Cybersecurity and privacy risks are inherent in information and communications technology (ICT) products and services. Increasing their security is paramount to their continued use in governments and businesses around the world. Guidance based upon objective standards, best practices, and risk management techniques can help purchasers of these products and services make informed decisions to reduce their own risk. This breakthrough group will promote discussion and solicit feedback on its 2016 publication Purchasing Secure ICT Products and Services: A Buyers Guide, exploring ways to address the need for security standards in the procurement of ICT products and services.
In September 2016, this breakthrough group published Purchasing Secure ICT Products and Services: A Buyers Guide, which outlines questions that ICT consumers can ask their suppliers to understand how to manage security risks, including supply chain risk, introduced into enterprises by commercial technology. This unique, breakthrough resource is intended for all organizations interested in acquiring more secure information and communications technology (ICT) products and services. The report has received wide media coverage and was featured in The Wall Street Journal. It was also presented at the Munich Security Conference's 4th Cyber Security Summit in Stanford, and at ITU Telecom World 2016.
This breakthrough group will continue to promote the Buyers Guide at meetings and in discussions with leaders around the world, focusing particularly on large buyers of ICT and standards bodies. It will also continuously solicit feedback to improve the coverage of the guide and its usability.