The International Telecommunication Union (ITU) organized a workkshop on "Zero trust and software supply chain security", which took place on 28 August 2023 from 9h00 - 17h00 KST at the
Korea International Exhibition Center (KINTEX), Goyang, Republic of Korea. The workshop was kindly hosted by the Ministry of Science and ICT. The workshop was preceded by the
ITU-T Study Group 17 meeting which took place from 29 August to 8 September 2023 at the same venue. Remote participation was provided for the workshop. The workshop was held in English only.
Introduction:
In today's interconnected and rapidly evolving digital landscape, cyber threats have become increasingly sophisticated, with attackers targeting vulnerabilities in software supply chains to compromise systems and steal sensitive data. Zero Trust is a new strategic cybersecurity approach that secures an enterprise through removing implicit trust and continuously evaluating every stage of digital interactions. Software supply chain security focuses on the risk management during the lifecycle of the software for all related stakeholders including software vendors and users. By integrating Zero Trust principles into software supply chain security, organizations can establish a resilient defence against cyber threats.
Objectives:The objectives of this workshop were:
-
providing an overview of Zero Trust and software supply chain security with insights into the new and emerging threats in these areas;
-
identifying technical countermeasures and organizational controls to effectively mitigate the identified threats;
-
showcasing on-going activities among relevant ITU-T study groups and other organizations in these areas; and
-
identifying a way forward and providing suggestions to ITU-T Study Group 17 on potential topics of study in the future related to Zero Trust and software supply chain security
Target audience:
Participation in the workshop was open to ITU Member States, Sector Members, Associates and Academic Institutions and to any individual from a country that is a member of ITU who wishes to contribute to the work. Participation was free of charge and open to all. No fellowships were granted for the workshop.
Watch Recording Here
