After the successful Brussels Online Roadshow in May, which saw over 100 participants dial in from Asia, Africa, the US and Europe, the Charter of Trust announces four more roadshows before finishing off this year.

On 28 July, the Charter of Trust Principle 6 ‘Education’ hosted the first-ever Charter of Trust webinar “The Human Element in Cybersecurity”. Discussions focused on why people are so central to cybersecurity, how capacity building can be beneficial, and which modern approaches to learning can be applied to effectively leverage the human element in cybersecurity.

Cyber-crime is a disturbing reality today and global efforts to reduce crime continue to evolve, with some proving to be quite effective. Information sharing communities present one such approach.

With millions of people currently working from home, the COVID-19 pandemic has stressed the importance of cybersecurity in today’s digital economy. In this context, the Charter of Trust kicked off its second, but first-ever virtual, Collaboration Week of 2020, from 8-18 June. Colleagues from all around the globe came together to exchange ideas and to continue growing the strategic outlook of the Charter of Trust, more than two years after its creation.

Collaboration and information sharing between trusted partners is one of the main strategic objectives in the Charter of Trust and we practice what we preach. This week we are pleased to announce that the Charter of Trust, under its Principle 8, has started an initiative to share cyber threat information.

This year, the global pandemic has radically shifted the way many of us work. This shift has brought with-it a new threat that does not directly affect computer systems, but rather us, the users of the systems.

On 27 May, over 100 attendees dialed in from Asia, Africa, the US, and Europe for the Charter of Trust’s online roadshow: “Stronger cybersecurity during the COVID-19 pandemic.”

Baseline Requirements aimed at enabling security into the design of products, functionalities and technologies.

The current COVID 19 crisis has led to an exponential increase in the numbers of WFH – people working from home – to safeguard public health. At the same time, there is an increased risk in terms of Cybersecurity.

The current COVID 19 crisis has led to an exponential increase in the numbers of WFH – people working from home – to safeguard public health. At the same time, there is an increased risk in terms of Cybersecurity.

On March 3rd, 2020, the Charter of Trust gathered its members to meet French cybersecurity policy makers in Paris. After a fruitful working lunch, members and guests joined the IBM X-Force Command Cyber Tactical Operations Center (C-TOC) simulation to experience and learn how to react to a real cybersecurity crisis.

Responsibility throughout the digital supply chain
Companies – and if necessary – governments must establish risk-based rules that ensure adequate protection across all IoT layers with clearly defined and mandatory requirements. Ensure confidentiality, authenticity, integrity, and availability by setting baseline standards, such as
– Identity and access management: Connected devices must have secure identities and safeguarding measures that only allow authorized users and devices to use them.
– Encryption: Connected devices must ensure confidentiality for data storage and transmission purposes, wherever appropriate.
– Continuous protection: Companies must offer updates, upgrades, and patches throughout a reasonable life cycle for their products, systems, and services via a secure update mechanism.

Based on this statement, the CoT members developed a common risk-based approach aligned with international norms to help improve cybersecurity and provide visibility through the supply chain. Three elements form this risk-based approach:
– Baseline requirements are common for all digital suppliers and define the fundamentals that a supplier must address in order to ensure the cybersecurity foundations for their product/service
– Supplier criticality Digital suppliers have different criticalities depending on risk factors, which are also dependent on the context viewed by the purchaser
– Verification Verification to the baseline requirements is dependent on the criticality of the supplier

The purpose of this document is to describe such a risk-based approach and its impact on the digital supply chain with a focus on the various stakeholders throughout the digital supply chain.