Story image

Microsoft, Cisco lead new global cybersecurity coalition CR²

10 Apr 18

Microsoft, Cisco, HSBC, Mastercard, AT&T, and JP Morgan Chase have pledged to advance cybersecurity across the globe through a new coalition designed to foster collaboration and align global security policies.

The Coalition to Reduce Cyber Risk (CR²) is the industry’s latest attempt to forge partnerships for better cyber risk management, as well as resilience in economies and infrastructure around the world.

While governments are seeking to secure national security, economic security, and public safety, the lack of synergy between them can eventually undermine security.

“Despite often useful objectives, the number of and lack of cohesion across these efforts is generating a significant risk of conflicting or competing security requirements,” CR² says on its website.

“Conflicting and competing requirements not only increase costs for companies, diverting security resources toward compliance, but also, and more importantly, could hinder the economic growth enabled by open markets and the security of essential cyber capabilities.”

Microsoft’s corporate vice president of Customer Security and Trust, Tom Burt, says cybersecurity requires organisations to work with partners, customers, and governments in today’s global, interdependent economy.

“CR² will bring these stakeholders together to advance security while also enabling the tremendous economic and societal benefits of digital transformation,” Burt explains.

According to CR²’s website, the group is tracking government efforts in developing cybersecurity guidelines, regulations and standards. These are at different maturity stages in every region, including in Asia and Europe.

Cisco’s director of Cybersecurity and Privacy Policy Eric Wegner adds, “Cisco is proud to help found CR²—a multisector, multinational industry-led effort to improve cybersecurity. We look forward to working with our private-sector partners and governments to advance standards-based, compatible frameworks for more effective cyber risk management.”

The group says it is committed to global cybersecurity improvement through the following measures:

  • Support from C-level executives for cybersecurity activities in our enterprises
  • Reliance on globally-recognised standards and best practices to secure our enterprises, products, and services
  • Dynamic assessment of cybersecurity risks facing our enterprises and investments to protect our companies and customers
  • Cybersecurity activities that go beyond compliance and reflect a holistic approach towards cyber resilience

“Some alignment of the foundational approaches to risk management would help to advance security without creating undue compliance costs, and create continuity and predictability for global as well as local enterprises,” CR² states.

“There would be more opportunities for shared learning and exchange across governments and enterprises, and the ecosystem as a whole would reap security benefits from being able to rely on a culture of effective cross-border cooperation among government authorities and industry stakeholders.”

CR² invites interested organisations to apply for membership with the coalition.

Palo Alto Networks integrates RedLock and VM-Series with AWS Security Hub
AWS Security Hub is designed to provide users with a comprehensive view of their high-priority security alerts and compliance status.
Juniper simplifies data integration to improve threat detection
Updates to the Juniper Advanced Threat Prevention Appliances leverage third-party firewalls and security data sources.
Is mobile shopping compromising your enterprise security?
When employees do their holiday shopping on company resources, security teams have a challenge with the surge in browsing and online transactions.
Different approach to malware detection needed – VMware
Security needs to move away from the traditional approach of chasing after arbitrary forms of malware.
Modernising ERP systems can help organisations comply with GDPR
“Organisations need to look for modern ERP systems that are specifically designed with GDPR in mind."
Cyber attacks develop complexity, target Windows sysad tools - report
The report explores changes in the threat landscape over the past year, uncovering trends and how they are expected to impact cybersecurity in 2019.
DanaBot banking Trojan: How to protect your organisation
DanaBot is a Trojan written in the Delphi programming language that includes banking site web injections and stealer functions.
Ping Identity announces new Identity-as-a-Service solution
PingOne for Customers is built for the developer community and provides API-based identity services for customer-facing applications.