Story image

Microsoft, Cisco lead new global cybersecurity coalition CR²

10 Apr 2018

Microsoft, Cisco, HSBC, Mastercard, AT&T, and JP Morgan Chase have pledged to advance cybersecurity across the globe through a new coalition designed to foster collaboration and align global security policies.

The Coalition to Reduce Cyber Risk (CR²) is the industry’s latest attempt to forge partnerships for better cyber risk management, as well as resilience in economies and infrastructure around the world.

While governments are seeking to secure national security, economic security, and public safety, the lack of synergy between them can eventually undermine security.

“Despite often useful objectives, the number of and lack of cohesion across these efforts is generating a significant risk of conflicting or competing security requirements,” CR² says on its website.

“Conflicting and competing requirements not only increase costs for companies, diverting security resources toward compliance, but also, and more importantly, could hinder the economic growth enabled by open markets and the security of essential cyber capabilities.”

Microsoft’s corporate vice president of Customer Security and Trust, Tom Burt, says cybersecurity requires organisations to work with partners, customers, and governments in today’s global, interdependent economy.

“CR² will bring these stakeholders together to advance security while also enabling the tremendous economic and societal benefits of digital transformation,” Burt explains.

According to CR²’s website, the group is tracking government efforts in developing cybersecurity guidelines, regulations and standards. These are at different maturity stages in every region, including in Asia and Europe.

Cisco’s director of Cybersecurity and Privacy Policy Eric Wegner adds, “Cisco is proud to help found CR²—a multisector, multinational industry-led effort to improve cybersecurity. We look forward to working with our private-sector partners and governments to advance standards-based, compatible frameworks for more effective cyber risk management.”

The group says it is committed to global cybersecurity improvement through the following measures:

  • Support from C-level executives for cybersecurity activities in our enterprises
  • Reliance on globally-recognised standards and best practices to secure our enterprises, products, and services
  • Dynamic assessment of cybersecurity risks facing our enterprises and investments to protect our companies and customers
  • Cybersecurity activities that go beyond compliance and reflect a holistic approach towards cyber resilience

“Some alignment of the foundational approaches to risk management would help to advance security without creating undue compliance costs, and create continuity and predictability for global as well as local enterprises,” CR² states.

“There would be more opportunities for shared learning and exchange across governments and enterprises, and the ecosystem as a whole would reap security benefits from being able to rely on a culture of effective cross-border cooperation among government authorities and industry stakeholders.”

CR² invites interested organisations to apply for membership with the coalition.

Attacks targeting Cisco Webex extension explode in popularity - WatchGuard
WatchGuard's Internet Security Report for Q4 2018 also finds growing use of a new sextortion phishing malware customised to individual victims.
Developing APAC countries most vulnerable to malware - Microsoft
“As cyberattacks continue to increase in frequency and sophistication, understanding prevalent cyberthreats and how to limit their impact has become an imperative.”
Worldwide spending on security to reach $103.1bil in 2019 - IDC
Managed security services will be the largest technology category in 2019.
Privacy: The real cost of “free” mobile apps
Sales of location targeted advertising, based on location data provided by apps, is set to reach $30 billion by 2020.
Myth-busting assumptions about identity governance - SailPoint
The identity governance space has evolved and matured over the past 10 years, changing with the world around it.
Forrester names Crowdstrike leader in incident response
The report provides an in-depth evaluation of the top 15 IR service providers across 11 criteria.
Slack doubles down on enterprise key management
EKM adds an extra layer of protection so customers can share conversations, files, and data while still meeting their own risk mitigation requirements.
Security professionals want to return fire – Venafi
Seventy-two percent of professionals surveyed believe nation-states have the right to ‘hack back’ cybercriminals.