Security Workstream Meeting in Milan

Development of supplier network management model

Security Workstream Meeting in Milan Development of supplier network management model From 12th – 13th of January 2017 representatives of Cisco, Brocade, Hitachi Data Systems (HDS), Hewlett Packard Enterprise (HPE), Juniper and T-Systems met in Milan to discuss the development of a supplier network management model.

In our digitalised economy, businesses are strongly depend on the availability of ICT services. The IT landscape of companies consists mostly of components of many suppliers. However, quality is only achieved if everyone in the supply chain adheres to certain rules. Insecure systems that are vulnerable to hostile action, intentional abuse or accidental misuse put businesses at risk.

This is even clearer within automotive manufacturing. Certain parts of a passenger’s car, such as the tyres the control system or plastic parts – in fact up to 75 percent – come from suppliers. However, this is irrelevant to the customer. He relies on the fact that all installed components work smoothly with each other and meet certain safety standards. In the event of a fault, the customer will contact the manufacturer and the latter is responsible for the end product.

„This principle also applies to IT“, Walter Sedlacek, Lead Security Stream for the Zero Outage Industry Standard notes. “However, the challenge here is that, in addition to the ‘what‘, the practical ‘how‘ is decisive for IT-quality. A corporation needs to know how to achieve required measurements such as security on data centre networks or within cloud services.“

The Zero Outage Industry Standard Association is thus focusing on the definition of the framework in order to formulate processes and technologies in all its details. That’s why regular workstream meetings with members are important. “In this way, we want to ensure that individual steps can be implemented in the same way and that the final product achieves the highest possible quality“, Mr. Sedlacek explains.

To ensure that security standards reflect the circumstances of industrialized IT production, ESARIS (Enterprise Security Architecture for Reliable ICT Services), a collection of best practices has been developed.

The meeting in Milan was very fruitful and all participants agreed that it is important to involve the platform workstream and the editorial board. The next meeting will take place on June 7th at Brocade in London.