On 29 October, the Charter of Trust Principle 8 ‘Transparency and Response’ hosted its first-ever webinar on the cybersecurity threat landscape with leading experts in the field. The session started with an overview of the 2020 threat landscape, examined how the Charter of Trust is sharing threat information among its members through its Human-to-Human network and by building a threat information sharing community supported by a leading platform.
The session was introduced by Jonathan Sage, Government and Regulatory Affairs Executive at IBM and Principle 8 Taskforce Lead. Launched in 2018, the Charter of Trust aims to drive security in an insecure, connected world and all of its members collaborate to implement the Charter’s 10 Principles. The Principle 8 Taskforce ‘Transparency and Response’ aims to achieve the following objectives:
- Establish appropriate corporate policies that allow threat information sharing for individuals within the CoT;
- Establish a strategic and operational threat information response forum within the CoT;
- Leverage an existing platform that allows threat information sharing, therefore augmenting awareness and enabling scaling to supply chain.
Kevin Albano, Associate Partner at IBM Security X-Force Threat Intelligence, presented the current threat landscape amid the COVID-19 pandemic. The global proliferation of ransomware puts companies worldwide at higher risk as they are facing “Human-Operated” Ransomware-as-a-Service operations. Following the payment of a ransom, threat actors are further motivated to increase both the number of attacks and the price of the ransom itself.
This was followed by an industry panel discussion moderated by Jonathan Sage:
- Holger Steinlechner, Senior Security Specialist at Allianz, provided insight on the provenance and challenges of threat information sharing. Companies share indicators of compromise, knowledge and insights into incidents to improve their defenses against attackers. Among the prerequisites, trust is an essential component of threat information sharing.
- Regarding the Internet of Things (IoT), Hans de Jong, Senior System Architect and Fellow at NXP, highlighted that the hardware and the firmware cannot be updated easily or at all. Therefore, incidents must be shared with trusted entities who are affected or have to take action.
- Karl Alles, Group Security Officer at Atos, noted that the increasing complexity of the supply chain and very well-organized adversaries require a timely availability of threat information. Within the Principle 8 Taskforce, members exchange regularly as part of the Human-to-Human Network using the Information Sharing Traffic Light Protocol (ISTLP) adapted for the CoT.
Choo Kim-Isgitt, Chief Revenue Officer at TruSTAR, presented the TI sharing platform used within the Human-to-Human Network, which features enclaves to manage various sources with cloud-based data repositories. As illustrated by the City of Los Angeles CyberLab, private enclaves are also made available for each member.
The audience. which was comprised of governmental and industry stakeholders from around the world as well as fellow CoT representatives, was invited to share their thoughts and questions with our panelists throughout the discussions and during our Q&A session.
To hear the full discussion between our experts, make sure to check-out the recorded webinar above and stay tuned for more Charter of Trust webinars coming soon!
PREVIOUS POST
Charter of Trust Webinar: "How the Charter of Trust’s Risk-Based Approach can help you secure your supply chain"
NEXT POST
AI & Cybersecurity: A Double-Edged Sword?
You may also like
External Engagement
AI & Cybersecurity: A Double-Edged Sword?
The Charter of Trust hosted the first edition of its CyberTrust Talks series on:
AI & Cybersecurity: A Double-Edged Sword
Date: Thursday, 7th December
Event: Lunch event (12:00-13:30 CET)
Location: Microsoft Centre, Rue Montoyer, 51, 1000 - Brussels
The event, moderated by Dr. Sumit Chanda, Global CISO at Eviden and Co-Chair of Advocacy and Communications Taskforce of the Charter of Trust, addressed the complex and evolving relationship between AI and cybersecurity.
An introductory speech was delivered by Charter of Trust Partner Microsoft's Jeremy Rollison, Head of EU Policy and Senior Director of EU Government Affairs.
The discussion featured esteemed panelists:
Natalia Oropeza, Chairwoman of the Charter of Trust & Global Chief Cybersecurity Officer & Chief Diversity Officer, Siemens AG
Christian D'Cunha, Head of the Cyber Coordination Task Force in DG CONNECT of the European Commission
Dr. Eric Vetillard, Lead Certification Expert at ENISA
Dr. Christoph Peylo, AI Task Force Lead of the Charter of Trust & Chief Cybersecurity Officer at Bosch
Dr. Jochen Friedrich, Technical Relations Executive at IBM
The event provided a platform to explore threats and opportunities at the intersection of AI and cybersecurity, as well as the implications of upcoming EU legislation and new governance approaches.
This first edition was a great success with over 90 people attending in-person and online. The key takeaways were:
• AI is shifting the paradigm and changing the whole concept of the computation and cybersecurity
• The technology opens great opportunities but also poses significant risks, which we need to better understand and learn to prevent
• The AI Act is an important milestone in making AI safe and trustworthy, but its implementation may pose challenges for the industry
• Charter of Trust, as an alliance of global leaders in cybersecurity and AI, can play an important role helping business to ensure trustworthiness of AI and increased cybersecurity
AI & Cybersecurity: A Double-Edged Sword
Date: Thursday, 7th December
Event: Lunch event (12:00-13:30 CET)
Location: Microsoft Centre, Rue Montoyer, 51, 1000 - Brussels
The event, moderated by Dr. Sumit Chanda, Global CISO at Eviden and Co-Chair of Advocacy and Communications Taskforce of the Charter of Trust, addressed the complex and evolving relationship between AI and cybersecurity.
An introductory speech was delivered by Charter of Trust Partner Microsoft's Jeremy Rollison, Head of EU Policy and Senior Director of EU Government Affairs.
The discussion featured esteemed panelists:
Natalia Oropeza, Chairwoman of the Charter of Trust & Global Chief Cybersecurity Officer & Chief Diversity Officer, Siemens AG
Christian D'Cunha, Head of the Cyber Coordination Task Force in DG CONNECT of the European Commission
Dr. Eric Vetillard, Lead Certification Expert at ENISA
Dr. Christoph Peylo, AI Task Force Lead of the Charter of Trust & Chief Cybersecurity Officer at Bosch
Dr. Jochen Friedrich, Technical Relations Executive at IBM
The event provided a platform to explore threats and opportunities at the intersection of AI and cybersecurity, as well as the implications of upcoming EU legislation and new governance approaches.
This first edition was a great success with over 90 people attending in-person and online. The key takeaways were:
• AI is shifting the paradigm and changing the whole concept of the computation and cybersecurity
• The technology opens great opportunities but also poses significant risks, which we need to better understand and learn to prevent
• The AI Act is an important milestone in making AI safe and trustworthy, but its implementation may pose challenges for the industry
• Charter of Trust, as an alliance of global leaders in cybersecurity and AI, can play an important role helping business to ensure trustworthiness of AI and increased cybersecurity
Read more
December 08, 2023
•
External Engagement
Charter of Trust Webinar: "How can you protect your business using the SDLC approach in the dynamic regulatory environment and threat landscape?"
On October 19th 2023, we hosted our latest webinar to discuss how Charter of Trust's approach helps improving cybersecurity by establishing a culture of security by default in businesses’ production chain and using a Secure Development Lifecycle approach.
Read more
October 19, 2023
•
Security by Default
Webinar: Protect your business using the Secure Development Lifecycle approach
The Charter of Trust’s Principle 3 Taskforce is pleased to invite you to a webinar on Thursday, 19th October 2023 14:00-15:00 CEST
How the can you protect your business using the Secure Development Lifecycle approach in a dynamic regulatory environment and threat landscape?
Join us and discuss with our experts how the Charter of Trust's step-by-step guidelines for the Secure Development Lifecycle can assist you in enhancing cybersecurity through in Security by Default and Security by Design strategies.
The Charter of Trust consists of 10 Principles and this webinar is brought to you by the Charter’s Taskforce on Principle 3 “Security by Default”. Experts in this taskforce work to establish and adopt the highest appropriate level of security and data protection and ensure that it is preconfiguered into the design of products, functionalities, process, technologies, operations, architectures, and business models. We call this our Baseline Requirements: With them in mind, you can ensure confidentiality, authenticity, and integrity within your systems.
In this webinar, you can learn how to bridge the two sets of baseline requirements, first for products, functionalities, and technologies, second for processes, operations, and architecture. It shows you step-by-step how a product or service can be designed integrating baseline security mechanisms. To make this knowledge highly actionable for you, experts from TÜV SÜD, IBM, Atos and our guest from the Cloud Security Alliance will share best practices with insights and examples.
How the can you protect your business using the Secure Development Lifecycle approach in a dynamic regulatory environment and threat landscape?
Join us and discuss with our experts how the Charter of Trust's step-by-step guidelines for the Secure Development Lifecycle can assist you in enhancing cybersecurity through in Security by Default and Security by Design strategies.
The Charter of Trust consists of 10 Principles and this webinar is brought to you by the Charter’s Taskforce on Principle 3 “Security by Default”. Experts in this taskforce work to establish and adopt the highest appropriate level of security and data protection and ensure that it is preconfiguered into the design of products, functionalities, process, technologies, operations, architectures, and business models. We call this our Baseline Requirements: With them in mind, you can ensure confidentiality, authenticity, and integrity within your systems.
In this webinar, you can learn how to bridge the two sets of baseline requirements, first for products, functionalities, and technologies, second for processes, operations, and architecture. It shows you step-by-step how a product or service can be designed integrating baseline security mechanisms. To make this knowledge highly actionable for you, experts from TÜV SÜD, IBM, Atos and our guest from the Cloud Security Alliance will share best practices with insights and examples.
Read more
October 19, 2023
•
