Three companies just joined the nine-member Charter of Trust, which is a cybersecurity initiative started to get a better understanding and create a more cyber secure industry.
The Charter of Trust initiative released in February two months after news of a targeted malware attack on a Schneider Electric Triconex safety system in the Middle East.
The AES Corporation, Atos and Enel joined the Charter of Trust along with Siemens, and the other eight founding members, Airbus, Allianz, Daimler Group, IBM, MSC, NXP, SGS and Deutsche Telekom.
The new members ended up announced at the 2018 CERAWeek conference in Houston, TX. With America’s energy hub as its backdrop, cybersecurity was a topic of conversation at the conference, as energy is the most attacked segment within U.S. critical infrastructure.
In 2017, the U.S. Department of Energy reported America’s electricity infrastructure was in “imminent danger” from cyberattacks and are “growing more frequent and sophisticated.”
On top of that, malicious cyber activity against government and industry cost the U.S. economy between $57 billion and $109 billion in 2016 – approximately one-half of U.S. GDP, according to a report from the Council of Economic Advisors.
The Charter of Trust is a cybersecurity initiative that has three primary goals: To protect the data of individuals and businesses; to prevent harm to people, businesses, and infrastructure, and establish a reliable basis where confidence in a networked, digital world can take root and grow.
The Charter of Trust was first unveiled at the Munich Security Conference (MSC) in February where the founding companies called for binding rules and standards to ensure greater digital security and integrity in the public and private sectors.
“Cybersecurity is the most important security issue of our time,” said Joe Kaeser, chief executive, Siemens AG. “Siemens is working with key partners in industry, government and society to promote the Charter of Trust to make our digital world more secure. The transformational opportunities that exist for society and industry can only be realized if we all have confidence in, and can rely on the security of our data and connected systems.”
As the number of cyberattacks worldwide continues to grow, the hardware and software that control critical infrastructure like electricity and gas have become high-value targets. A study of the U.S. oil and gas industry by Ponemon Institute found operational technology (OT) cyberattacks now comprise 30 percent of all attacks in the U.S. oil and gas industry.
New members include The AES Corporation, a Fortune 200 global power company providing energy distribution and generation in 15 countries; Atos, a digital transformation operating company in 72 countries and supporting clients across various business sectors, including energy and utilities, and Enel, Europe’s largest power company for market capitalization, operating in more than 30 countries across five continents.
The Charter outlines ten principles to ensure companies and governments are taking action to address cybersecurity at the highest levels through a dedicated cybersecurity ministry in government and a chief information security officer at companies.
It calls for mandatory, independent certification for critical infrastructure where lives are at risk, including in the oil and gas, and power generation and distribution industries, and digital applications across all aspects of IoT. It also affirms that as technologies become increasingly digital and connected, security and data privacy functions should be preconfigured and that cybersecurity regulations should be incorporated into free trade treaties. The Charter’s signatories are also looking for greater efforts to encourage cybersecurity in vocational training and in international initiatives.