Tools


Siemens Worldwide

Pictures of the Future

Contact

Contact

Mr. Sebastian Webel
Mr. Sebastian Webel

Editor-in-Chief

Mobile: +49 172-7169762

Werner-von-Siemens-Straße 1
80333 Munich

Pictures of the Future
The Magazine for Research and Innovation
 

Cybersecurity

Time for Action: Building a Consensus for Cybersecurity

The Charter of Trust: Ten steps to a more secure world.

Siemens has teamed up with the Munich Security Conference and other governmental and business partners to present the Charter of Trust initiative. One of the initiative’s key goals is to develop and implement rules for ensuring cybersecurity throughout the networked environment.

We rely on the digital world each and every day. We take it for granted that we can use debit cards to pay for our purchases in supermarkets, that our health data is well protected on computers in doctors’ offices, that we can use smartphones without reserve, and that we get electricity from systems to which smart grids may have just distributed the appropriate amount of energy produced by wind turbines. Wherever we go, we are surrounded by a network of bits and bytes.

However, dangers lurk everywhere as well. Criminal attacks on security gaps can cause considerable damage - whether they result in data theft at hospitals, sabotage in factories, power failures or industrial espionage. That’s why protective walls need to be erected around our digital world. People who need to access mission-critical systems need to identify themselves by biometric means or know the pertinent PIN codes. Moreover, data must be transmitted in encrypted form and protected behind firewalls. Meanwhile, antivirus programs must constantly be on the lookout for malware, and standards such as IEC 62443, which specifies the IT security of automated facilities, must provide guidelines for the protection of critical systems.

Siemens’ plant for industrial controls in the Bavarian city of Amberg is considered to be the company’s most state-of-the-art plant worldwide. An effective protection against cyber intruders is a must.

Needed: Minimum Standards for the Entire Value Chain

In spite of these barriers, we still lack mandatory basic cybersecurity criteria for the entire value chain. As a result, Siemens CEO Joe Kaeser announced in November 2017 that Siemens and the Munich Security Conference (MSC) will join governmental and business partners,to start a Charter of Trust. The signatories now include Siemens, MSC, the IT giant IBM, Daimler, the insurance company Allianz, Airbus, the world's leading inspection, verification, testing and certification company SGS, the telecommunications company Deutsche Telekom, Dell, Cisco, the oil company Total, TÜV Süd, the semiconductor producer NXP, the energy companies Enel and AES Corporation and the IT giant Atos.

One of the Charter’s aims is to set minimum general standards for cybersecurity that are in keeping with the requirements of state-of-the-art technology. “Governments need to take a leading role here. However, the standards have to be developed and implemented by the companies that are at the forefront of visualizing and shaping the future of cyberspace. That’s why the charter is so important,” says Wolfgang Ischinger, Chairman of the Munich Security Conference. “We will work together with our partners to promote this topic and fill it with content.”

“Governments need to take a leading role here. However, the standards have to be developed and implemented by the companies."

It is certainly high time for action. That was not only demonstrated by Stuxnet malware in 2010, but also by WannaCry and NotPetya ransom ware in 2017 and the recently discovered processor vulnerabilities known as Meltdown and Spectre. It is estimated that cybersecurity threats caused more than €500 billion in damages worldwide in 2016. Moreover, the risks associated with cyberattacks are steadily growing. Whereas 8.4 billion networked devices were in use in 2017, experts estimate that 20.4 billion such devices will be in operation by 2020. Threats to these devices can pose a danger to life and limb - for example, when the safety-related systems in autonomous vehicles are manipulated during production so that they fail to work in an emergency.

A milestone: The signatories with the Charter at the Munich Security Conference.

Ten Steps to a More Secure World

The Munich Security Conference (February 16–18) provided an ideal platform for laying the Charter’s groundwork before a global audience. This will not only be done by industry-leading companies, but also in the presence of political decision-makers, experts, and civil organizations. After all, cybersecurity ultimately affects us all. Siemens didn’t initiate the Charter by accident, as digital value added is rapidly becoming fundamental to industrial competitiveness. Due to its unique combination of technological expertise in cybersecurity for everything from factories and power grids to health care systems, Siemens is ideally suited to taking on a pioneering role in this field.

The Charter contains ten principles that should make the digital world more secure and also sets three important goals: Protect the data of individuals and companies; prevent damage to people, companies, and infrastructures; and create a reliable foundation for instilling trust in a networked, digital world.

Signed: the Charter of Trust.

Strengthening Trust in the Digital World

Everyone will have to pull together if this goal is to be achieved. A global network is needed where key players achieve a clear consensus regarding the basic principles of a secure digital world. According to the Charter, this includes, among other things, obligatory cybersecurity certifications for critical infrastructures and devices that might pose a danger to life and limb. It’s also essential that there be clearly defined areas of responsibility and contacts for cybersecurity at companies, governments, and public authorities.

Moreover, global networks of experts should communicate more extensively about shared, overarching risks. In addition, we need binding security standards for the rapidly growing Internet of Things, including rules for authorized access and data encryption. Last but not least, the Charter of Trust aims to make cybersecurity an integral part of the curriculums at schools and universities – doing this will be no mean feat, considering that there are far more curriculums than countries. “Besides research, this is currently our most important concern,” says Ischinger. “In this way, we don’t just want to increase people’s awareness of cybersecurity, but also give young people the tools they need to help shape the security of the digital world in the future.”

Hubertus Breuer