On the 29th of October our P3 Security by Default Working Group has hosted its insightful webinar, in which they dived deep into the latest developments surrounding “Security by Default in view of major EU Cybersecurity Regulations”.

🔒 Here the main points of discussion:

- Key insights into what NIS2, the European Cyber Resilience Act and other regulations mean for businesses
- Best practices for adapting to relevant regulations
- Expert strategies on how to deal with regulatory challenges
- Live Q&A with industry experts


Here the esteemed panelists

Sudhir Ethiraj, Global Head of Cybersecurity Office, TÜV SÜD (Moderator)
Dr. Angelika Steinacker, CTO IAM, Cybersecurity Services, IBM
Marko Wolf, Chief Expert Product Cybersecurity Governance, Bosch
Joe Lomako, Cybersecurity Lab Manager, TÜV SÜD
Didier Ludwig, Cybersecurity Officer, Siemens
Francesca Bosco, Chief Strategy and Partnerships Officer, CyberPeace Institute

Please find the recording of the webinar below. Follow us on LinkedIn to find out, when the next webinar is going to happen: https://www.linkedin.com/company/charter-of-trust

We're thrilled to announce that our Charter of Trust Chairwoman Natalia Oropeza has been featured in the annual IT edition of the brand eins magazine!

In an interview with Dorit Kowitz, Natalia dives deep into the pressing issues facing the cybersecurity landscape, explaining how the Charter of Trust bundles the expertise of different businesses across several regions to stay resilient in the face of evolving threats. As Natalia Oropeza says: "We all win if cybercrime doesn’t win."

Here are three key insights from her interview:
🔑 Collaboration is essential: No single organization can tackle cyber threats alone. The Charter of Trust is a prime example that businesses nowadays are more transparent when it comes to attacks and that sharing information in this field can be beneficial.
🔑 Addressing the digital skills gap: The Charter of Trust is working to address the global shortage of cybersecurity professionals by encouraging diversity and actively promoting opportunities for women to join the field.
🔑 Unified regulations: Harmonizing global cybersecurity standards will reduce vulnerabilities, helping businesses and governments combat threats more effectively.

The full interview is available here: https://lnkd.in/gRm6ZDGC

We are in the middle of Hashtag#CyberSecurityAwarnessMonth and many of our Charter of Trust Partners are promoting it with great initiatives. One of the programs that we want to highlight is last week’s panel organized by Allianz talking about “Security in light of (gen)AI”.

The complexity and urgency of this topic gathered a lot of interest, with 600+ attendees throughout the whole panel, which was composed of Jon-Paul Jones, COO at AZ Commercial, Firas Ben Hassan, GenAI expert & Manager of AllianzGPT at AZ Technology, Dr. Martin J. Krämer, External Security Awareness Advocate at KnowBe4, and Dr Sumit Chanda, Global CISO at Eviden & Chair of the Global External Engagement Working Group at the Charter of Trust.

We are pleased to see Dr. Sumit Chanda from Eviden bringing in his unique CISO insight on what these emerging technologies mean in day-to-day cybersecurity practices and bringing in the Charter of Trust perspective on this topic as well.

Thank you, Ervin Cihan and Haydn Griffiths for inviting other CoT Partners and for the great initiatives that Allianz is putting together within this year’s Security Awareness Month. And special thanks to Heather Armond for the great moderation.

In response to rising cyber threats, governments are enacting new cybersecurity laws and regulations, with some, like the United States (US), moving from voluntary public-private partnerships to more stringent regulatory approaches, while others, like the European Union (EU), are updating existing regulations (e.g. the Network and Information Security (NIS) Directive 2, or NIS 2) and creating new ones (e.g., Cyber Resilience Act, CRA). These efforts often set precedents for other nations, but the lack of international coordination in cybersecurity regulation remains a challenge. This fragmentation, coupled with shortages of cybersecurity talent, risks diverting resources from essential cyber defense to compliance, potentially increasing costs, complexity, and undermining resilience and innovation. Some solutions include reciprocity agreements, adopting international standards, and leveraging third-party assessments to streamline regulations and improve global alignment.

To read the full publication, see the download link below.

Detlef Houdeau, Senior Director, Business Development at Infineon Technologies was a speaker at the inaugural UK/EU Summit organized by our newest Associated Partners Shared Assessments.

💡Under the theme “Risk to Resilience” the first event of this series was held in London and brought together professionals from different industries and regions. Detlef participated in the panel about the complex regulatory landscape and emphasized that new legislation like the EU AI Act, DORA and Hashtag#NIS2 continue to push the standard of care on cybersecurity and other risks.

Thanks to Shared Assessments for organizing such an amazing event and inviting the Charter of Trust to participate in this high-class panel alongside Andrew Moyad, CEO at Shared Assessments.

Strong networks and effective cooperation are the key to successfully shaping the digital future in Germany. Cybersecurity is a team effort, and that was again visible last week at the 36th Cyber Security Day in Berlin.

🌐On 26 September 2024, the Bundesamt für Sicherheit in der Informationstechnik (BSI), Alliance for Cyber Security, and the DIHK invited experts, companies, authorities and political decision-makers to jointly strengthen Germany's cyber resilience.

The event was a great mix of policy debate, practical exchange, workshop and networking under the motto ‘Stronger Together: Greater Resilience through Cooperation’.

✨ One of the highlights of the day was the closing panel with Claudia Plattner, President of the BSI, Dr. Stefan Saatmann, Deputy Head Berlin Office at Siemens, Konstantin von Notz, Member of the Bundestag for B90/Greens, and Alexander von Gernler, German Informatics Society, interchanging ideas to foster resilience through collaboration. Initiatives like the CoT baseline requirements and its huge potential for international harmonizing cybersecurity regulations were discussed as well.

Let’s all work together so that closer cooperation between the BSI and businesses bring more tangible effects to increase digital resilience. Special thanks to Nils Hasenau for providing the excellent photos and also to Simon Ulmer and Ralf König for attending the event.

The Charter of Trust at the Nordic Cyber Summit
What a great opportunity for Morten Kromann, Head of Industrial Security Denmark at Siemens, to present the Charter of Trust perspective on cybersecurity regulations like Hashtag#NIS2 at the Nordic Cyber Summit in Copenhagen.

This year the summit was again a formidable event to engage with top cybersecurity experts, share insights, and discuss strategies to navigate the ever-evolving threat landscape in the Nordic region with the theme “Fortifying the Future: Building Cyber Resilience in a Transformed World”.

A main aspect highlighted by Morten was the discrepancies between the NIS2 directive’s incidents reporting timeframe and related provisions adopted in other legislations. These regulatory overlaps create difficult compliance environments for industry and costly operational pressures which add to the fragmentation of the market instead of harmonizing it. That is why the Charter of Trust emphasizes streamlining reporting requirements stemming from these different legislative frameworks and developing single entry points for reporting on the national level.

These and more points have been discussed during our Security-by-default Webinar on the 29th of October. See the events section on this website to find the recording of the webinar.

A big thank you to our Partner Allianz and to SANS Institute for inviting the Charter of Trust to participate in the high-stakes discussions at this year’s Allianz Executive Forum. The topic “Cyber-Nation Germany needs Cyber-Education” was a formidable chance for the Charter of Trust to present its commitment to support educational initiatives in the field of cybersecurity.

Our chairwoman Natalia Oropeza shared some insights from the inspiring programme “African Girls Can Code”, amplifying the message that the future of cybersecurity is diverse, committed, and highly ambitious. Furthermore, Ralf Schneider, Allianz Senior Fellow Cybersecurity and Next Generation IT, highlighted that it is everyone’s task, from everyday citizens to high-end IT experts, to educate themselves and learn about new cyber threats.

A huge shoutout to Allianz and the SANS Institute for the fantastic organization and the invitation to be part of this remarkable event!

We are excited to announce that Shared Assessments has officially joined the Charter of Trust Associated Partners Forum (APF), further reinforcing our mission to enhance global cybersecurity standards.

The APF is a collaborative network that brings together regulators, research institutes, universities, and think tanks with the Charter of Trust's contributing partners to strengthen the digital security landscape. The APF has grown over the years and already counts more than 15 partners from the Americas, Europe, and Asia.

"Shared Assessments is excited and honored to join the Charter of Trust community of cybersecurity leaders and practitioners, and we are committed to working with the organisation to improve the resilience and risk posture of their membership and their associated suppliers. Since its founding in 2018, the Charter of Trust has promoted continuous improvement in the standard of care for cybersecurity risk management. At Shared Assessments, we are fully aligned with the Charter’s vision, including the organisation’s 10 Principles and the philosophy that cybersecurity ‘is everyone’s task.’" says CEO Andrew Moyad.

Founded in 2005, Shared Assessments is a global membership organization dedicated to developing the best practices, education, and products to drive third-party risk assurance. Shared Assessments is a practitioner led organization with over 1’500 active professionals available to network across their 13 global committees disseminating papers, studies, and further research.

At Shared Assessments, the belief in collaboration and the exchange of knowledge plays a critical role in tackling today’s cybersecurity challenges. Together with them, Charter of Trust is working towards creating a stronger digital landscape across industries and borders by sharing the extensive knowledge our partners have.

We are proud to share that Charter of Trust partners actively contributed during the G7-focused workshop entitled “International Cybersecurity Regulatory Dialogue,” organised by Wilton Park and LSE on September 3-4 in the UK.

The event gathered high level representatives from G7 governments, industry and academia to discuss and identify opportunities to improve international coordination and reciprocity of cybersecurity regulations, including with respect to AI’s impact on cybersecurity. As part of this workshop, our Charter of Trust Partners highlighted the importance of advancing greater international alignment of cybersecurity regulations by providing concrete examples of challenges and risks posed by regulatory fragmentation faced by industries operating at a global level.

We hope the insights from this event will inspire our policy leaders to drive international cybersecurity regulatory alignment in the coming months. As always, the Charter of Trust remains a key alliance and an active participant in furthering the international public-private dialogue.

We are excited about the potential impact of these discussions and look forward to driving meaningful progress in international cybersecurity regulation.

We are thrilled to announce that Danfoss has officially joined the Charter of Trust alliance, further strengthening our commitment to advancing harmonised cybersecurity approaches to make the digital world of tomorrow safer.

The Charter of Trust is an industry alliance that brings together leading global companies to help establish and promote the highest standards of cybersecurity: “We are delighted to welcome Danfoss as part of the Charter of Trust. Their commitment to cybersecurity and their unique experience and expertise will further strengthen our collective efforts,” says Natalia Oropeza, Chairwoman of the Charter of Trust.

"At Danfoss, we engineer solutions that increase machine productivity, reduce emissions, lower energy consumption, and enable electrification. In an increasingly connected landscape, cybersecurity is crucial, and we firmly believe that overcoming cybersecurity challenges can only be achieved through collaboration and collective effort. Joining the Charter of Trust enables us to collaborate with industry leaders, share best practices, and address evolving cyber threats together," says Morten Pors Simonsen, Chief Information Officer, Danfoss.

Yesterday we celebrated the next generation of cybersecurity talents at the "Empowering the Next Generation of Cybersecurity Talent" event, co-organized by SANS Institute, Allianz Technology and The Charter of Trust. This event was a pivotal gathering focused on addressing the critical shortage of skilled professionals in the cybersecurity field. It was a formidable opportunity to bring together industry leaders, educators and public authorities to celebrate the graduation of aspiring cybersecurity youngsters from the CyberTalent programme and discuss future opportunities in cybersecurity education and careers.

🚀 We had the pleasure of welcoming our new graduates from diverse backgrounds and hear about their journey and ambitions in becoming skilled cybersecurity professionals.

The graduation ceremony was followed by a high-level panel discussion moderated by María del Pino González-Junco with the experts from both industry and public sector Maria Manuela Catrina, Patrick Zeitz, Ian R., Dimitra Liveri and Dr Sumit Chanda who shared insights on bridging the cybersecurity skills gap and fostering a diverse and inclusive workforce. The main takeaways from this exchange:

Different ways of thinking - "Cybersecurity skills can be taught, but the strategic mindset and the hunger to learn more certainly not". This shows the value of such initiatives like the CyberTalent, different backgrounds, different forms of tackling problems and the desire to excel can get you everywhere in cybersecurity.

Soft skills - "What we need in Cybersecurity right now are not only hard technical skills, but soft skills like communications, public affairs, public relations, creativity". Back in the day, almost everyone in cybersecurity had a degree in computer science, but those times are long gone. Talents like we have them gathered here today are the future and build the backbone of our security systems tomorrow.

Human-centred - "2/3 of all data breaches involve some form of human element". This shows that cybersecurity must go a long way to make it more human-centred. A culture of failure must be embraced and openness to constructive knowledge sharing after attacks. This is what the Charter of Trust stands for and wholeheartedly welcomes this new generation of open-minded cyber-talents.

We thank SANS Institute and Allianz for organizing this wonderful event and congratulate everyone graduating from the CyberTalents academy. We cannot wait to see, where your journey will lead you, but we are sure that your contributions to cybersecurity will be most needed.