Story image

Microsoft, Cisco lead new global cybersecurity coalition CR²

10 Apr 18

Microsoft, Cisco, HSBC, Mastercard, AT&T, and JP Morgan Chase have pledged to advance cybersecurity across the globe through a new coalition designed to foster collaboration and align global security policies.

The Coalition to Reduce Cyber Risk (CR²) is the industry’s latest attempt to forge partnerships for better cyber risk management, as well as resilience in economies and infrastructure around the world.

While governments are seeking to secure national security, economic security, and public safety, the lack of synergy between them can eventually undermine security.

“Despite often useful objectives, the number of and lack of cohesion across these efforts is generating a significant risk of conflicting or competing security requirements,” CR² says on its website.

“Conflicting and competing requirements not only increase costs for companies, diverting security resources toward compliance, but also, and more importantly, could hinder the economic growth enabled by open markets and the security of essential cyber capabilities.”

Microsoft’s corporate vice president of Customer Security and Trust, Tom Burt, says cybersecurity requires organisations to work with partners, customers, and governments in today’s global, interdependent economy.

“CR² will bring these stakeholders together to advance security while also enabling the tremendous economic and societal benefits of digital transformation,” Burt explains.

According to CR²’s website, the group is tracking government efforts in developing cybersecurity guidelines, regulations and standards. These are at different maturity stages in every region, including in Asia and Europe.

Cisco’s director of Cybersecurity and Privacy Policy Eric Wegner adds, “Cisco is proud to help found CR²—a multisector, multinational industry-led effort to improve cybersecurity. We look forward to working with our private-sector partners and governments to advance standards-based, compatible frameworks for more effective cyber risk management.”

The group says it is committed to global cybersecurity improvement through the following measures:

  • Support from C-level executives for cybersecurity activities in our enterprises
  • Reliance on globally-recognised standards and best practices to secure our enterprises, products, and services
  • Dynamic assessment of cybersecurity risks facing our enterprises and investments to protect our companies and customers
  • Cybersecurity activities that go beyond compliance and reflect a holistic approach towards cyber resilience

“Some alignment of the foundational approaches to risk management would help to advance security without creating undue compliance costs, and create continuity and predictability for global as well as local enterprises,” CR² states.

“There would be more opportunities for shared learning and exchange across governments and enterprises, and the ecosystem as a whole would reap security benefits from being able to rely on a culture of effective cross-border cooperation among government authorities and industry stakeholders.”

CR² invites interested organisations to apply for membership with the coalition.

ForeScout acquires OT security company SecurityMatters for US$113mil
Recent cyberattacks, such as WannaCry, NotPetya and Triton, demonstrated how vulnerable OT networks can result in significant business disruption and financial loss.
Exclusive: Fileless malware driving uptake of behavioural analytics
Fileless malware often finds its way into organisations via web browsers (or in combination with other vectors such as infected USB drives).
'DerpTrolling’ faces jail time for Sony DoS attacks
A United States federal court has charged a 23-year-old man for the hacks on Sony Online Entertainment and other major companies back in 2014.
Kiwis concerned about being scammed – survey
This unease is warranted given the growing sophistication of scammers and their activities, and numbers of attempted fraud.
It's time to rethink your back-up and recovery strategy
"It is becoming apparent that legacy approaches to backup and recovery may no longer be sufficient for most organisations."
Dropbox strengthens security with raft of new partnerships
Integrations will keep customer content protected and secure with tools for controlling identity access, governing data, and managing devices.
Interview: Aruba’s NZ country manager talks channel strategy
“What we're taking to market is that message around simplification and having everything in one place.”
Companies swamped by critical vulnerabilities – Tenable
Research has found enterprises identify 870 unique vulnerabilities on internal systems every day, on average, with over 100 of them being critical.