With the Charter of Trust, Siemens is taking the issue of cybersecurity to a new level. From now on, the future products of all the partner companies will be designed and implemented according to ambitious cybersecurity principles.
–Natalia Oropeza
On February 16 Siemens launched The Charter of Trust: an initiative for creating a more secure digital world. Leading technology companies met to join forces for a common denominator, better-securing data in the increasingly interconnected digital world. The Charter contains ten principles that should make the digital world more secure and also sets three important goals: Protect the data of individuals and companies; prevent damage to people, companies, and infrastructures; and create a reliable foundation for instilling trust in a networked, digital world.
Business should be outward thinking and welcome the technological convergence and digital transformation. The Charter of Trust is a proactive and transformational cybersecurity initiative formed with the realization that cyber-attacks are becoming more sophisticated and lethal, affecting all leading technology companies at their end products.
In 2018 data breaches are not only more common but also more costly for companies. In 2017, globally there were a total of 5,207 breaches and 7.89 billion information records compromised. The full 2018 breach statistics are not fully compiled yet but are already more prevalent than the year before. According to a recent study by The Ponemon Institute” Cost of Data Breach Study,” the average cost of a breach incident is now between $2.2 million to $6.9 million. Those alarming report figures do not include reputation costs incurred to doing business, which could be in the hundreds of millions for a large breach.
As Artificial Intelligence advances forward within cyberspace, the risk of cyber-attacks against companies and individuals will be even more targeted and heightened. Hackers will be able to mask attacks and trigger attacks from biometrics. They will also be able to discover and analyze targets trough machine-learning (ML) and artificial intelligence (AI) technologies.
What’s coming into the future is not predictable by anything we have experienced in the past. The evolution of AI circuitries, the evolution of tech itself over the last decade won’t necessarily apply to the evolution of the next decades.
According to Chuck Brooks, Principal Cybersecurity Growth Analyst for General Dynamics Mission Systems, “there is strong evidence that AI and ML can be valuable tools to help us navigate the cybersecurity landscape”. He notes that specifically “AI can (and is being) used to help protect against increasingly sophisticated and malicious malware, ransomware, and social engineering attacks. AI’s capabilities in contextual reasoning can be used for synthesizing data and predicting threats”. Brooks notes that we simply we don’t know yet. What’s coming into the future is not predictable by anything we have experienced in the past. The evolution of AI circuitries, the evolution of tech itself over the last decade won’t necessarily apply to the evolution of the next decades. AI and ML may become new paradigms for automation in cybersecurity.
The Siemens gathering of leaders and resolutions put forth from the meeting has now set the stage for a permanent implement the Charter of Trust that addresses 10 points for better cybersecurity in both government and the private sector. I openly embrace the concept but suggest that implementation not only include large corporations but also small business, who bear the brunt of more than 40% of all cyber-attacks. Hackers often go where the easy money is and small businesses do not have resources and are easier targets. We need the Charter of Trust to be inclusive to small business and organizations as they are significant economic cogs in the global system.
We need the Charter of Trust now because of the rapid technological transformation we are experiencing. Connectivity is now more accessible and less expensive. Compared to just a few years ago where a phone was a luxury item, most households now own multiple phones. Smart Cities are coming online and sensors are proliferating in the Internet of Things. Artificial Intelligence (AI) is on the horizon.
Enhancing cybersecurity is now a technological imperative in our digital world. It will not be a simple task, and that is why the Charter of Trust is so important to implement as guiding framework.
The internet was not built with security in mind and until recently I don’t think people really perceived the need for cybersecurity. As we continue to digitally evolve, it more and more apparent that cybersecurity is going to become a critical issue in our connected digital futures.
We are developing cybersecurity for the ecosystem we know right now. At the same time, we must reflect on how outdated our security solutions are in the present moment and how advanced are hackers and the cyber-attacks. Cybersecurity needs to advance to the comparable level of the technology we have currently. Unlearn to re-learn from our past technology; as simple as how fast car phones evolved to the actual mobile phones and utilize it as a lesson.
As emerging technologies continue to be developed it will require more advanced maintenance and agility. Therefore, The Charter of Trust should represent an adaptive lasting solution; for now, and the future. For example, as AI evolves we should keep in focus every household in the world may ultimately possess it. When we start thinking in that magnitude, we are going to develop the proactive cybersecurity. But when we are thinking from a parochial point of view, we are not going to be able to develop the kind of security that will be needed at an innovative technology in the future.
Cybersecurity expert Chuck Brooks also astutely notes that “security breaches can and will happen, but there are guiding pathways for cybersecurity, and a company’s vulnerabilities can be lessened and mitigated. This can be done via gap analysis and comprehensive planning to better understand the how, why and where of cyber vulnerabilities. Plans that are most successful need to involve the leadership at the top of companies and organizations. The Charter of Trust can be a vehicle to help provide guidance and leadership.
I believe The Charter of Trust will need constant development, and it can become an established Global Cybersecurity institution. The most satisfactory part it’s the willingness of power technology leadership united in the quest of durable solutions to the cyberattacks challenges. I believe that Siemens can and should be the pioneering force behind the Charter of Trust because of their experience in infrastructure, digitization, and cybersecurity expertise. It will probably take at least 5 years to develop a framework of adaptable (people, process, and technologies) cybersecurity solutions. Time is of the essence and we need to begin this initiative now.
Editor’s Note: This Article was Co-Authored by Chuck Brooks, one of our many esteemed Featured Contributors.
Hi,
I have been working in Security field for last 18 years, the statistics shown on breaches is a usual common story year after year. Fundamental problem is that of protocols like TCP/IP, lot of them need to be rewritten to incorporate security in them. As a small example – HTTP, we have been using for more than a decade and is still stateless, cookies are nice and are usually target of hackers. That was just an example. Vendors come up with new jargons and new ways of bundling their product solutions. In a way no one is addressing the fundamental problem of the weak protocols (from security perspective) and we are just adding patches on to them.
Thanks,