Non-profit industry standards organisation Trusted Computing Group (TCG) has created a new work group, led by representatives from Microsoft, Intel and Goldman Sachs, to define how its technologies can be implemented to address supply chain security challenges.
The Supply Chain Security work group will create guidance that defines, implements and upholds security standards for the entire supply chain, with the aim of better equipping companies to defend against cyber threats.
“For nearly 20 years, TCG has guided the industry in adopting technologies that enable secure computing, with specifications for internet of things and embedded systems, PCs and servers, mobile, and storage,” said Dennis Mattoon, co-chair of the new work group and principal software development engineer at Microsoft. “The supply chain is the one thing that spans all of these verticals and experts from TCG work groups are now coming together to create industry-wide guidance that seeks to make the supply chain more secure.”
Two of the areas that the work group will be focusing on are provisioning – which involves ensuring devices are from trusted sources at every step of the supply chain – and recovery, helping companies to recover their systems, devices, and networks in the event of a cyberattack. It aims to focus on a single solution for implementation at every level of the supply chain rather than a range of smaller solutions for implementation in specific areas.
“Securing the hardware supply chain is no easy task, as no single company has end-to-end control of the modern technology supply chain,” said Michael Mattioli, co-chair of the work group and vice president at Goldman Sachs. “This is why the new TCG work group is so important, as we are bringing together experts from a wide range of companies to define industry guidance that can be implemented across the ecosystem.”