i3 - January/February 2021 - 23

" It is very important to review the
security of your
vendors before
you engage them,
to make sure they
are capable of
meeting your
needs or otherwise enhancing
their controls
before they are
onboarded. "
- PHIL VENABLES

Alexsl/Getty Images

CTA SEEKS A PUBLIC/PRIVATE
CYBERSECURITY PLAN THAT
PROTECTS INNOVATION
The U.S. Department of Commerce has been exploring a process for " Securing the Information
and Communications Technology
and Services (ICTS) supply chain,
which involves existing and evolving systems, and devices, such
as 5G and other wireless technologies. In its comments about
the proposal, CTA has urged the
government to adopt a targeted
public/private, " risk-oriented approach " that focuses on threats to
the ICTS supply chain. CTA notes
that any government action " could
have significant long-term effects
in the market for all ICTS providers, " characterizing it as a $5 trillion
global market, likely to surpass $6
trillion in 2022. CTA says it seeks to
avoid the looming threat of rules
that would have " a chilling effect
on U.S. innovation and technology
investment. "
In similar comments for a Federal
Communications Commission

proceeding on " Security Threats to
the Communications Supply Chain, "
CTA explains its co-leadership of
the Council to Secure the Digital
Economy (CSDE), a group of more
than a dozen major ICTS companies involved in communications
infrastructure security and the connected products ecosystem. The
CTA-hosted project known as " Convene the Conveners " or " C2, " has
identified baseline security capabilities that will affect the worldwide
supply chain. Engineers will find
these 'baseline' capabilities detailed
in CTA's recent technical standard
CTA-2088. In comments CTA filed
with the Department of Commerce
on " the National Strategy to Secure
5G Implementation Plan, " CTA said
that the best approach to security
" should rely on consensus standards
and multi-stakeholders that allow
the private, public and international
sectors to collaborate and drive
security innovation at scale. "

retailers can take to mitigate cyber risk. It recommends quick implementation of safeguards
such as employee training, including " vigilant
monitoring " of data flow and use within the
company. Retailers should also embrace the
" mobile wallet payment trend " since this process is " notably more secure than traditional "
credit card payments because it doesn't expose
actual account details that could be compromised, the firm explains.
Agreeing with this approach is Mohamed
Abdelsadek, executive vice president of
North America services for Mastercard. He
believes in " connected intelligence " as a process to secure transactions " without creating
unnecessary friction for consumers and
enabling a data collaboration approach
between merchants and issuers. " He envisions a " digital environment secured through
a layered approach that protects the environment and the customers before, during
and after the payment transaction. "
" The next few years will be critical for
retailers to establish a secure digital environment for consumers to interact and
shop. " Abdelsadek explained in an NRF publication. " While the threats might not be
very different to what we are exposed to
today, the amount of traffic online and the
human factor will be critical to establish a
secure digital ecosystem. "
He expects to see new projects, such as
" cyber hygiene " programs for employees, new
safeguards for customer data and frictionless
secure experiences, including contactless
payment cards at point-of-sale terminals.
" The U.S. market is now dramatically accelerating in contactless adoption, " Abdelsadek
explains, noting that the acceptance pace has
increased since the pandemic was declared.
He called the tap-and-go process a fundamentally " different payment experience for the
cardholder, " part of an evolution toward
tokenization of the payment process.
His outlook for one section of the complicated retail cybersecurity tale offers hope for
a happy ending to the supply chain and
customer-interface thriller.

2021

C TA . t e c h / i 3

i3_0121_20-23_Feature_CyberSecurity.indd 23

Cybersecurity challenges will be discussed
at CES 2021 as more companies transition
to cloud computing.

JANUARY/FEBRUARY 2021

12/9/20 3:19 PM

https://bit.ly/2KvRJoq https://bit.ly/2KvRJoq https://bit.ly/2KvRJoq https://bit.ly/3p3bnqZ https://bit.ly/3p3bnqZ https://www.ces.tech/ https://cta.tech/Resources/i3

i3 - January/February 2021

Table of Contents for the Digital Edition of i3 - January/February 2021