Cisco Trustworthy Systems

Cisco Trustworthy Systems

Why Trustworthy Systems Matter

Why Trustworthy Systems Matter

Threats to critical infrastructures and national systems often evolve from nominal to critical within days or even hours. Enabling a truly secure environment becomes even more complex as governments and businesses invest more in mobility, collaboration, cloud, and other forms of virtualization.

The network, given its major role in this evolution, becomes the primary defense of user and data integrity. The ability to trust your IT infrastructure is the foundation of this defense.

What You Need to Consider

What You Need to Consider

The threat landscape is changing and adversaries are becoming more aggressive. New attacks are made by malevolent actors and counterfeit and tampered products. Verifiable trustworthiness in our systems is vital for today's multi-threat environments.

To trust our networks, we need to be able to trust the technologies they are built on, namely product security. But not all vendors are able or willing to meet the demands of trustworthy systems. Some are constrained by limited resources, government requirements, or personal philosophies.

Purchasers of networking and security solutions should fully understand their vendor's development practices and hold them accountable for those practices. Security must be a foundational priority, spanning product security development to delivery and support.

Secure development of architectures, products, and applications must be supported by comprehensive supply chain management, security standards, incident anticipation and response, as well as industry collaboration.

Cisco's Trustworthy Systems Framework

Cisco's Trustworthy Systems Framework

To create trustworthy systems, technology vendors have to offer a comprehensive framework for continuously evolving product security, with the focus everywhere on protection. The core components must focus on policies, processes, and technologies. Trustworthy systems need to start with secure hardware and software technologies embedded at product conception; products must also adhere to a secure product development lifecycle that is repeatable and provable.

Trustworthy systems need to incorporate security incident responses, while proactively adding trustworthy capabilities that can be used as deterrents to today's threats and more complicated threats in the future. This in turn propels the company direction, solutions, systems, and supply chain components.