Want to learn more the principle of "Security by Default"?

👉 Read the full interview with Sudhir Ethiraj, Global Head of Cybersecurity Office at TÜVSÜD and Taskforce Lead, Security by Default at the Charter of Trust: http://spkl.io/60444ahb0

3 key takeaways:
💡 Charter of Trust introduced the principle “Security by default” recognizing that securing the product alone is not sufficient.
💡 The biggest challenge: Outdated devices and existing systems are still functional and have significant financial investments associated with them. However, they were not designed with security in mind.
💡 The Charter of Trust taskforce worked on establishing a common set of guidelines for Security by default that can be used across different industries and domains.

Thank you Siemens for including this topic in your Cybersecurity and Charter of Trust Innovation series. Looking forward to the further exchange this week with MSC 2024 ahead.

This document highlights the significance of caution and due diligence in relation to cyber risks when processes and value chains are supported by digital technology to improve efficiency. As digitalization progresses, such risks exist in products which are combined to systems and networks in the IT but also in the OT world. The intent of this document is to offers practical guidance to risk management based on the experience and expertise of the members of the Charter of Trust P3 Task Force.

The Charter of Trust hosted the first edition of its CyberTrust Talks series on:

AI & Cybersecurity: A Double-Edged Sword

Date: Thursday, 7th December
Event: Lunch event (12:00-13:30 CET)
Location: Microsoft Centre, Rue Montoyer, 51, 1000 - Brussels

The event, moderated by Dr. Sumit Chanda, Global CISO at Eviden and Co-Chair of Advocacy and Communications Taskforce of the Charter of Trust, addressed the complex and evolving relationship between AI and cybersecurity.

An introductory speech was delivered by Charter of Trust Partner Microsoft's Jeremy Rollison, Head of EU Policy and Senior Director of EU Government Affairs.

The discussion featured esteemed panelists:

Natalia Oropeza, Chairwoman of the Charter of Trust & Global Chief Cybersecurity Officer & Chief Diversity Officer, Siemens AG
Christian D'Cunha, Head of the Cyber Coordination Task Force in DG CONNECT of the European Commission
Dr. Eric Vetillard, Lead Certification Expert at ENISA
Dr. Christoph Peylo, AI Task Force Lead of the Charter of Trust & Chief Cybersecurity Officer at Bosch
Dr. Jochen Friedrich, Technical Relations Executive at IBM

The event provided a platform to explore threats and opportunities at the intersection of AI and cybersecurity, as well as the implications of upcoming EU legislation and new governance approaches.

This first edition was a great success with over 90 people attending in-person and online. The key takeaways were:

• AI is shifting the paradigm and changing the whole concept of the computation and cybersecurity​
​
• The technology opens great opportunities but also poses significant risks, which we need to better understand and learn to prevent​
​
• The AI Act is an important milestone in making AI safe and trustworthy, but its implementation may pose challenges for the industry​

• Charter of Trust, as an alliance of global leaders in cybersecurity and AI, can play an important role helping business to ensure trustworthiness of AI and increased cybersecurity

On October 19th 2023, we hosted our latest webinar to discuss how Charter of Trust's approach helps improving cybersecurity by establishing a culture of security by default in businesses’ production chain and using a Secure Development Lifecycle approach.

The Charter of Trust’s Principle 3 Taskforce is pleased to invite you to a webinar on Thursday, 19th October 2023 14:00-15:00 CEST

How the can you protect your business using the Secure Development Lifecycle approach in a dynamic regulatory environment and threat landscape?

Join us and discuss with our experts how the Charter of Trust's step-by-step guidelines for the Secure Development Lifecycle can assist you in enhancing cybersecurity through in Security by Default and Security by Design strategies.

The Charter of Trust consists of 10 Principles and this webinar is brought to you by the Charter’s Taskforce on Principle 3 “Security by Default”. Experts in this taskforce work to establish and adopt the highest appropriate level of security and data protection and ensure that it is preconfiguered into the design of products, functionalities, process, technologies, operations, architectures, and business models. We call this our Baseline Requirements: With them in mind, you can ensure confidentiality, authenticity, and integrity within your systems.

In this webinar, you can learn how to bridge the two sets of baseline requirements, first for products, functionalities, and technologies, second for processes, operations, and architecture. It shows you step-by-step how a product or service can be designed integrating baseline security mechanisms. To make this knowledge highly actionable for you, experts from TÜV SÜD, IBM, Atos and our guest from the Cloud Security Alliance will share best practices with insights and examples.

The Charter of Trust welcomes the Commission’s proposal for horizontal rules introducing cybersecurity requirements for connected products. We believe that improving products and software development practices and transparency will benefit the entire cybersecurity ecosystem. Policymakers should, however, ensure seamless and clear application between the CRA and other product-related and cybersecurity legislations to provide more legal certainty to businesses across the supply chain.

By Julian Meyrick, Managing Partner & Vice President, Security Strategy Risk & Compliance, Security Transformation Services Software, IBM Security

At the occasion of its fifth anniversary and on the sidelines of the Munich Security Conference 2023, the Charter of Trust hosted on 17th February 2023 a hybrid discussion from Munich with Charter of Trust Partners, Associated Partners and other cybersecurity experts on ‘Driving Cybersecurity in Times of Conflict and Crisis’.

(Re-)watch the recording of the event at the link below:

Today's opening of the 2023 Munich Security Conference marks the fifth anniversary of the Charter of Trust (CoT). This celebration is an opportunity to reflect on the alliance's achievements and growth since 2018.This milestone is also an opportunity to discuss the path ahead for cybersecurity, as the world faces unprecedented levels of cyberthreats. The CoT remains convinced that secure and trusted digital technologies, infrastructures, products and solutions are the prerequisite for overcoming our global challenges.

The purpose of this document is to provide additional information on a step-by-step approach for achieving secure development lifecycle, in addition to the Phase 1 and Phase 2 baseline requirements. The document aims to provide a deep dive into the topic of secure development lifecycle and define best practices for achieving the same. This includes the following steps: identifying the basic steps for a development lifecycle model and developing best practices for a secure development lifecycle.

As 2023 marks the fifth anniversary of the Charter of Trust, we are publishing a “Secure Development Lifecycle: step-by-by step guidelines", our latest guiding document in line with the Charter's Principle 3, Security By Default.

The Charter of Trust is pleased to invite you to its 5th anniversary event, as part of the Munich Security Conference 2023, which will take place both in-person in Munich and virtually and gather Charter of Trust Partners and cybersecurity experts.