1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
Charter
of Trust
main
cot

Publications

Addressing emerging concerns to ensure security

We are working on every end to protect, prevent and create a secure digital world. And cybersecurity isn't always rocket science. From small, medium-sized to large enterprises already a few easy actions are a good start to provide more cybersecurity. A pick of our topics.
| Showing 12 of 19 results
Showing 12 of 19 results

Report about Hybrid Threats presented at MSC 2025

Navigating Cybersecurity in an Era of Hybrid Threats

As hybrid threats continue to evolve, cybersecurity has never been more critical. The latest Charter of Trust report, launched at the Munich Security Conference, presents exclusive insights from leading CISOs and CSOs across our Partner network. This report provides a comprehensive analysis of the shifting threat landscape and the strategic actions necessary to enhance global resilience.

Key Insights from the Report

- The Growing Threat Landscape: Cyber adversaries are emerging across the globe, leveraging increasingly sophisticated tactics. Advanced threat detection and multi-layered defense strategies are no longer optional but essential.

- Breaking Down Security Silos: Cyber threats are constantly evolving—organizations cannot afford to wait. A proactive, collaborative approach is critical, fostering open dialogue across industries and sectors.

- Leadership in Collective Defense: Multinational corporations have a unique responsibility to lead in both technical defense and talent development, while also advancing zero trust architectures to mitigate risks effectively.

Collaboration as the Foundation of Cyber Resilience

The experiences of Charter of Trust partners highlight the importance of collective action in addressing the complexities of hybrid threats. Operating in high-stakes environments, these organizations provide valuable lessons for improving industry-wide preparedness.

A Call for Unified Action

Hybrid threats do not recognize national or industry boundaries—our response must be equally interconnected. As both prime targets and key defenders, multinational corporations are uniquely positioned to drive unified, strategic action. Initiatives like the Charter of Trust serve as a model for global collaboration, strengthening the cybersecurity ecosystem and paving the way for a more secure future.

We extend our gratitude to the CISOs and CSOs who contributed their expertise to this publication, including: Kyle Oetken (AES), Haydn Griffiths (Allianz), Paul Bayle (Atos), Christoph Peylo (Bosch), Morten Pors Simonsen (Danfoss), Koos Lodewijkx (IBM), Raphael Otto (Infineon), Natalia Oropeza (Siemens), Norbert Vetter (TÜV SÜD)
Read more

Security by Default in view of major Cybersecurity Regulations

Navigate the Cybersecurity Regulation Maze with Ease

The Charter of Trust is here to simplify the complexity and guide you through the ever-evolving regulatory landscape.

In today's digitized world, cybersecurity plays a pivotal role in maintaining global stability, economic resilience, and individual privacy. Various regulations have been implemented to safeguard individuals, businesses, and infrastructure from ever-evolving cyber threats. Each regulation, while differing in scope and focus by region, aims to protect against breaches, data leaks, and other malicious activities that could disrupt operations and compromise sensitive information.

At the heart of the Charter of Trust lies a commitment to sharing best practices. Our Security by Default Working Group has meticulously analyzed vast amounts of regulatory texts to provide a clear and concise overview of security by default adoption across key global regions.

Stay Ahead of Cyber Risks with Expert Insights

Our latest report is a vital resource for organizations aiming to effectively manage cybersecurity risks and protect their assets. Covering major regulations from the European Union, India, Japan, People's Republic of China, Singapore, the United Kingdom, and the United States, this report offers valuable insights into compliance requirements worldwide.

The principle of Security by Default, as advocated by the Charter of Trust, provides a universal standard for organizations to meet compliance requirements effectively. By embedding security measures from the outset, organizations can ensure compliance with regulations, foster trust with customers, safeguard their operations, and strengthen their market position. This approach not only helps organizations meet their legal obligations but also enhances their reputation and competitive advantage.

Strengthen Compliance, Build Trust, and Gain a Competitive Edge

By embedding security measures from the outset, businesses can:
- Ensure compliance with international regulations
- Build and maintain trust with customers and stakeholders
- Safeguard operations from cybersecurity threats
- Strengthen their market position with a proactive security approach

The publication shows that regulators worldwide have taken different approaches to pursuing common cybersecurity goals, leading to varied and sometimes conflicting regulatory frameworks. This complexity can make it challenging for organizations to navigate the cybersecurity landscape and ensure compliance with all relevant regulations.

This document serves as a roadmap to better navigate this complex landscape, thereby highlighting the benefits of aligning current cybersecurity regulations worldwide. It supports the Charter of Trust's mission to create a secure digital environment for innovation. By following the guidelines outlined in this document, organizations can effectively manage their cybersecurity risks, protect their assets, and contribute to a more secure digital world.

Don't get lost in the regulatory jungle — get the clarity you need today and download the full report below
Read more

Harmonising Regulation - a CoT perspective

In response to rising cyber threats, governments are enacting new cybersecurity laws and regulations, with some, like the United States (US), moving from voluntary public-private partnerships to more stringent regulatory approaches, while others, like the European Union (EU), are updating existing regulations (e.g. the Network and Information Security (NIS) Directive 2, or NIS 2) and creating new ones (e.g., Cyber Resilience Act, CRA). These efforts often set precedents for other nations, but the lack of international coordination in cybersecurity regulation remains a challenge. This fragmentation, coupled with shortages of cybersecurity talent, risks diverting resources from essential cyber defense to compliance, potentially increasing costs, complexity, and undermining resilience and innovation. Some solutions include reciprocity agreements, adopting international standards, and leveraging third-party assessments to streamline regulations and improve global alignment.

To read the full publication, see the download link below.
Read more
Charter of Trust

Charter of Trust Cybersecurity Policy Manifesto

The Charter of Trust presents this Manifesto as a call to action for Policymakers to join forces in the pursuit of a secure and resilient digital environment. As a collective of leading technology, cybersecurity, and industry stakeholders, we believe that a united and collaborative approach is essential for effectively combating cyber threats that endanger the security, privacy, and prosperity of our societies.
Our vision is to establish a strong, secure, and resilient digital Europe that fosters innovation, economic growth, and social progress while protecting individual rights and safeguarding the values of a democratic society.
Download PDF
Principle 3: Security by default

Charter of Trust report: Guideline on Cybersecurity Risk Assessment

This document highlights the significance of caution and due diligence in relation to cyber risks when processes and value chains are supported by digital technology to improve efficiency. As digitalization progresses, such risks exist in products which are combined to systems and networks in the IT but also in the OT world. The intent of this document is to offers practical guidance to risk management based on the experience and expertise of the members of the Charter of Trust P3 Task Force.
Download PDF
Principle 3: Security by default

Charter of Trust – Secure Development Lifecycle: step-by-step guidelines

The purpose of this document is to provide additional information on a step-by-step approach for achieving secure development lifecycle, in addition to the Phase 1 and Phase 2 baseline requirements. The document aims to provide a deep dive into the topic of secure development lifecycle and define best practices for achieving the same. This includes the following steps: identifying the basic steps for a development lifecycle model and developing best practices for a secure development lifecycle.
Download PDF
Principle 6: Education

Principle Use Cases – AES

How can companies increase the cybersecurity awareness of their employees? AES shares their take on implementing new and innovative training model that drives engagement.
Download PDF
Principle 1: Ownership for cyber and IT security

Principle Use Cases – IBM

How can companies ramp up their cybersecurity capacities and upgrade skills to provide a confident response to incidents? IBM shares their take on how they trained their customers to be proactive responders in a new Charter of Trust Principle Use Case.
Download PDF
Principle 2: Responsibility throughout the digital supply chain

Principle Use Cases – Mitsubishi

How can companies cooperate to improve their supply chain security? Mitsubishi shares their take on developing a joint approach among partners to establish common cybersecurity awareness practices in a new Chater of Trust Principle Use Case.
Download PDF
Principle 8: Transparency and response

Principle Use Cases – Atos

What are the main challenges and opportunities of Threat Intelligence sharing? Atos shares their take on bringing together experts from various partners and why this is a smart move.
Download PDF
Artificial Intelligence

Principle Use Cases – Bosch

What approach can businesses take to resolving problems concerning Artificial Intelligence? Bosch details their experience based on the VCIO approach. Learn more in their Principle Use Case.
Download PDF
Principle 6: Education

Principle Use Cases – Allianz

How to keep employees aware of cyber risks and up-to-date with how to self-protect against cyber-attacks? Learn from Allianz as they share their best practices in a #UseCase under Charter Of Trust principle 6 "Education".
Download PDF
Principle 7: Cyber-resilience through conformity and certification

Principle Use Cases - NXP

Security risks with IoT devices are varied and diverse. On this, NXP shares their solution, in particular regarding the implementation of the high security standards for both critical suppliers and own products.
Download PDF
Principle 2: Responsibility throughout the digital supply chain

Principle Use Cases - Siemens

Drawing from experience, Siemens shares its best practices and lessons learned concerning improving a cybersecurity posture.
Download PDF
Principle 3: Security by default

Achieving Security by Default for processes, operations & architectures

17 Baseline Requirements aimed at enabling security into the design of processes, operations and architectures.
Download PDF
Principle 6: Education

CoT Education White Paper 2021: Transforming Human Behavior in Cybersecurity

In its White Paper 2021, the Charter of Trust Principle 6 Education Taskforce shares practical advice on how to create a cybersafe culture based on the experience of CoT leaders. To this end, the paper outlines seven key recommendations for industry and government, which at the same time are a joint commitment of CoT Partners and Associated Partners.
Read more
Principle 3: Security by default

Achieving Security by Default: An Explanatory Document for the Phase 2 “Processes, Operations, Architectures” Baseline Requirements

The objective of this Explanatory Document is to provide additional information on the Phase 2 “Processes, Operations, Architectures” Baseline Requirements.
Download PDF
Principle 3: Security by default

Achieving Security by Default: An Explanatory Document for the Phase 1 “Products, Functionalities, Technologies” Baseline Requirements

The objective of this Explanatory Document is to define the critical cybersecurity requirements needed to deliver secure products, processes, services and business models.
Download PDF
Principle 3: Security by default

Achieving Security by Default for products, functionalities & technologies

Baseline Requirements aimed at enabling security into the design of products, functionalities and technologies.
Download PDF
Principle 6: Education

COVID 19 and how to securely work from home – key recommendations

The current COVID 19 crisis has led to an exponential increase in the numbers of WFH – people working from home – to safeguard public health. At the same time, there is an increased risk in terms of Cybersecurity.
Read more
Priniciple 2: Responsibility throughout the digital supply chain

Common risk-based approach for the Digital Supply Chain

Responsibility throughout the digital supply chain
Companies – and if necessary – governments must establish risk-based rules that ensure adequate protection across all IoT layers with clearly defined and mandatory requirements. Ensure confidentiality, authenticity, integrity, and availability by setting baseline standards, such as
– Identity and access management: Connected devices must have secure identities and safeguarding measures that only allow authorized users and devices to use them.
– Encryption: Connected devices must ensure confidentiality for data storage and transmission purposes, wherever appropriate.
– Continuous protection: Companies must offer updates, upgrades, and patches throughout a reasonable life cycle for their products, systems, and services via a secure update mechanism.

Based on this statement, the CoT members developed a common risk-based approach aligned with international norms to help improve cybersecurity and provide visibility through the supply chain. Three elements form this risk-based approach:
– Baseline requirements are common for all digital suppliers and define the fundamentals that a supplier must address in order to ensure the cybersecurity foundations for their product/service
– Supplier criticality Digital suppliers have different criticalities depending on risk factors, which are also dependent on the context viewed by the purchaser
– Verification Verification to the baseline requirements is dependent on the criticality of the supplier

The purpose of this document is to describe such a risk-based approach and its impact on the digital supply chain with a focus on the various stakeholders throughout the digital supply chain.
Download PDF
Principle 6: Education

Seeing cybersecurity as an opportunity

How to protect your business effectively: specific measures for small and medium-sized enterprises.

Read more
circles

Get in touch with us

Sign up for our newsletter to stay informed with the latest updates, in-depth reports, and expert insights on cybersecurity.
More about our newsletter More about our newsletter
First and Last Name*
Email*
More about our newsletter More about our newsletter
For a secure digital world.
Get in Touch
Contact us here
contact@charteroftrust.info
Follow us
linkedin linkedin

Website by bg

charteroftrust.com Website © 2024