Cybersecurity awareness month wraps up this week in Europe and the U.S., and it’s the perfect time to reiterate that digital transformation will only succeed if people and organizations can rely on the security of data and connected systems. Digitization and cybersecurity must progress in close association.

Security providers are responsible not only for innovating and implementing solutions, but also for building digital trust. Earlier this year, we saw the start of an initiative with great potential to make our digital world more secure and increase trust. This Charter of Trust brings together companies and players from a variety of industries to work with governments to “establish a reliable basis upon which confidence in a networked, digital world can take root and grow.”

There are currently 17 organizations in the Charter of Trust, including IBM. Last February, we signed on to 10 key principles that cover areas such as security by default, education and security responsibility in the digital supply chain. But signing the Charter was merely the start of a collaborative process to improve security. Since then, the partners have broken down the various principles into concrete recommendations and requirements that companies and governments can put in place to improve security.

How the Charter of Trust Is Tackling Security in the Digital Supply Chain

Take, for example, security in the digital supply chain. The digital supply chain for any one service often involves a broad spectrum of players, from component suppliers for industrial products to subprocessors in a cloud service. For critical applications, nine out of 10 players in the supply chain have likely already implemented advanced cybersecurity practices. However, these may differ according to the product or service, leading to increased complexity and risk.

A second tier of suppliers, categorized as lower-risk, are unlikely to be subjected to the same requirements as high-risk suppliers, but still pose a risk to overall security. If any one player falls short in any element of security, the entire supply chain is put at risk. It is the weakest link in the chain that defines its overall strength.

To tackle this challenge, we are working together with other Charter of Trust partners to put security requirements in place for all players in the supply chain across all sectors. Similar work is ongoing across the other nine principles, where we’re identifying pragmatic actions that will establish a baseline for security in the Internet of Things (IoT) environment.

Why Governments and Organizations Must Come Together to Build Digital Trust

The key to the Charter’s success is collaboration. A single company or entity cannot hedge the all-encompassing impact of digitization and cybersecurity and create a greater sense of trust for users on its own; it has to be the result of close collaboration at all levels. In our interconnected world, where we expect that tens of thousands of devices will connect to the internet every second, trust cannot be siloed within borders, sectors or companies. We need coordinated strategies to put in place criteria for security in the IoT environment.

At the heart of the Charter is a desire to “combine domain knowhow and deepen a joint understanding between firms and policymakers of cybersecurity requirements and rules in order to continuously innovate and adapt cybersecurity measures to new threats.” The private-public collaboration will improve the sharing of domain-specific threat information and stimulate common interoperable standards — for example, how threats are categorized in terms of criticality and what syntax is used to describe them. That’s why we continue to invite governments of the world to engage with the Charter of Trust as it develops.

For IBM, being active in the Charter of Trust means we can tangibly contribute recommendations for the security that we know is key to digital transformation, and help drive a collaborative effort to build trust. In the coming months, the Charter of Trust is going on the road to engage with more governments and bring new companies on board, including stops in Washington, D.C., Brussels, Munich, Rome, Tokyo and elsewhere. We look forward to welcoming new and committed partners to the Charter.

If you would like to be a part of this significant initiative, take a look online or attend one of our upcoming global events. As businesses, we must not hold back on building trust.

More from CISO

Poor Communication During a Data Breach Can Cost You — Here’s How to Avoid It

5 min read - No one needs to tell you that data breaches are costly. That data has been quantified and the numbers are staggering. In fact, the IBM Security Cost of a Data Breach estimates that the average cost of a data breach in 2022 was $4.35 million, with 83% of organizations experiencing one or more security incidents. But what’s talked about less often (and we think should be talked about more) is how communication — both good and bad — factors into…

5 min read

Ransomware Renaissance 2023: The Definitive Guide to Stay Safer

2 min read - Ransomware is experiencing a renaissance in 2023, with some cybersecurity firms reporting over 400 attacks in the month of March alone. And it shouldn’t be a surprise: the 2023 X-Force Threat Intelligence Index found backdoor deployments — malware providing remote access — as the top attacker action in 2022, and aptly predicted 2022’s backdoor failures would become 2023’s ransomware crisis. Compounding the problem is the industrialization of the cybercrime ecosystem, enabling adversaries to complete more attacks, faster. Over the last…

2 min read

Do You Really Need a CISO?

2 min read - Cybersecurity has never been more challenging or vital. Every organization needs strong leadership on cybersecurity policy, procurement and execution — such as a CISO, or chief information security officer. A CISO is a senior executive in charge of an organization’s information, cyber and technology security. CISOs need a complete understanding of cybersecurity as well as the business, the board, the C-suite and how to speak in the language of senior leadership. It’s a changing role in a changing world. But…

2 min read

What “Beginner” Skills do Security Leaders Need to Refresh?

4 min read - The chief information security officer (CISO) was once a highly technical role primarily focused on security. But now, the role is evolving. Modern security leaders must work across divisions to secure technology and help meet business objectives. To stay relevant, the CISO must have a broad range of skills to maintain adequate security and collaborate with teams of varying technical expertise. Learning is essential to simply keep pace in security. In a CISO Series podcast, Skillsoft CISO Okey Obudulu recently said,…

4 min read