Trusted Computing Group

In February, our Japanese Regional Forum held the ‘TCG’s Challenge for Next Generation Cyber Security’ open workshop, shedding light on the importance of security in the rapidly evolving digital landscape. From discussions on remote attestation to platform certificates, the workshop covered critical topics relevant to device security across the globe. In our latest blog, we cover the insights provided by our members and industry experts during the event: https://bit.ly/4arsZ7j #cybersecurity #cybersecurityworkshop #JRF #securitybydesign

CISA (Cybersecurity and Infrastructure Security Agency) has released security guidelines to address the opportunities made possible by artificial intelligence for critical infrastructure. Covering 16 sectors, these guidelines urge infrastructure operators to establish protocols for reporting AI security risks and regularly testing AI systems for vulnerabilities. TCG has emphasized the importance of adhering to standards and practices that establish trust in AI technologies in a recent article titled 'Ensuring a safe future for AI applications'. Read the full article from Thorsten Stremlau in the latest issue of New Electronics: https://bit.ly/3xYzxwt Read the full article from FedScoop here: https://bit.ly/4a0IaUv

According to this article from Tripwire, the amount of companies impacted by supply chain spoofing incidents was almost double the figure from the previous year. Supply chain spoofing creates opportunities for adversaries to exploit vulnerabilities at various stages of a product's lifecycle, and must be considered a significant cybersecurity risk. The TCG recognises the need to prioritise supply chain security through the development of rigorous standards that protect devices at each point in it's journey from development, distribution and maintenance. To learn more about supply chain security, visit: https://bit.ly/3iTofCp https://bit.ly/3Qtn5ey #supplychainsecurity

With AI technologies developing at a significant rate, we are finding more ways that AI can be leveraged to revolutionize industries and assist quality of life. But it is vital to recognize the need for enhanced security within AI systems. In this article from New Electronics, Thorsten Stremlau from the TCG discusses the current threat landscape, and explains how trusted computing principles and technologies can be implemented to improve the security and reliability of AI applications. Read the full article hear to learn more: https://bit.ly/3xYzxwt #AI

Earlier this month, TCG member Infineon Technologies attended Embedded World 2024 to showcase a demo that explores their recent collaboration with wolfSSL. During the event, Paul Kissinger, Applications Engineer at Infineon, and David Garske, Software Engineer at WolfSSL, discussed the Infineon OPTIGA TPM, the Open Source Firmware Update Process, as well as the wolfTPM Library in an interview with Patrick Hopper from Embedded Computing Design. Click here to learn more: https://bit.ly/3UvkdQJ

NIST recently announced that it will be allocating $3.6 million to invest in the cybersecurity workforce in an effort to tackle the employee skills shortage. As advocates for cybersecurity education, TCG is proud to contribute to closing the skills gap in this vital field. Our commitment is evident through initiatives like our educational resources and the OpenSecurityTraining (OST2) program. This free course provides aspiring cybersecurity professionals, software developers and students with an invaluable opportunity to enhance their knowledge and learn how fortify device security. To learn more about the OST2 course, visit: https://bit.ly/496fYzc Read the full article from Cointelegraph here: https://bit.ly/3JFp4ZD

By the end of 2024, the total number of IoT devices is projected to rise to 207 billion, averaging 25 devices per person. Although the IoT (Internet-of-Things) can enhance efficiency and drive innovation, it can also expose stakeholders to various malicious cyber-attacks. To mitigate these threats, prioritizing security at the hardware level is crucial. To overcome this threat landscape, TCG has developed essential Root-of-Trust solutions to secure various connected devices that can make up the IoT. The TPM, MARS and DICE have all been developed for unique device applications, and are all geared toward achieving the same goal of fortifying hardware security. Learn more about TCG's RoT solutions here: https://bit.ly/4cKrgft To read the full article from Semiconductor Engineering, visit: https://bit.ly/4ahE1N1

Healthcare institutions remain a major target for hackers: the sector experienced an average of 1,684 attacks per week in the first quarter of 2023 alone. As attacks grow in volume and sophistication, it's imperative that institutions adhere to the latest standards and specifications, including #TPM, #DICE, #FIM, and #RIM, to best protect their networks and customers. Read TCG member Thorsten Stremlau's latest article in Intelligent CISO here: https://bit.ly/4aGvMK0

Next week, TCG member Infineon Technologies will be in Nuremburg, Germany, attending Embedded World 2024 from April 9–11. At the event, Infineon will showcase a demo that explores their collaboration with wolfSSL to address the challenges of integrating TPM 2.0 support into the resource-constrained environment found in Cortex-M based devices. You can visit the team in Hall 1, Booth 500, to view the demo and explore how the TPM provides the first line of defense against potentially critical malware and firmware attacks. Read more on the demo in Embedded Computing Design here: https://bit.ly/4amYAHK

The Wall Street Journal recently shed light on a concerning rise in data breaches worldwide, despite increased cybersecurity awareness. Among the factors contributing to these cyberattacks is the exploitation of vendor systems. To mitigate the risks of cyberattacks, organizations must adhere to the principles of trusted computing—and so should every other user, company, or supplier in the supply chain. To ensure end-to-end protection and integrity, TCG promotes and develops standards such as the Firmware Integrity Measurement (FIM) specification that provide guidance for all stages of the supply chain and device lifecycle. Read the full article here: https://bit.ly/3PwW5u3 #cybersecurity #cyberattacks #supplychain