On 29 October, the Charter of Trust Principle 8 ‘Transparency and Response’ hosted its first-ever webinar on the cybersecurity threat landscape with leading experts in the field. The session started with an overview of the 2020 threat landscape, examined how the Charter of Trust is sharing threat information among its members through its Human-to-Human network and by building a threat information sharing community supported by a leading platform.
The session was introduced by Jonathan Sage, Government and Regulatory Affairs Executive at IBM and Principle 8 Taskforce Lead. Launched in 2018, the Charter of Trust aims to drive security in an insecure, connected world and all of its members collaborate to implement the Charter’s 10 Principles. The Principle 8 Taskforce ‘Transparency and Response’ aims to achieve the following objectives:
- Establish appropriate corporate policies that allow threat information sharing for individuals within the CoT;
- Establish a strategic and operational threat information response forum within the CoT;
- Leverage an existing platform that allows threat information sharing, therefore augmenting awareness and enabling scaling to supply chain.
Kevin Albano, Associate Partner at IBM Security X-Force Threat Intelligence, presented the current threat landscape amid the COVID-19 pandemic. The global proliferation of ransomware puts companies worldwide at higher risk as they are facing “Human-Operated” Ransomware-as-a-Service operations. Following the payment of a ransom, threat actors are further motivated to increase both the number of attacks and the price of the ransom itself.
This was followed by an industry panel discussion moderated by Jonathan Sage:
- Holger Steinlechner, Senior Security Specialist at Allianz, provided insight on the provenance and challenges of threat information sharing. Companies share indicators of compromise, knowledge and insights into incidents to improve their defenses against attackers. Among the prerequisites, trust is an essential component of threat information sharing.
- Regarding the Internet of Things (IoT), Hans de Jong, Senior System Architect and Fellow at NXP, highlighted that the hardware and the firmware cannot be updated easily or at all. Therefore, incidents must be shared with trusted entities who are affected or have to take action.
- Karl Alles, Group Security Officer at Atos, noted that the increasing complexity of the supply chain and very well-organized adversaries require a timely availability of threat information. Within the Principle 8 Taskforce, members exchange regularly as part of the Human-to-Human Network using the Information Sharing Traffic Light Protocol (ISTLP) adapted for the CoT.
Choo Kim-Isgitt, Chief Revenue Officer at TruSTAR, presented the TI sharing platform used within the Human-to-Human Network, which features enclaves to manage various sources with cloud-based data repositories. As illustrated by the City of Los Angeles CyberLab, private enclaves are also made available for each member.
The audience. which was comprised of governmental and industry stakeholders from around the world as well as fellow CoT representatives, was invited to share their thoughts and questions with our panelists throughout the discussions and during our Q&A session.
To hear the full discussion between our experts, make sure to check-out the recorded webinar above and stay tuned for more Charter of Trust webinars coming soon!
PREVIOUS POST
CoT 5th Anniversary event at the Munich Security Conference 2023 - Driving Cybersecurity in Times of Conflict and Crisis
NEXT POST
A Practitioner’s Guide to Resilient Infrastructure Today & Tomorrow
You may also like
External Engagement
A Practitioner’s Guide to Resilient Infrastructure Today & Tomorrow
Cyber Resilience Took Center Stage at Munich Cyber Security Conference 2025
The Charter of Trust is proud to have organized a panel discussion on cyber resilience at this year's edition of the MCSC, bringing together some of the brightest minds in cybersecurity for a high-impact panel discussion: "A Practitioner’s Guide to Resilient Infrastructure Today & Tomorrow."
A Power-Packed Session
The session kicked off at 10 AM with Dr. Sumit Chanda, Group CISO at Eviden and Co-Chair of the Charter of Trust, introducing the alliance and setting the stage for an insightful discussion.
Next, the Charter’s latest report, "Security by Default in View of Major Cybersecurity Regulations," was presented by Sudhir Ethiraj, Global CSO & CEO Business Unit Cybersecurity Services (CSS) at TÜV SÜD. This report provides critical insights into aligning security practices with evolving regulatory landscapes.
One of the highlights of the session was a keynote from Mikko Hyppönen, Chief Research Officer at WithSecure and a global leader in the fight against cybercrime. With decades of experience at the frontlines of cybersecurity and IoT security, Mikko offered a compelling perspective on the rising threats we face today.
Joining him on the expert panel were:
- Lars König, Technical SOC Lead at Allianz
- Natalia Oropeza, Chief Cybersecurity Officer at Siemens
- Sudhir Ethiraj, Global Head of Cyber, TÜV SÜD
The panel, moderated by Dr. Ralf Schneider, Senior Fellow and Head of Cybersecurity & NextGenIT Think Tank at Allianz and Co-Chair of the Charter of Trust, explored the evolving cyber threat landscape and strategies for building resilient digital infrastructure.
Key Takeaways from the Experts
🔹 Mikko Hyppönen: "Cyber attacks aren’t just bad luck; they target vulnerabilities. Ransomware gangs have grown into cybercrime unicorns, while nation-state attackers focus on espionage and sabotage—with North Korea being the only country using cybercrime for financial gain. In today's world, data is the most valuable asset, and if data is the new oil, AI is the new refinery."
🔹 Sudhir Ethiraj: "Security by Default is more than just products—it’s about processes and organizational strategy. The Charter of Trust has set baseline cybersecurity requirements aligned with global regulations and OECD standards. Our biggest challenge? The explosion of overlapping cybersecurity regulations worldwide, none of them harmonized. We work together to bridge this gap."
🔹 Natalia Oropeza: "You cannot protect everything equally. Identify your most critical infrastructure—factories, IT applications, and business-driving processes—and prioritize their defense. Assume breaches will happen and prepare for infrastructure disruptions."
🔹 Lars König: "Understanding an adversary’s intent is crucial. Cyber threats range from espionage to financial attacks and pure disruption—each requiring a different response. The good news? We have more infrastructure and visibility than our adversaries. Our NetWatch community deploys attack sensors worldwide, tracking attackers in real time to take proactive action."
A Call to Action
This discussion made one thing clear: cyber resilience is a collective effort. To stay ahead of threats, organizations must collaborate, innovate, and implement proactive defense strategies.
With over 60 industry leaders in attendance, this session was a milestone in strengthening the global external engagement of the Charter of Trust, which remains committed to leading the charge in securing the digital future.
The Charter of Trust is proud to have organized a panel discussion on cyber resilience at this year's edition of the MCSC, bringing together some of the brightest minds in cybersecurity for a high-impact panel discussion: "A Practitioner’s Guide to Resilient Infrastructure Today & Tomorrow."
A Power-Packed Session
The session kicked off at 10 AM with Dr. Sumit Chanda, Group CISO at Eviden and Co-Chair of the Charter of Trust, introducing the alliance and setting the stage for an insightful discussion.
Next, the Charter’s latest report, "Security by Default in View of Major Cybersecurity Regulations," was presented by Sudhir Ethiraj, Global CSO & CEO Business Unit Cybersecurity Services (CSS) at TÜV SÜD. This report provides critical insights into aligning security practices with evolving regulatory landscapes.
One of the highlights of the session was a keynote from Mikko Hyppönen, Chief Research Officer at WithSecure and a global leader in the fight against cybercrime. With decades of experience at the frontlines of cybersecurity and IoT security, Mikko offered a compelling perspective on the rising threats we face today.
Joining him on the expert panel were:
- Lars König, Technical SOC Lead at Allianz
- Natalia Oropeza, Chief Cybersecurity Officer at Siemens
- Sudhir Ethiraj, Global Head of Cyber, TÜV SÜD
The panel, moderated by Dr. Ralf Schneider, Senior Fellow and Head of Cybersecurity & NextGenIT Think Tank at Allianz and Co-Chair of the Charter of Trust, explored the evolving cyber threat landscape and strategies for building resilient digital infrastructure.
Key Takeaways from the Experts
🔹 Mikko Hyppönen: "Cyber attacks aren’t just bad luck; they target vulnerabilities. Ransomware gangs have grown into cybercrime unicorns, while nation-state attackers focus on espionage and sabotage—with North Korea being the only country using cybercrime for financial gain. In today's world, data is the most valuable asset, and if data is the new oil, AI is the new refinery."
🔹 Sudhir Ethiraj: "Security by Default is more than just products—it’s about processes and organizational strategy. The Charter of Trust has set baseline cybersecurity requirements aligned with global regulations and OECD standards. Our biggest challenge? The explosion of overlapping cybersecurity regulations worldwide, none of them harmonized. We work together to bridge this gap."
🔹 Natalia Oropeza: "You cannot protect everything equally. Identify your most critical infrastructure—factories, IT applications, and business-driving processes—and prioritize their defense. Assume breaches will happen and prepare for infrastructure disruptions."
🔹 Lars König: "Understanding an adversary’s intent is crucial. Cyber threats range from espionage to financial attacks and pure disruption—each requiring a different response. The good news? We have more infrastructure and visibility than our adversaries. Our NetWatch community deploys attack sensors worldwide, tracking attackers in real time to take proactive action."
A Call to Action
This discussion made one thing clear: cyber resilience is a collective effort. To stay ahead of threats, organizations must collaborate, innovate, and implement proactive defense strategies.
With over 60 industry leaders in attendance, this session was a milestone in strengthening the global external engagement of the Charter of Trust, which remains committed to leading the charge in securing the digital future.
Read more
February 14, 2025
•
External Engagement
CyberTrust Talk returns to Brussels - Bridging the Regulatory Gap – Industry Challenges and Solutions for Aligned Cybersecurity Regulations Globally
CyberTrust Talk Returns to Brussels
Following the resounding success of its inaugural event, the CyberTrust Talk is making a much-anticipated return for its second edition. This exclusive gathering brings together renowned experts, influential industry leaders, and key policymakers to delve into some of the most pressing issues in the world of cybersecurity. The focus of this year’s event is centered on “Bridging the Regulatory Gap – Industry Challenges and Solutions for Aligned Cybersecurity Regulations Globally.”
With an increasingly interconnected world, harmonizing cybersecurity regulations has become a critical challenge. This event provides a platform for exploring innovative solutions and fostering dialogue on how to address these challenges effectively. Participants engage in the exploration of real-world case studies and actionable approaches designed to bridge the regulatory divide, particularly between Europe and the United States.
The CyberTrust Talk is more than just a discussion—it is a unique opportunity to engage with leading minds who are shaping the future of cybersecurity. Guests hear from distinguished speakers offering their expertise and perspectives, as well as gain insights into the latest trends and strategies shaping global cybersecurity policies. Beyond the thought-provoking conversations, the event also provides a space for meaningful networking, with a standing lunch offered during the first half of the day to encourage connections among attendees.
This year’s exceptional lineup of speakers includes Christiane Kirketerp de Viron, Acting Director at DG CNCT of the European Commission; Paul Timmers, Research Associate at the University of Oxford; Jean-Marc Leclerc, Director of IBM EU Policy; and Sudhir Ethiraj, Global Head of Cybersecurity Office at TÜV Süd. The discussions will be guided by the experienced moderation of Dr. Sumit Chanda, Global CISO at Eviden and Chair of the GEE Working Group of the Charter of Trust. Opening remarks will be delivered by Jeremy Rollison, Senior Director of Microsoft European Government Affairs, setting the stage for an inspiring and impactful afternoon.
Following the resounding success of its inaugural event, the CyberTrust Talk is making a much-anticipated return for its second edition. This exclusive gathering brings together renowned experts, influential industry leaders, and key policymakers to delve into some of the most pressing issues in the world of cybersecurity. The focus of this year’s event is centered on “Bridging the Regulatory Gap – Industry Challenges and Solutions for Aligned Cybersecurity Regulations Globally.”
With an increasingly interconnected world, harmonizing cybersecurity regulations has become a critical challenge. This event provides a platform for exploring innovative solutions and fostering dialogue on how to address these challenges effectively. Participants engage in the exploration of real-world case studies and actionable approaches designed to bridge the regulatory divide, particularly between Europe and the United States.
The CyberTrust Talk is more than just a discussion—it is a unique opportunity to engage with leading minds who are shaping the future of cybersecurity. Guests hear from distinguished speakers offering their expertise and perspectives, as well as gain insights into the latest trends and strategies shaping global cybersecurity policies. Beyond the thought-provoking conversations, the event also provides a space for meaningful networking, with a standing lunch offered during the first half of the day to encourage connections among attendees.
This year’s exceptional lineup of speakers includes Christiane Kirketerp de Viron, Acting Director at DG CNCT of the European Commission; Paul Timmers, Research Associate at the University of Oxford; Jean-Marc Leclerc, Director of IBM EU Policy; and Sudhir Ethiraj, Global Head of Cybersecurity Office at TÜV Süd. The discussions will be guided by the experienced moderation of Dr. Sumit Chanda, Global CISO at Eviden and Chair of the GEE Working Group of the Charter of Trust. Opening remarks will be delivered by Jeremy Rollison, Senior Director of Microsoft European Government Affairs, setting the stage for an inspiring and impactful afternoon.
Read more
January 28, 2025
•
Security by Default
“Security by Default in view of major EU Cybersecurity Regulations”
On the 29th of October our P3 Security by Default Working Group has hosted its insightful webinar, in which they dived deep into the latest developments surrounding “Security by Default in view of major EU Cybersecurity Regulations”.
🔒 Here the main points of discussion:
- Key insights into what NIS2, the European Cyber Resilience Act and other regulations mean for businesses
- Best practices for adapting to relevant regulations
- Expert strategies on how to deal with regulatory challenges
- Live Q&A with industry experts
Here the esteemed panelists
Sudhir Ethiraj, Global Head of Cybersecurity Office, TÜV SÜD (Moderator)
Dr. Angelika Steinacker, CTO IAM, Cybersecurity Services, IBM
Marko Wolf, Chief Expert Product Cybersecurity Governance, Bosch
Joe Lomako, Cybersecurity Lab Manager, TÜV SÜD
Didier Ludwig, Cybersecurity Officer, Siemens
Francesca Bosco, Chief Strategy and Partnerships Officer, CyberPeace Institute
Please find the recording of the webinar below. Follow us on LinkedIn to find out, when the next webinar is going to happen: https://www.linkedin.com/company/charter-of-trust
🔒 Here the main points of discussion:
- Key insights into what NIS2, the European Cyber Resilience Act and other regulations mean for businesses
- Best practices for adapting to relevant regulations
- Expert strategies on how to deal with regulatory challenges
- Live Q&A with industry experts
Here the esteemed panelists
Sudhir Ethiraj, Global Head of Cybersecurity Office, TÜV SÜD (Moderator)
Dr. Angelika Steinacker, CTO IAM, Cybersecurity Services, IBM
Marko Wolf, Chief Expert Product Cybersecurity Governance, Bosch
Joe Lomako, Cybersecurity Lab Manager, TÜV SÜD
Didier Ludwig, Cybersecurity Officer, Siemens
Francesca Bosco, Chief Strategy and Partnerships Officer, CyberPeace Institute
Please find the recording of the webinar below. Follow us on LinkedIn to find out, when the next webinar is going to happen: https://www.linkedin.com/company/charter-of-trust
Read more
October 29, 2024
•
