Cybersecurity awareness month wraps up this week in Europe and the U.S., and it’s the perfect time to reiterate that digital transformation will only succeed if people and organizations can rely on the security of data and connected systems. Digitization and cybersecurity must progress in close association.

Security providers are responsible not only for innovating and implementing solutions, but also for building digital trust. Earlier this year, we saw the start of an initiative with great potential to make our digital world more secure and increase trust. This Charter of Trust brings together companies and players from a variety of industries to work with governments to “establish a reliable basis upon which confidence in a networked, digital world can take root and grow.”

There are currently 17 organizations in the Charter of Trust, including IBM. Last February, we signed on to 10 key principles that cover areas such as security by default, education and security responsibility in the digital supply chain. But signing the Charter was merely the start of a collaborative process to improve security. Since then, the partners have broken down the various principles into concrete recommendations and requirements that companies and governments can put in place to improve security.

How the Charter of Trust Is Tackling Security in the Digital Supply Chain

Take, for example, security in the digital supply chain. The digital supply chain for any one service often involves a broad spectrum of players, from component suppliers for industrial products to subprocessors in a cloud service. For critical applications, nine out of 10 players in the supply chain have likely already implemented advanced cybersecurity practices. However, these may differ according to the product or service, leading to increased complexity and risk.

A second tier of suppliers, categorized as lower-risk, are unlikely to be subjected to the same requirements as high-risk suppliers, but still pose a risk to overall security. If any one player falls short in any element of security, the entire supply chain is put at risk. It is the weakest link in the chain that defines its overall strength.

To tackle this challenge, we are working together with other Charter of Trust partners to put security requirements in place for all players in the supply chain across all sectors. Similar work is ongoing across the other nine principles, where we’re identifying pragmatic actions that will establish a baseline for security in the Internet of Things (IoT) environment.

Why Governments and Organizations Must Come Together to Build Digital Trust

The key to the Charter’s success is collaboration. A single company or entity cannot hedge the all-encompassing impact of digitization and cybersecurity and create a greater sense of trust for users on its own; it has to be the result of close collaboration at all levels. In our interconnected world, where we expect that tens of thousands of devices will connect to the internet every second, trust cannot be siloed within borders, sectors or companies. We need coordinated strategies to put in place criteria for security in the IoT environment.

At the heart of the Charter is a desire to “combine domain knowhow and deepen a joint understanding between firms and policymakers of cybersecurity requirements and rules in order to continuously innovate and adapt cybersecurity measures to new threats.” The private-public collaboration will improve the sharing of domain-specific threat information and stimulate common interoperable standards — for example, how threats are categorized in terms of criticality and what syntax is used to describe them. That’s why we continue to invite governments of the world to engage with the Charter of Trust as it develops.

For IBM, being active in the Charter of Trust means we can tangibly contribute recommendations for the security that we know is key to digital transformation, and help drive a collaborative effort to build trust. In the coming months, the Charter of Trust is going on the road to engage with more governments and bring new companies on board, including stops in Washington, D.C., Brussels, Munich, Rome, Tokyo and elsewhere. We look forward to welcoming new and committed partners to the Charter.

If you would like to be a part of this significant initiative, take a look online or attend one of our upcoming global events. As businesses, we must not hold back on building trust.

More from CISO

Why security orchestration, automation and response (SOAR) is fundamental to a security platform

3 min read - Security teams today are facing increased challenges due to the remote and hybrid workforce expansion in the wake of COVID-19. Teams that were already struggling with too many tools and too much data are finding it even more difficult to collaborate and communicate as employees have moved to a virtual security operations center (SOC) model while addressing an increasing number of threats.  Disconnected teams accelerate the need for an open and connected platform approach to security . Adopting this type of…

The evolution of a CISO: How the role has changed

3 min read - In many organizations, the Chief Information Security Officer (CISO) focuses mainly — and sometimes exclusively — on cybersecurity. However, with today’s sophisticated threats and evolving threat landscape, businesses are shifting many roles’ responsibilities, and expanding the CISO’s role is at the forefront of those changes. According to Gartner, regulatory pressure and attack surface expansion will result in 45% of CISOs’ remits expanding beyond cybersecurity by 2027.With the scope of a CISO’s responsibilities changing so quickly, how will the role adapt…

X-Force Threat Intelligence Index 2024 reveals stolen credentials as top risk, with AI attacks on the horizon

4 min read - Every year, IBM X-Force analysts assess the data collected across all our security disciplines to create the IBM X-Force Threat Intelligence Index, our annual report that plots changes in the cyber threat landscape to reveal trends and help clients proactively put security measures in place. Among the many noteworthy findings in the 2024 edition of the X-Force report, three major trends stand out that we’re advising security professionals and CISOs to observe: A sharp increase in abuse of valid accounts…

Topic updates

Get email updates and stay ahead of the latest threats to the security landscape, thought leadership and research.
Subscribe today