Charter of Trust

For a secure digital world. Cybersecurity is becoming the most important security topic of the future – particularly in the age of digitalization.

Learn more about Cybersecurity at Siemens

Our motivations People and organizations need to trust that their digital technologies are safe and secure; otherwise they won’t embrace the digital transformation. Digitalization and cybersecurity must evolve hand in hand.

The digital world changes everything. Artificial intelligence and big data analytics are revolutionizing our decision makings; billions of devices are being connected by the Internet of Things and interacting on an entirely new level and scale.

We wish to protect the data and assets of individuals and businesses.

Goal 1 of the Charter of Trust

We wish to prevent damage from people, businesses, and infrastructures.

Goal 2 of the Charter of Trust

As much as these advancements are improving our lives and economies, the risk of exposure to malicious cyber attacks is also growing dramatically. Failure to protect the systems that control our homes, hospitals, factories, grids, and virtually all of our infrastructures could have devastating consequences. Democratic and economic values need to be protected against cyber and hybrid threats.

But no entity can take on this topic alone – regardless of how well set up we may be. The powers of politics, business and society must be pooled together – because cybersecurity concerns us all. To discuss the matter, we are using important worldwide forums. Together we will light the way and sign the Charter of Trust, showing how we can make the digital world more secure.

Together we wish to build a reliable basis for trust in a connected and digital world.

Goal 3 of the Charter of Trust

Our answer: the Charter of Trust Cybersecurity is and has to be more than a seatbelt or an airbag here; it's a factor that's crucial to the success of the digital economy. People and organizations need to trust that their digital technologies are safe and secure; otherwise they won't embrace the digital transformation. That's why we are signing together a Charter of Trust bearing the principles that are fundamental to a secure digital world.

Ownership for cyber and IT security

Anchor the responsibility for cybersecurity at the highest governmental and business levels by designating specific ministries and CISOs. Establish clear measures and targets as well as the right mindset throughout organizations – “It is everyone’s task”.

Responsibility throughout the digital supply chain

Companies – and if necessary – governments must establish risk-based rules that ensure adequate protection across all IoT layers with clearly defined and mandatory requirements. Ensure confidentiality, authenticity, integrity, and availability by setting baseline standards, such as

Identity and access management: Connected devices must have secure identities and safeguarding measures that only allow authorized users and devices to use them.
Encryption: Connected devices must ensure confidentiality for data storage and transmission purposes, wherever appropriate.
Continuous protection: Companies must offer updates, upgrades, and patches throughout a reasonable lifecycle for their products, systems, and services via a secure update mechanism.

Security by default

Adopt the highest appropriate level of security and data protection and ensure that it is preconfigured into the design of products, functionalities, processes, technologies, operations, architectures, and business models.

User-centricity

Serve as a trusted partner throughout a reasonable lifecycle, providing products, systems, and services as well as guidance based on the customer’s cybersecurity needs, impacts, and risks.

Innovation and co-creation

Combine domain know-how and deepen a joint understanding between firms and policymakers of cybersecurity requirements and rules in order to continuously innovate and adapt cybersecurity measures to new threats; drive and encourage i.a. contractual Public Private Partnerships.

Education

Include dedicated cybersecurity courses in school curricula – as degree courses in universities, professional education, and trainings – in order to lead the transformation of skills and job profiles needed for the future.

Certification for critical infrastructure and solutions

Companies – and if necessary – governments establish mandatory independent third-party certifications (based on future-proof definitions, where life and limb is at risk in particular) for critical infrastructure as well as critical IoT solutions.

Transparency and response

Participate in an industrial cybersecurity network in order to share new insights, information on incidents et al.; report incidents beyond today’s practice which is focusing on critical infrastucture.

Regulatory framework

Promote multilateral collaborations in regulation and standardization to set a level playing field matching the global reach of WTO; inclusion of rules for cybersecurity into Free Trade Agreements (FTAs).

Joint initiatives

Drive joint initiatives including all relevant stakeholders in order to implement the above principles in the various parts of the digital world without undue delay.

Our partners In order to keep pace with continuous advances in the market as well as threats from the criminal world, businesses and governments need to coordinate their actions in a targeted manner. We are therefore joining together to protect our democratic and economic values against cyber and hybrid threats. In this charter, the signing partners outline the key principles we consider essential for establishing a new charter of trust between society, politics, business partners, and customers.

Siemens AG

At Siemens, cybersecurity is an utmost priority. With its unique combination of cybersecurity expertise and in-depth industry knowledge, Siemens is a trusted and preferred partner for customers striving to improve cybersecurity for their industrial assets – from factories to power grids to healthcare applications.

AES

Directly aligned to our primary value of safety, the mission of the AES cyber program is keep our systems, assets, data, and people protected by employing a multi-layered approach to inform, detect, mitigate and respond to cyber threats.

Airbus

Confronted to the daily threats of cyber attacks, organisations need to secure their systems and their infrastructures with solutions adapted to their specific needs and operational constraints. Airbus cybersecurity means over 650 experts dedicated to protect governments, critical national infrastructures and industries against cyber attacks, thanks to trusted European products, services and technologies.

Allianz

Increasing digitalization offers ever more opportunities, but also more challenges. The Allianz Risk Barometer 2018 found that companies around the globe consider cyber incidents as one of the top risks to their organizations. Allianz believes in a digital future, but also a secure one, especially for our customers and their data.

Atos

At Atos, Security is at the heart of everything we do. With a global team of over 4,500 security specialists and a worldwide network of Security Operation Centers we solve the growing challenge of cybersecurity for organizations and companies. We believe that data, combined with human intelligence and expertise, is key to fighting today’s threats. We harness automation and machine learning to understand – and predict – the threat landscape.

Daimler

As a renowned brand, Daimler values the trust of its customers, business partners and employees. Naturally, we extend this claim to our entire range of products and activities thereby consciously including Cybersecurity. For us, Cybersecurity goes beyond applying patches to software, mere code reviews and penetration tests. Cybersecurity at Daimler is a holistic approach to secure all cyber assets.

Enel

Digital technologies enable us to improve our traditional business, as well as to tap completely new market spaces, helping to leverage the large amount of information available and to anticipate new trends. But at the same time IT risks are growing steadily. That’s why at Enel cybersecurity is a fundamental element of the digital strategy.

IBM

IBM Security offers one of the most advanced and integrated portfolios of enterprise security products and services. The portfolio, supported by world-renowned IBM X-Force® research, enables organizations to effectively manage risk and defend against emerging threats.

MSC

Policymakers and companies are called upon to shape the future of cyberspace. The Munich Security Conference has actively been trying to accelerate this dialog for years.

NXP

Human interaction with smart devices and services is fast becoming an integral part of daily life. From home automation to manufacturing, medicine and transport, the world increasingly relies on smart connectivity. As more devices become connected through the Internet of Things (IoT) and cybersecurity attacks more sophisticated, integrated security solutions with the latest cryptographic techniques are critical for preventing system attacks and protecting private user information.

SGS

Increasing connectivity of equipment, systems and applications in cyber-physical networks creates risk. The targets of cyber attacks vary, from PCs and smart phones, smart meters and smart home solutions, to cars with internet capabilities. The effects can be devastating for your data and/or functionality.

Deutsche Telekom

The digitization of society is continuing at a rapid pace – and there are no limits to this trend. However, people will only embrace and support digitization if they can be sure that their data is secure and protected – this is a matter of trust. Thus international solutions and cross-industry initiatives, like the Charter of Trust, are needed.

Signing the Charter of Trust On March 8, 2018, the time has come again: During CERAWeek in Houston, Texas, other companies signed the Charter of Trust. After the Munich Security Conference in February 2018, we once again set the pace for binding rules and standards that build trust in cybersecurity and drive forward digitalization globally.

The Charter of Trust

The key aspects in a nutshell. Learn about the Charter of Trust and the features that make it so special, and get to know the 10 basic principles for a safer digital world.

The Charter presentation

If you’d like to learn more about the Charter's background, the agreed measures and objectives, the importance of the ten principles, and how the Charter can be developed into a global standard for cybersecurity, then take a look at our presentation.

Charter of Trust presentation

The press feature

At internationally important conferences, partners in industry, politics and society will sign the Charter of Trust for a more secure digital world. Our press feature provides background information, statements, and facts and figures.

To the press feature

Our PoF feature on Cybersecurity

Working together to strengthen Cybersecurity

Digital connectivity is making our lives easier and boosting business competitiveness. However, the risk of cyber attacks is increasing as well, causing governments and companies to join forces in defense.

Find out more in our innovation magazine Pictures of the Future

PoF feature on Cybersecurity