Top tech firms take cyber security pledge

More than 30 tech firms, including Microsoft, ABB, Arm, Cisco, Dell, Facebook, HP, HPE, SAP, Nokia, Oracle, Symantec and Trend Micro have pledged to defend all customers everywhere from malicious attacks by cyber criminal enterprises and nation states.

Together they represent operators of technologies that power the world’s internet communication and information infrastructure.  

The companies signed a Cybersecurity Tech Accord, which commits them to the principles of stronger defence, no offence, capacity building and collective action. This means companies will mount a stronger defence against cyber attacks to protect all customers globally regardless of the motivation for attacks online.

The companies have promised that they will not help any governments launch cyber attacks against innocent citizens and enterprises from anywhere, and to do more to empower developers and the people and businesses that use their technology, helping them improve their capacity for protecting themselves.

Under the fourth principle, the companies have committed to establishing formal and informal partnerships with industry, civil society and security researchers to improve collaboration.

The Tech Accord remains open to consideration of new private sector signatories, large or small and regardless of sector, who are trusted, have high cybersecurity standards and will adhere unreservedly to the Accord’s principles. 

“The devastating attacks from the past year demonstrate that cyber security is not just about what any single company can do but also about what we can all do together,” said Microsoft president Brad Smith. “This tech sector accord will help us take a principled path toward more effective steps to work together and defend customers around the world,” he said.

Kevin Simzer, chief operating officer at Trend Micro, said the real-world consequences of cyber threats have been repeatedly proven. “As an industry, we must band together to fight cyber criminals and stop future attacks from causing even more damage,” he said.

Carolyn Herzog, general counsel at Arm, said the accord will help to protect the integrity of the one trillion connected devices that are expected to be deployed in the next 20 years.

“It aligns the resources, expertise and thinking of some of the world's most important technology companies to help build a trusted foundation for technology users who will benefit immensely from a more security-connected world,” she said.

Companies that signed the accord plan to hold their first meeting during the security-focused RSA Conference taking place in San Francisco, and will focus on capacity building and collective action.

Future actions may include jointly developed guidelines or broadly deployed features, as well as information sharing and partnering to combat specific threats to make the online world a safer place for people and businesses around the world – and to uphold the promise and benefit technology offers society.

Stephen Bonner, cyber risk partner at Deloitte said the survey shows that boards continue to grow in the topic of cyber risk.

“Increasingly, they are disclosing the steps to manage risk to investors, regulators and broader stakeholders,” he said, noting that transparency builds trust, and the best boards are providing recommendations and need to think about what is missing from their disclosures.

“If your disclosure does not look strong enough after taking credit for what the company is already doing, it is time to ask whether you are actually doing enough to manage cyber risk. FTSE companies are moving rapidly to transparency, and we expect the trend to continue as they seek to build trust.”