches for security policy verification.
Security Power Tools
by Bryan Burns Eric Markham Chris Iezzoni Philippe Biondi Jennifer Stisa Granick Steve Manzuik Paul Guersch Dave Killion Nicolas Beauchesne Eric Moret Julien Sobrier Michael LynnWhat if you could sit down with some of the most talented security engineers in the world and ask any network security question you wanted? Security Power Tools lets you do exactly that! Members of Juniper Networks' Security Engineering team and a few guest experts reveal how to use, tweak, and push the most popular network security applications, utilities, and tools available using Windows, Linux, Mac OS X, and Unix platforms. Designed to be browsed, Security Power Tools offers you multiple approaches to network security via 23 cross-referenced chapters that review the best security tools on the planet for both black hat techniques and white hat defense tactics. It's a must-have reference for network administrators, engineers and consultants with tips, tricks, and how-to advice for an assortment of freeware and commercial tools, ranging from intermediate level command-line operations to advanced programming of self-hiding exploits. Security Power Tools details best practices for: Reconnaissance -- including tools for network scanning such as nmap; vulnerability scanning tools for Windows and Linux; LAN reconnaissance; tools to help with wireless reconnaissance; and custom packet generation Penetration -- such as the Metasploit framework for automated penetration of remote computers; tools to find wireless networks; exploitation framework applications; and tricks and tools to manipulate shellcodes Control -- including the configuration of several tools for use as backdoors; and a review of known rootkits for Windows and Linux Defense -- including host-based firewalls; host hardening for Windows and Linux networks; communication security with ssh; email security and anti-malware; and device security testing Monitoring -- such as tools to capture, and analyze packets; network monitoring with Honeyd and snort; and host monitoring of production servers for file changes Discovery -- including The Forensic Toolkit, SysInternals and other popular forensic tools; application fuzzer and fuzzing techniques; and the art of binary reverse engineering using tools like Interactive Disassembler and Ollydbg A practical and timely network security ethics chapter written by a Stanford University professor of law completes the suite of topics and makes this book a goldmine of security information. Save yourself a ton of headaches and be prepared for any network security dilemma with Security Power Tools.
Security Power Tools
by Bryan Burns Eric Markham Chris Iezzoni Philippe Biondi Jennifer Stisa Granick Steve Manzuik Paul Guersch Dave Killion Nicolas Beauchesne Eric Moret Julien Sobrier Michael LynnWhat if you could sit down with some of the most talented security engineers in the world and ask any network security question you wanted? Security Power Tools lets you do exactly that! Members of Juniper Networks' Security Engineering team and a few guest experts reveal how to use, tweak, and push the most popular network security applications, utilities, and tools available using Windows, Linux, Mac OS X, and Unix platforms. Designed to be browsed, Security Power Tools offers you multiple approaches to network security via 23 cross-referenced chapters that review the best security tools on the planet for both black hat techniques and white hat defense tactics. It's a must-have reference for network administrators, engineers and consultants with tips, tricks, and how-to advice for an assortment of freeware and commercial tools, ranging from intermediate level command-line operations to advanced programming of self-hiding exploits. Security Power Tools details best practices for: Reconnaissance -- including tools for network scanning such as nmap; vulnerability scanning tools for Windows and Linux; LAN reconnaissance; tools to help with wireless reconnaissance; and custom packet generation Penetration -- such as the Metasploit framework for automated penetration of remote computers; tools to find wireless networks; exploitation framework applications; and tricks and tools to manipulate shellcodes Control -- including the configuration of several tools for use as backdoors; and a review of known rootkits for Windows and Linux Defense -- including host-based firewalls; host hardening for Windows and Linux networks; communication security with ssh; email security and anti-malware; and device security testing Monitoring -- such as tools to capture, and analyze packets; network monitoring with Honeyd and snort; and host monitoring of production servers for file changes Discovery -- including The Forensic Toolkit, SysInternals and other popular forensic tools; application fuzzer and fuzzing techniques; and the art of binary reverse engineering using tools like Interactive Disassembler and Ollydbg A practical and timely network security ethics chapter written by a Stanford University professor of law completes the suite of topics and makes this book a goldmine of security information. Save yourself a ton of headaches and be prepared for any network security dilemma with Security Power Tools.
Security Protocols XXIII
by Jonathan Anderson Bruce Christianson Petr Švenda Vashek Matyáš James Malcolm Frank StajanoThis book constitutes the thoroughly refereed post-workshop proceedings of the 23rd International Workshop on Security Protocols, held in Cambridge, UK, in March/April 2015. After an introduction the volume presents 18 revised papers each followed by a revised transcript of the presentation and ensuing discussion at the event. The theme of this year's workshop is "Information Security in Fiction and in Fact".
Security Protocols XXVI: 26th International Workshop, Cambridge, UK, March 19–21, 2018, Revised Selected Papers (Lecture Notes in Computer Science #11286)
by Jonathan Anderson Bruce Christianson Petr Švenda Vashek Matyáš Frank StajanoThis book constitutes the thoroughly refereed post-workshop proceedings of the 26th International Workshop on Security Protocols, held in Cambridge, UK, in March 2018. The volume consists of 17 thoroughly revised invited papers presented together with the respective transcripts of discussions. The theme of this year's workshop was fail-safe and fail-deadly concepts in protocol design. The topics covered included failures and attacks; novel protocols; threat models and incentives; cryptomoney; and the interplay of cryptography and dissent.
Security Protocols XXVII: 27th International Workshop, Cambridge, UK, April 10–12, 2019, Revised Selected Papers (Lecture Notes in Computer Science #12287)
by Jonathan Anderson Bruce Christianson Vashek Matyáš Frank StajanoThe volume LNCS 12287 constitutes the proceedings of the 27th International Workshop on Security Protocols, held in Cambridge, UK, in April 2019. The volume consists of 16 thoroughly revised invited papers presented together with the respective transcripts of discussions. The theme of this year's workshop was “Security Protocols for Humans" The topics covered included Designing for Humans and Understanding Humans, Human Limitations in Security, Secure sharing and collaboration and much more.
Security Protocols XXVIII: 28th International Workshop, Cambridge, UK, March 27–28, 2023, Revised Selected Papers (Lecture Notes in Computer Science #14186)
by Jonathan Anderson Bruce Christianson Vashek Matyáš Frank StajanoThis book constitutes the refereed post-conference proceedings of the 28th International Workshop on Security Protocols, held in Cambridge, UK, during March 27–28, 2023. Thirteen papers out of 23 submissions were selected for publication in this book, presented together with the respective transcripts of discussions. The theme of this year's workshop was “Humans in security protocols — are we learning from mistakes?” The topics covered are securing the human endpoint and proving humans correct.
Security Relationship Management: Leveraging Marketing Concepts to Advance a Cybersecurity Program (Security, Audit and Leadership Series)
by Lee ParrishAligning information security to the goals and strategies of the business is paramount for ensuring risks are addressed, without an abundance of negative impacts to the company. But how does a Chief Information Security Officer (CISO) accomplish effective alignment? A security executive must understand the detailed needs of business leaders and stakeholders from across all corners of the company. We cannot rely on a standard cadence of general security discussions across all of the lines of business, as well as functional areas, and expect our alignment to be maximally effective. Instead, we should promote our security programs in such a way that makes it personal to whomever we are speaking with at any given time.By leveraging already established and tested marketing concepts, slightly altered for information security, the CISO can tailor their message to fit the needs of each stakeholder. This allows for in-depth business alignment, as well as a holistic view of the company’s underpinnings for the CISO. Within these pages, the reader will learn how segmentation, the Four Ps, and customer relationship management techniques, can help to transform their security program. Additionally, the book introduces a concept called Security Relationship Management (SRM) that optimizes the creation and nurturing of the hundreds of professional relationships (within and outside the company) that a CISO must balance each week. Through structured tracking of interactions and analyzing SRM data, the CISO ensures that relationships are managed effectively, which increases alignment between the business and cybersecurity initiatives. Pick up your copy of Security Relationship Management: Leveraging Marketing Concepts to Advance a Cybersecurity Program, today to begin your SRM journey.Please visit www.novelsecurity.com for more information.
Security Rights in Intellectual Property (Ius Comparatum - Global Studies in Comparative Law #45)
by Eva-Maria KieningerThis book discusses the main legal and economic challenges to the creation and enforcement of security rights in intellectual property and explores possible avenues of reform, such as more specific rules for security in IP rights and better coordination between intellectual property law and secured transactions law. In the context of business financing, intellectual property rights are still only reluctantly used as collateral, and on a small scale. If they are used at all, it is mostly done in the form of a floating charge or some other “all-asset” security right. The only sector in which security rights in intellectual property play a major role, at least in some jurisdictions, is the financing of movies. On the other hand, it is virtually undisputed that security rights in intellectual property could be economically valuable, or even crucial, for small and medium-sized enterprises – especially for start-ups, which are often very innovative and creative, but have limited access to corporate financing and must rely on capital markets (securitization, capital market). Therefore, they need to secure bank loans, yet lack their own traditional collateral, such as land.
Security Risk Management - The Driving Force for Operational Resilience: The Firefighting Paradox (Security, Audit and Leadership Series)
by Jim Seaman Michael GioiaThe importance of businesses being ‘operationally resilient’ is becoming increasingly important, and a driving force behind whether an organization can ensure that its valuable business operations can ‘bounce back’ from or manage to evade impactful occurrences is its security risk management capabilities. In this book, we change the perspective on an organization’s operational resilience capabilities so that it shifts from being a reactive (tick box) approach to being proactive. The perspectives of every chapter in this book focus on risk profiles and how your business can reduce these profiles using effective mitigation measures. The book is divided into two sections: 1. Security Risk Management (SRM). All the components of security risk management contribute to your organization’s operational resilience capabilities, to help reduce your risks. • Reduce the probability/ likelihood. 2. Survive to Operate. If your SRM capabilities fail your organization, these are the components that are needed to allow you to quickly ‘bounce back.’ • Reduce the severity/ impact. Rather than looking at this from an operational resilience compliance capabilities aspect, we have written these to be agnostic of any specific operational resilience framework (e.g., CERT RMM, ISO 22316, SP 800- 160 Vol. 2 Rev. 1, etc.), with the idea of looking at operational resilience through a risk management lens instead. This book is not intended to replace these numerous operational resilience standards/ frameworks but, rather, has been designed to complement them by getting you to appreciate their value in helping to identify and mitigate your operational resilience risks. Unlike the cybersecurity or information security domains, operational resilience looks at risks from a business-oriented view, so that anything that might disrupt your essential business operations are risk-assessed and appropriate countermeasures identified and applied. Consequently, this book is not limited to cyberattacks or the loss of sensitive data but, instead, looks at things from a holistic business-based perspective.
Security Risk Models for Cyber Insurance
by David Rios Insua Caroline Baylon Jose VilaTackling the cybersecurity challenge is a matter of survival for society at large. Cyber attacks are rapidly increasing in sophistication and magnitude—and in their destructive potential. New threats emerge regularly, the last few years having seen a ransomware boom and distributed denial-of-service attacks leveraging the Internet of Things. For organisations, the use of cybersecurity risk management is essential in order to manage these threats. Yet current frameworks have drawbacks which can lead to the suboptimal allocation of cybersecurity resources. Cyber insurance has been touted as part of the solution – based on the idea that insurers can incentivize companies to improve their cybersecurity by offering premium discounts – but cyber insurance levels remain limited. This is because companies have difficulty determining which cyber insurance products to purchase, and insurance companies struggle to accurately assess cyber risk and thus develop cyber insurance products. To deal with these challenges, this volume presents new models for cybersecurity risk management, partly based on the use of cyber insurance. It contains: A set of mathematical models for cybersecurity risk management, including (i) a model to assist companies in determining their optimal budget allocation between security products and cyber insurance and (ii) a model to assist insurers in designing cyber insurance products. The models use adversarial risk analysis to account for the behavior of threat actors (as well as the behavior of companies and insurers). To inform these models, we draw on psychological and behavioural economics studies of decision-making by individuals regarding cybersecurity and cyber insurance. We also draw on organizational decision-making studies involving cybersecurity and cyber insurance. Its theoretical and methodological findings will appeal to researchers across a wide range of cybersecurity-related disciplines including risk and decision analysis, analytics, technology management, actuarial sciences, behavioural sciences, and economics. The practical findings will help cybersecurity professionals and insurers enhance cybersecurity and cyber insurance, thus benefiting society as a whole. This book grew out of a two-year European Union-funded project under Horizons 2020, called CYBECO (Supporting Cyber Insurance from a Behavioral Choice Perspective).
Security Software Development: Assessing and Managing Security Risks
by CISSP, Douglas AshbaughThreats to application security continue to evolve just as quickly as the systems that protect against cyber-threats. In many instances, traditional firewalls and other conventional controls can no longer get the job done. The latest line of defense is to build security features into software as it is being developed. Drawing from the author's extensive experience as a developer, Secure Software Development: Assessing and Managing Security Risks illustrates how software application security can be best, and most cost-effectively, achieved when developers monitor and regulate risks early on, integrating assessment and management into the development life cycle. This book identifies the two primary reasons for inadequate security safeguards: Development teams are not sufficiently trained to identify risks; and developers falsely believe that pre-existing perimeter security controls are adequate to protect newer software. Examining current trends, as well as problems that have plagued software security for more than a decade, this useful guide:Outlines and compares various techniques to assess, identify, and manage security risks and vulnerabilities, with step-by-step instruction on how to execute each approachExplains the fundamental terms related to the security processElaborates on the pros and cons of each method, phase by phase, to help readers select the one that best suits their needsDespite decades of extraordinary growth in software development, many open-source, government, regulatory, and industry organizations have been slow to adopt new application safety controls, hesitant to take on the added expense. This book improves understanding of the security environment and the need for safety measures. It shows readers how to analyze relevant threats to their applications and then implement time- and money-saving techniques to safeguard them.
Security Standardisation Research
by Chris Mitchell Lidong Chen David McgrewThis book constitutes the proceedings of the First International Conference on Security Standardisation Research, SSR 2014, which was held in London, UK, in December 2014. The 14 full papers presented in this volume were carefully reviewed and selected from 22 submissions. The papers cover a range of topics in the field of security standardisation research, including cryptographic evaluation, standards development, analysis with formal methods, potential future areas of standardisation, and improving existing standards.
Security Standardisation Research
by Liqun Chen Shin'Ichiro MatsuoThis bookconstitutes the refereed proceedings of the Second International Conference onSecurity Standardisation Research, SSR 2015, held in Tokyo, Japan, in December2015. The 13papers presented in this volume were carefully reviewed and selected from 18submissions. They are organized in topical sections named: bitcoin andpayment; protocol and AΠ analysis on cryptographic algorithm; privacy; andtrust and formal analysis.
Security Standardisation Research: 4th International Conference, SSR 2018, Darmstadt, Germany, November 26-27, 2018, Proceedings (Lecture Notes in Computer Science #11322)
by Anja Lehmann Cas CremersThis book constitutes the refereed proceedings of the 4th International Conference on Security Standardisation Research, SSR 2018, held in Darmstadt, Germany, in November 2018.The papers cover a range of topics in the field of security standardisation research, including cryptographic evaluation, standards development, analysis with formal methods, potential future areas of standardisation, and improving existing standards.