Charter of Trust first anniversary event

German Federal Minister Peter Altmaier joins IBM and members of Charter of Trust to celebrate first anniversary 

One year ago, IBM’s Chairman and CEO, Ginni Rometty signed up our company as a founder member of the Charter of Trust, the world's first joint charter to raise trust and cybersecurity. From eight founding members, the Charter has grown to 16 members. I have been a board member over the past year and last Friday in Munich, I had the pleasure of speaking at the first anniversary event of the Charter of Trust.  

Keynote speaker Mr. Peter Altmaier, Federal Minister for Economic Affairs and Energy, Germany said that cybersecurity had become one of the most critical issues for organizations.  In an endorsement of the Charter’s work on the supply chain, Mr. Altmaier underlined that the cybersecurity chain is only as strong as the weakest link. Mr. Altmaier’s participation, together with the presence of Ms. Despina Spanou, Director for Director for Digital Society, Trust and Cybersecurity, DG Connect at the European Commission, is a clear reflection of the high regard of policy makers for the Charter of Trust.  

In our panel discussion, I was joined by my counterparts from founder companies including Siemens, Allianz and TüV SüD. We believe the work we have done in the past year puts us well on track to make digital world a safer place. The Charter of Trust sets out 10 principles. A core focus to date has been security of supply chains. Charter of Trust member companies have worked out baseline requirements and propose their implementation for making cybersecurity an absolute necessity throughout all digital supply chains. These requirements include defining and implementing appropriate levels of identity and access control and monitoring, processes to ensure that products and services are authentic and identifiable, and minimum level of regular security education and training for employees.

I made two main points in the panel:

-  Education and skills are crucial to improve cybersecurity. We need a change in mindset to develop and accept new pathways towards a career in cybersecurity. For example, IBM trains former military personnel as cyber specialists. We should enable direct entry to cybersecurity jobs from specialist tech schools or programmes such as the IBM PTech programme, recently launched in Europe. We should also ensure “learning-by-doing” for organisations’ senior management.

-  The Charter of Trust must now accelerate from theory to action. We must start to demonstrate how the requirements developed by CoT members, such as those for minimum security requirements in the supply chain, work in practice and show the benefits they bring.  

The first anniversary event was a significant milestone for the Charter of Trust. I was pleased to have the first governmental agency, the German Federal Office for Information Security, join us on stage. I have long felt we needed a more structured approach to engage with governments and now we have that through a new form of membership.  

IBM will continue to work closely with other members, driving the development of principles into actionable, effective guidance that can be used by organizations to improve cybersecurity. Just next month, IBM is hosting the second partner meeting and part of the two day program will be to carry out cyber training in a close to real environment, where learning by doing is the approach. We will also work with cybersecurity policy leaders in national governments and international organizations such as the G7 and the European Commission to bring our perspective and expertise to the development of security policy.  

Here’s a clip of a conversation I had with Mirko Ross at the Charter of Trust event where we discussed the importance of skills training for cybersecurity: https://bit.ly/2GOo1as