Relevance to Theme: The workshop directly addresses one of the main themes of IGF 2019: Security, Safety, Stability, Resilience. It aims to bring IGF participants closer to identifying the need of collaboration for a more secure digital world. (A) Relevance of Charter of Trust Charter of Trust is a joint initiative of the Munich Security Conference and 15 multinational companies (AES, Airbus, Allianz, ATOS, CISCO, Daimler, Dell, Deutsche Telekom, IBM, Mitsubishi Heavy Industries, NXP, SGS, Siemens, Total, TÜV Süd) that operate across various business sectors and are committed to improving cybersecurity in the global economy. These companies are united in the firm believe that cybersecurity is a necessary condition for the success of the digital economy. Digitalization and cybersecurity must evolve hand in hand; users need to trust that their digital technologies are safe and secure. To achieve this objective, Charter of Trust has set out 10 principles for cybersecurity. The Munich Security Conference and member companies engage with business partners, regulators, think tanks and academia to define these principles and work on a swift implementation in daily business operations. Therefore, we believe Charter of Trust can contribute to an aspirational yet pragmatic debate about cybersecurity at the IGF. (B) Relevance of workshop topic Cybersecurity is only as strong as the weakest link in a given system. Therefore, the Charter of Trust Principle 2 sets out the aspiration to ensure that global supply chains meet cybersecurity standards. Companies – and if necessary – governments must establish risk-based rules that ensure adequate protection across all IoT layers with clearly defined and mandatory requirements. Ensure confidentiality, authenticity, integrity, and availability by setting baseline standards. In the workshop we will discuss questions, such as - Identity and access management: Connected devices must have secure identities and safeguarding measures that only allow authorized users and devices to use them. - Encryption: Connected devices must ensure confidentiality for data storage and transmission purposes, wherever appropriate. - Continuous protection: Companies must offer updates, upgrades, and patches throughout a reasonable lifecycle for their products, systems, and services via a secure update mechanism. The workshop will cover the responsibility of companies and address the need of collaboration on a global scale with further industry partners, governments and as well with civil society. It will also be based on concrete examples of companies from Charter of Trust, and how they overcome security and safety crises.
Relevance to Internet Governance: The digital world is changing everything. Today, billions of devices are connected through the Internet of Things. While this creates great opportunities, it also harbours great risks – ranging from data breaches to serious risks to life and limb where the digitalisation creates complex cyber-physical systems. To make the digital world more secure, the member organisations of Charter of Trust have joined their forces. Taking the spirit of the Paris Peace Call, which Charter of Trust offically supports, the workshop would focus on how cyber and IT security can be enhanced globally.