GlobalPlatform & Institute for Information Industry Announce Partnership
to Advance Taiwan’s Cybersecurity Goals
Empowering Taiwan’s technology industries to bolster cyber resilience
and demonstrate trust through the adoption of the
internationally-recognized security standard SESIP
July 12, 2023 – GlobalPlatform [7], the standard for secure digital
services and devices, and the Institute for Information Industry [8]
(III), have signed a Memorandum of Understanding (MoU) to support Taiwan
in bolstering digital transformation and enhancing the cyber resilience
of its technology supply chains.
“Building cyber resilience on a global scale can only be achieved if
industries and sectors come together to identify problems and align on
solutions. With Taiwan further developing its reputation as a major
global base for the development of next generation technologies, this
partnership will help Taiwan bolster supply chain security,” comments
Ana Tavares Lattibeaudiere, Executive Director of GlobalPlatform.
Cybersecurity for the digital economy
The mission of the III is to promote the innovation and application of
Taiwan’s information communication technologies (ICT) and assist in
the development of Taiwan’s digital economy. GlobalPlatform empowers
stakeholders across industries with standardized technologies and
certifications for trusted digital services and devices that address
business, security, regulatory and data protection needs.
The MoU reflects the commitment of Taiwan’s ICT industry to combatting
cyberattacks, a government priority following 30 million targeted
threats each month in 2022 [9]. It will enable GlobalPlatform and III to
bring together key stakeholders from across Taiwan’s semiconductor
supply chain. This collaboration will facilitate the exchange of
security expertise and alignment on the adoption of internationally
recognized standards that combat cybercrime by ensuring
security-by-design and trust through certification. This includes
aligning local requirements with global cybersecurity regulations
through the adoption of GlobalPlatform’s Security Evaluation Standard
for IoT Platforms (SESIP) [10] methodology, which is used by both
national and private certification bodies to create and manage IoT
cybersecurity certification schemes.
Mapping IoT cybersecurity compliance with SESIP
“GlobalPlatform’s standardized technologies and certifications can
help Taiwan’s security community build cyber-safe products that are
trusted on a global scale. We are already seeing strong interest in how
the SESIP methodology can be used to strengthen Taiwan’s cybersecurity
provision,” adds Ana.
Different countries and regions are defining security, privacy or
resilience regulations that request specific security features to be
evaluated. SESIP addresses this challenge by mapping to other standards
from bodies including ETSI, ISO/IEC and NIST, providing a common and
optimized approach [11] for evaluating security and demonstrating trust.
“Taiwan spent multiple decades creating the “Made in Taiwan” brand
of trust. Following this, the world can now acknowledge our products as
“Made in Trust,” comments Taiwan Government.
“This is a new opportunity for us and a new blue ocean for Taiwan’s
cybersecurity ecosystem. III established the “Collaborative Test
Laboratory on Chip Security” to focus on the security of Taiwan ICT
products, especially in chipset hardware,” adds III.
“III looks forward now to continued cooperation with GlobalPlatform to
assist manufacturers in implementing international standards and
promoting the SESIP certification scheme. Our partnership is achieving a
win-win situation for the semiconductor and network security industries,
and enables Taiwan semiconductor companies to be trusted partners in the
global supply chain.”
Interested in getting involved? Certification bodies and security
evaluation laboratories can download the methodology [12], participate
in GlobalPlatform’s SESIP licensing program [13] and contribute to the
organization’s work [14] on IoT security.
About GlobalPlatform
GlobalPlatform is a technical standards organization that enables the
efficient launch and management of innovative, secure-by-design digital
services and devices, which deliver end-to-end security, privacy,
simplicity and convenience to users. It achieves this by providing
standardized technologies and certifications that empower technology and
service providers to develop, certify, deploy and manage digital
services and devices in line with their business, security, regulatory
and data protection needs. Key offerings include secure component
specifications; the Device Trust Architecture for accessing secure
services within a device; the IoTopia Framework for secure launch and
management of connected devices; and the SESIP Methodology for IoT
device certification.
GlobalPlatform technologies are used in billions of smart cards,
smartphones, wearables and other connected and IoT devices to enable
convenient and trusted digital services across market sectors, including
healthcare, government and enterprise ID, payments, smart cities,
industrial automation, smart home, telecoms, transportation, utilities,
and OEMs.
GlobalPlatform standardized technologies and certifications are
developed through effective industry-driven collaboration, led by
multiple diverse member companies working in partnership with industry
and regulatory bodies and other interested parties from around the
world.
