Fortune 200 power company the AES Corporation, European IT services provider Atos and Italian utility Enel – Europe’s largest power company by market capitalisation – have thrown their weight behind “The Charter of Trust”, a cybersecurity initiative founded by Siemens.
The charter, launched at the 2018 Munich Security Conference, calls for binding rules and standards to boost the cyber security of critical infrastructure and further advance digitalization. Its founding signatories include Airbus, Allianz, Daimler Group and IBM.
The three new members were announced on March 8.
“Cybersecurity is the most important security issue of our time,” said Siemens’ CEO Joe Kaeser. He added: “Siemens is working with key partners in industry, government and society to promote the Charter of Trust to make our digital world more secure. The transformational opportunities that exist for society and industry can only be realized if we all have confidence in, and can rely on the security of our data and connected systems.”
As the number of cyberattacks worldwide continues to grow, the hardware and software that control critical infrastructure like electricity and gas have become high-value targets. A study of the US oil and gas industry by Ponemon Institute found that operational technology (OT) cyberattacks now comprise 30 percent of all attacks in the U.S. oil and gas industry.
US Senate Energy and Natural Resources Committee Chairman Lisa Murkowski, R-Alaska, welcoming the latest additions to the initiative, said: “It is great to see companies coming together to build trust and strengthen collaborative efforts to protect critical assets in our nation and around the world. Cybersecurity is a shared responsibility that requires partners at all levels of government and the private sector to address threats and sharpen responses.”
The Charter outlines ten principles to ensure companies and governments are taking action to address cybersecurity at the highest levels through a dedicated cybersecurity ministry in government and a chief information security officer at companies.
It calls for mandatory, independent certification for critical infrastructure where lives are at risk, including in the oil and gas, and power generation and distribution industries, and digital applications across all aspects of IoT. It also calls for cybersecurity regulations to be incorporated into free trade treaties.
Enel Group’s Chief Information Security Officer, Yuri Rassega, said: “In today’s world, technology is becoming increasingly disruptive, making the cyber threats we face all the more frequent and sophisticated. In past years Enel has been working to adopt a systemic vision that takes into account both business drivers and IT/OT/IoT systems-specific protection objectives, defines a risk-based strategy and drives a “cyber security by design” model, boosting the resilience of infrastructure and applications to face cyber threats and risks. With the signing of the Charter of Trust for a Secure Digital World, we are formalizing our commitment to an increasingly coordinated approach to cyber security.”