Does your vendor care about deploying security patches or firmware updates? Do they understand the constrains of an Internet of Things (IoT) architecture? Do they communicate important actions you need to take and are committed to conducting business at the highest standards? If you have not asked your technology vendor(s) these questions…you should. Take a look at Cisco’s security vulnerability policy and at our Code of Business Conduct to help guide the discussion.
We believe that trust is key to any successful relationship. Customers and partners trust our solutions, our advice and our support. Overall, they trust us to do the right thing. We do not take that for granted. At Cisco, every employee plays a role in building and maintaining trust. We do this by, accurately advising our customers and partners, conducting business with transparency, protecting privacy and data, creating trustworthy technologies and making sure security and privacy by design is not an afterthought. The Cisco Trust Center provides information about these and many other related topics, including the popular European General Data Protection Regulation (GDPR).
All of the above factors are especially important as our customers and partners tackle challenges created by trends like digital transformation and IoT. For example, all IoT devices predictions point to 20 billion plus devices by the year 2020. More devices mean a greater attack surface. The majority of these devices will lack the security capabilities to mitigate threats.
“The IoT is still evolving, but adversaries are already exploiting security weaknesses in IoT devices to gain access to systems—including industrial control systems that support critical infrastructure.”
Source: 2018 Annual Cybersecurity Report
Now, more than ever, we have to get security right. When done proactively and strategically, security and trust is an enabler of the IoT future and growth, not a deterrent. We work with our internal IoT stakeholders, our customers and our partners to encourage the IoT ecosystem to have the best possible posture, from a security, trust, privacy and data protection perspective. As part of these efforts, we also provide advice on IoT policies, guidelines, standards and compliance, at a corporate or national level. It is a multi-vendor job, which is why we have joined the global Charter of Trust initiative.
We value the trust that our customers put in our products and brand. We know that in order to retain your trust, we must not let you down. To that end, we focus every day and everything we do on our Trust Principles: Trustworthy, Transparent, and Accountable.
Let us know other security challenges your organization is facing and come visit us in the Cisco Live Orlando World of Solutions Industries and IOx Devnet Zone June 10th-14th, 2018 to discuss all security concerns!
Originally published for Tiago Silva as a Guest Blogger. Tiago has joined Cisco Blogs as a full contributor to several categories. Follow him here.
I like the Charter of Trust and Cisco's Trust Principles. However, I am very skeptical and would like to validate that trust on an ongoing basis. It would be great if there is a metric that outlines Cisco's trust index and the index of its vendors.
I agree Buelent. A digital trust index would be valuable but I don't think we are there as an industry. There was a good document published by Gartner on this topic recently. Part of the challenge is that there is no standard methodology to collect and present the data. The process needs to be homogeneous across the industry, with a way to verify the data, so it can be comparable. I expect more industry clarity on this in the next two to three years. Thanks for your comment.