SecurityBrief New Zealand - Technology news for CISOs & cybersecurity decision-makers
Story image
Microsoft, Cisco lead new global cybersecurity coalition CR²
Tue, 10th Apr 2018
FYI, this story is more than a year old

Microsoft, Cisco, HSBC, Mastercard, AT-T, and JP Morgan Chase have pledged to advance cybersecurity across the globe through a new coalition designed to foster collaboration and align global security policies.

The Coalition to Reduce Cyber Risk (CR²) is the industry's latest attempt to forge partnerships for better cyber risk management, as well as resilience in economies and infrastructure around the world.

While governments are seeking to secure national security, economic security, and public safety, the lack of synergy between them can eventually undermine security.

“Despite often useful objectives, the number of and lack of cohesion across these efforts is generating a significant risk of conflicting or competing security requirements,” CR² says on its website.

“Conflicting and competing requirements not only increase costs for companies, diverting security resources toward compliance, but also, and more importantly, could hinder the economic growth enabled by open markets and the security of essential cyber capabilities.

Microsoft's corporate vice president of Customer Security and Trust, Tom Burt, says cybersecurity requires organisations to work with partners, customers, and governments in today's global, interdependent economy.

“CR² will bring these stakeholders together to advance security while also enabling the tremendous economic and societal benefits of digital transformation,” Burt explains.

According to CR²'s website, the group is tracking government efforts in developing cybersecurity guidelines, regulations and standards. These are at different maturity stages in every region, including in Asia and Europe.

Cisco's director of Cybersecurity and Privacy Policy Eric Wegner adds, “Cisco is proud to help found CR²—a multisector, multinational industry-led effort to improve cybersecurity. We look forward to working with our private-sector partners and governments to advance standards-based, compatible frameworks for more effective cyber risk management.

The group says it is committed to global cybersecurity improvement through the following measures:

  • Support from C-level executives for cybersecurity activities in our enterprises
  • Reliance on globally-recognised standards and best practices to secure our enterprises, products, and services
  • Dynamic assessment of cybersecurity risks facing our enterprises and investments to protect our companies and customers
  • Cybersecurity activities that go beyond compliance and reflect a holistic approach towards cyber resilience

“Some alignment of the foundational approaches to risk management would help to advance security without creating undue compliance costs, and create continuity and predictability for global as well as local enterprises,” CR² states.

“There would be more opportunities for shared learning and exchange across governments and enterprises, and the ecosystem as a whole would reap security benefits from being able to rely on a culture of effective cross-border cooperation among government authorities and industry stakeholders.

CR² invites interested organisations to apply for membership with the coalition.