Meanwhile, as a result of the pandemic, people are spending more time online. Many people continue to work or study remotely. This makes it even more important that we do everything we can to ensure a healthy and safe cyberspace.
In the public sector, new laws, regulations and standards are introduced periodically. In the last two years alone, 151 countries have passed more than 180 cybersecurity laws. In the telecommunications sector, industry organizations have been working closely with other industry stakeholders to promote network security assurance specifications and independent certifications.
This has been widely accepted in the ICT industry, which is sure to play a very important role in the development and verification of secure networks.
However, we still have a lot of work to do. Cybersecurity is a complex and evolving challenge that requires close collaboration and information sharing. We are still missing a coordinated, standards-based approach across the industry, especially when it comes to governance, technical capabilities, certification, and collaboration.
In some places, there is still a misconception that the country of origin affects the security of equipment and network technology. This is simply not true. It doesn’t solve the real challenges facing our industry and prevents us from forming a unified approach.
Corporations must make cybersecurity a top priority. A serious responsibility, because your clients – and your clients – deserve it; to make sure the equipment they are using is healthy and safe.
This can only be achieved on the basis of continuous and long-term investment in cybersecurity management practices and technology. Of course, cybersecurity assurance systems cannot be developed overnight. They are the result of regular engagement, joint research and innovation with customers, partners, industry groups, regulators and standards organizations around the world.
Having a Cyber Security Transparency Center is about demonstrating commitment to this, adhering to a basic principle for security: “Assume nothing. Believe no one. Check everything.”
The idea is that both trust and mistrust should be based on facts, not feelings, not speculation, not baseless rumours. The facts must be verifiable, and that verification must be based on standards.
Transparency centers should: i) Demonstrate solutions and share experiences, ii) facilitate communication and joint innovation, and iii) provide a platform for security testing and verification; that has the best tools, test environments, and experts available to partners, customers, and industry peers.
All stakeholders can understand and try the products; and together, collaborate more closely on security standards, verification, and innovation.