Geneva Online Roadshow: Digital supply chain and threat information sharing to strengthen cybersecurity

On 20 October, the Charter of Trust hosted its first-ever Geneva Roadshow with experts from Switzerland, from the World Trade Organization, as well as from Charter of Trust member companies. Discussions focused on how cybersecurity measures can be strengthened with collaboration in threat information sharing to increase the resilience of the digital supply chain amid growing cybersecurity threats.

The session was introduced by Siddi Wouters, Senior Vice President for Digital & Innovation at SGS, who argued that the evolving cybersecurity landscape called for harmonized cybersecurity requirements. Within the Charter of Trust, each member contributed with its own expertise in different parts of the digital supply chain to effectively promote and ensure trust. The launch of the SGS-TU Graz IT security research, education, testing and certification hub in the coming weeks was a concrete illustration of the ongoing work to strengthen cybersecurity resilience.

Florian Schütz, Swiss Federal Cyber Security Delegate, gave a keynote speech on the Swiss Cybersecurity Strategy, and highlighted how Switzerland approached current challenges in the field. For cybersecurity, Mr. Schütz argued that “hope and fear have never been good advisors” and better sharing of threat information between stakeholders was key.

Jacques Kruse Brandao, Global Head of Advocacy, Digital Trust Services at SGS, gave an introduction to the Charter of Trust and its 10 Principles. Against the development of professional hacking and growing cyber-risks, the Charter of Trust aimed to drive security in an insecure, connected world. Mr. Kruse Brandao was joined by Jonathan Sage, Government and Regulatory Affairs Executive at IBM, Karl Alles, Group Security Officer at Atos and Dr. Stefan Saatmann, Global Coordinator for Cybersecurity Policy at Siemens. The group presented how Charter of Trust members collaborate to implement the Charter’s 10 Principles.

This was followed by a panel discussion moderated by Samuel Stolton, Digital Editor at EurActiv:

Dr. Raphael M. Reischuk, Vice-President of the Cybersecurity Commission ICT Switzerland, presented the proposal for a Swiss Conformity Assessment Institute which aimed at increasing trust with certifications as ensuring conformity should not be left to the private sector alone.

Florian Schütz, Federal Cyber Security Delegate, noted that governments must take a macro-perspective of the supply chain as there are many different types of supply chains, and to ensure the integrity of the supply chain as a whole.

Alejandro Gamboa-Alder, Secretary of the Council for Trade in Goods at the World Trade Organization, argued that technology could make trade more secure thanks to e-certificates which were key to foster trust in global supply chains. Mr. Gamboa-Alder further stressed the need to report incidents without delay and mentioned the resistance of some stakeholders with regard to increasing transparency.

Mark Barwinski, Global Head of Cybersecurity Detection & Protection at Siemens, stressed that building resilience was of utmost importance, notably in a period when working from home had become the norm. Companies should therefore increase detection capabilities and enforce cyber hygiene measures. Moreover, the development of threat information sharing networks in Information Sharing and Analysis Centres (ISACs) and within the Charter of Trust helped build trust relationships that created value for each company.

Dr. Martin Schaffer, Global Head of Cybersecurity Services at SGS, noted that the proposal for a Swiss Conformity Assessment Institute was a relevant approach and constituted a complementary step to the Charter of Trust’s Principle 2 baseline requirements.

Jonathan Sage, Government and Regulatory Affairs Executive at IBM, stressed the importance to raise resilience with a risk-based approach to secure the supply chain.

Jacques Kruse Brandao concluded the discussion by inviting attendees to join the Charter of Trust Madrid Roadshow, which will take place on 3rd December, focusing on Spain’s cybersecurity strategy.