“Why is identity and access management key to ensure the security of the default configuration settings of assets?" This is the issue that high-level speakers from IBM, NXP, TÜV SÜD and ATOS discussed during the Principle 3 “Security by Default” taskforce’s webinar, on 16 February 2022.

Identified as one of the baseline requirements outlined by the Taskforce, identity and access management means that access to assets must be limited to authorized identities only and managed based on risk and the principle of least privilege. This principle refers to requirements that would only allow access to necessary information and resources.

Find the webinar’s key findings from our speakers below or watch the recorded session if you missed it !

• “Identity and Access management at information system level is fundamental to ensure integrity of the asset during its development and manufacturing” – Security Certification Expert Thomas Ben, NXP

• “ Risk based appropriateness is key when our baseline requirements, in particular Identity and Access Management, are supposed to be applied” – Senior Expert IT Security Josef Gunter, TÜVSÜD

• “A unique identification of an asset or person is mandatory for authentication. It is then leveraged when applying the authorization policy. Unique identities are paramount for asset management” – Thierry Winter, CTO Evidian IAM Products, Atos

Speakers included:

Sudhir Ethiraj, Global Head of Cybersecurity Office (CSO),

Angelika Steinacker, CTO Identity & Access Management, IBM

Josef Güntner, Senior Expert IT Security, TÜV SÜD

Thomas Ben, Security Certification Expert, NXP

Thierry Winter, CTO Evidian IAM Products, Atos

You may also like

Security by Default Webinar: Protect your business using the Secure Development Lifecycle approach
icon Security by Default

Security by Default Webinar: Protect your business using the Secure Development Lifecycle approach

The Charter of Trust’s Principle 3 Taskforce is pleased to invite you to a webinar on Thursday, 19th October 2023 14:00-15:00 CEST

How the can you protect your business using the Secure Development Lifecycle approach in a dynamic regulatory environment and threat landscape?

Join us and discuss with our experts how the Charter of Trust's step-by-step guidelines for the Secure Development Lifecycle can assist you in enhancing cybersecurity through in Security by Default and Security by Design strategies.

The Charter of Trust consists of 10 Principles and this webinar is brought to you by the Charter’s Taskforce on Principle 3 “Security by Default”. Experts in this taskforce work to establish and adopt the highest appropriate level of security and data protection and ensure that it is preconfiguered into the design of products, functionalities, process, technologies, operations, architectures, and business models. We call this our Baseline Requirements: With them in mind, you can ensure confidentiality, authenticity, and integrity within your systems.

In this webinar, you can learn how to bridge the two sets of baseline requirements, first for products, functionalities, and technologies, second for processes, operations, and architecture. It shows you step-by-step how a product or service can be designed integrating baseline security mechanisms. To make this knowledge highly actionable for you, experts from TÜV SÜD, IBM, Atos and our guest from the Cloud Security Alliance will share best practices with insights and examples.
October 19, 2023
5 min read
Charter of Trust Position on the EU Cyber Resilience Act
icon External Engagement

Charter of Trust Position on the EU Cyber Resilience Act

The Charter of Trust welcomes the Commission’s proposal for horizontal rules introducing cybersecurity requirements for connected products. We believe that improving products and software development practices and transparency will benefit the entire cybersecurity ecosystem. Policymakers should, however, ensure seamless and clear application between the CRA and other product-related and cybersecurity legislations to provide more legal certainty to businesses across the supply chain.
September 25, 2023
5 min read
Making the digital world a safer place through cyber threat knowledge sharing
icon External Engagement

Making the digital world a safer place through cyber threat knowledge sharing

By Julian Meyrick, Managing Partner & Vice President, Security Strategy Risk & Compliance, Security Transformation Services Software, IBM Security
February 23, 2023
5 min read