WEF

We asked 6 tech strategy leaders how they’re promoting security and reliability. Here’s what they said

Daniel Dobrygowski
Head, Governance and Trust, World Economic Forum
Bart Valkhof
Head, Information and Communication Technology Industry, World Economic Forum

This article is part of:Centre for the Fourth Industrial Revolution

  • Building digital trust is essential for any organization working in the tech industry.
  • The World Economic Forum’s Digital Trust Framework has been designed to support decision makers.
  • We asked six tech strategy leaders how they are promoting security and reliability.

In the rapidly evolving intelligent age, where digital trust is increasingly important, the tech sector has a responsibility to its stakeholders to ensure the technologies and services they provide will protect and uphold societal expectations and values.

The World Economic Forum’s Digital Trust Framework outlines a set of three goals – security and reliability; accountability and oversight; inclusive, ethical and responsible use – which the tech industry can use to inform decision-making in the pursuit of those aims.

In the first part of this series we focus on security and reliability, which refers to an organization’s ability to protect its technology and data against internal and external attacks, manipulations and interruptions, while operating as designed according to a clearly defined set of parameters.

These three dimensions are critical to achieving it:

  • Privacy: for individuals, it is the expectation of control over, or confidentiality of, their personal or personally identifiable information. For organizations, privacy is the meeting of this expectation through the design and manifestation of data processing that facilitates individual autonomy through notice and control over the collection, use and sharing of personal information.
  • Cybersecurity: focused on the security of digital systems – including underlying data, technologies and processes. Effective cybersecurity mitigates the risk of unauthorized access and damage to digital processes and systems, ensuring resiliency. It also ensures the confidentiality, integrity and availability of data and systems.
  • Safety: encompasses efforts to prevent harm (e.g. emotional, physical, psychological) to people or society from technology uses and data processing.

Following on from our article about the importance of trustworthy development and deployment of intelligent technologies, we asked members of the Forum’s ICT Strategy Officers Community – a globally diverse group of 40 active senior strategy leaders representing companies across the technology stack – for their insights and experiences adopting the Forum’s Digital Trust Framework principles.

Here’s what some of them had to say on promoting security and reliability.

Mark Patterson, EVP and Chief Strategy Officer, Cisco

In today’s increasingly complex threat landscape, even advanced companies struggle to keep up with modern cyber-attacks. Our recent Cybersecurity Readiness Index revealed that only 3% of organizations globally have the “mature” level of readiness needed to be resilient against today’s cybersecurity risks. With the rapid evolution of technologies like AI, cybersecurity must be pervasive throughout your infrastructure to ensure resilience against these threats.

The Cisco network has 31 million networking devices that connect with 1 billion clients every month and our security suite observes over 800 billion events per day. We build solutions throughout a company’s network and provide the tools to monitor and mitigate threats. AI-powered threats require AI-powered defense. Protecting high-value data, AI models, and toolchains is imperative to ensure business resilience. As more of our enterprise customers lean into the AI era and the promise it brings, we’re focused on providing comprehensive security controls for the AI stack as well as enhancing our portfolio with AI capabilities.

“With the rapid evolution of technologies like AI, cybersecurity must be pervasive throughout your infrastructure to ensure resilience against these threats.”

— Mark Patterson, EVP and Chief Strategy Officer, Cisco.

The biggest challenge for many organizations is time. Hackers and bad actors work around the clock to infiltrate networks. We must be faster and smarter to stay ahead of them. For instance, AI-powered capabilities like Hypershield can reduce the time from vulnerability announcement to mitigation from 45 days to minutes. We’re also investing in research into technology on the horizon which will likely bring new threats and security needs, such as quantum networking. Securing the tech stack is more critical than ever as threats become more sophisticated, and our most sensitive data is vulnerable.

Security is truly a team sport, and partnerships across the entire ecosystem are key. Trust and partnerships, including with our competitors, are essential for ensuring security across the digital global economy and critical infrastructure.

Harrison Lung, Group Chief Strategy Officer, e&

As a global technology group in diverse markets, we are committed to maintaining and strengthening the trust our customers have in us. We achieve this by integrating security and reliability into the core of our AI development and deployment.

Our AI is developed ethically with rigorous frameworks, strong data privacy, and careful use case evaluation. We maintain a use case repository for continuous learning and improvement and prioritise data protection and transparency, adhering to regulations and employing robust measures. We’re committed to ensuring AI’s positive impact on society and are actively involved in developing ethical guidelines and safeguards to address potential risks.

“We’re committed to ensuring AI’s positive impact on society and are actively involved in developing ethical guidelines and safeguards to address potential risks.”

— Harrison Lung, Group Chief Strategy Officer, e&.

In the UAE, we’re privileged to have a regulatory environment that fosters the growth and responsible adoption of AI. The country’s new international AI policy is centred on six principles: advancement, cooperation, community, ethics, sustainability and security. While the AI Security Policy seeks to enhance confidence in AI solutions and technologies, stimulate their development, and mitigate cybersecurity risks.

We actively participate in shaping the AI landscape and collaborate with public and private sector partners to ensure the responsible and secure adoption of AI technologies, aligning with the UAE’s policies. Through collaborations with public and private sector partners in the UAE, we’ve established initiatives like the Mobile Security Operation Centre (MSOC) to combat cyber threats effectively.

Mikael Bäck, VP and Corporate Officer, Ericsson

Mobile networks are becoming the platform of innovation serving business, government and society at large in a sustainable way. As the pillars of digital transformation, mobile networks demand stringent digital security and resilience. This is essential to ensure the ongoing operation of our societies and economies, which are becoming increasingly reliant on digital technologies. It also serves to reinforce trust in the ongoing digital transition.

Addressing security risks holistically calls for a comprehensive holistic trust and security framework. This holistic framework integrates four key processes: telecommunication standardization, vendor product development, deployment, and operations. When implemented together, these processes form the security posture of the networks we deploy.

“Addressing security risks holistically calls for a comprehensive holistic trust and security framework.”

— Mikael Bäck, VP and Corporate Officer, Ericsson.

Ericsson’s Security Reliability Model (SRM) stands at the heart of our approach to product security and the vendor product development process. It incorporates security and privacy considerations into every phase of the product life cycle, enabling us to effectively manage threats and vulnerabilities. This risk-based strategy, tailored to the specific environment and the ever-changing landscape of technology, empowers us to navigate rapid tech advancements and adapt to evolving global laws.

Over 5000 dedicated Security Masters and Champions bring the SRM to life, conducting tasks such as automated vulnerability analysis, secure coding, and fuzz-testing protocols. We balance a comprehensive top-down strategy with the practical expertise of our on-the-ground professionals. Our model to address the security and privacy aspects of our products, enables our customers to operate them securely and in compliance with relevant privacy laws and regulations.

Mikael Bäck, VP and Corporate Officer, Ericsson

Mobile networks are becoming the platform of innovation serving business, government and society at large in a sustainable way. As the pillars of digital transformation, mobile networks demand stringent digital security and resilience. This is essential to ensure the ongoing operation of our societies and economies, which are becoming increasingly reliant on digital technologies. It also serves to reinforce trust in the ongoing digital transition.

Addressing security risks holistically calls for a comprehensive holistic trust and security framework. This holistic framework integrates four key processes: telecommunication standardization, vendor product development, deployment, and operations. When implemented together, these processes form the security posture of the networks we deploy.

“Addressing security risks holistically calls for a comprehensive holistic trust and security framework.”

— Mikael Bäck, VP and Corporate Officer, Ericsson.

Ericsson’s Security Reliability Model (SRM) stands at the heart of our approach to product security and the vendor product development process. It incorporates security and privacy considerations into every phase of the product life cycle, enabling us to effectively manage threats and vulnerabilities. This risk-based strategy, tailored to the specific environment and the ever-changing landscape of technology, empowers us to navigate rapid tech advancements and adapt to evolving global laws.

Over 5000 dedicated Security Masters and Champions bring the SRM to life, conducting tasks such as automated vulnerability analysis, secure coding, and fuzz-testing protocols. We balance a comprehensive top-down strategy with the practical expertise of our on-the-ground professionals. Our model to address the security and privacy aspects of our products, enables our customers to operate them securely and in compliance with relevant privacy laws and regulations.

Previously posted at :