Huawei Cyber Security Transparency Center aims to foster trust through independent cyber security verification
Huawei equipment is used in a staggering 1,500 carrier networks in more than 170 countries. As telco operators prepare for the long-term, phased transition from LTE to 5G, the technology company is simultaneously racking up 5G contract wins with the likes of Swisscom, Rain and Vodafone, while addressing cyber security-related concerns raised by policymakers in the U.S., Europe and elsewhere.
At the recent opening of its Cyber Security Transparency Center in Brussels, Belgium, Huawei Rotating Chairman Ken Hu called for a collaborative, global approach to developing uniform, verifiable, standards-based cyber security protocols with the involvement of regulators, standards bodies, telco operators and vendors.
Hu outlined four primary challenges: an ever-increasing attack surface as more and more digital content and services transition to cloud environments; lack of unified cyber security standards that are based on an understanding of real cyber security threats; a global supply chain for information and communication technologies that operates without shared technical cyber security standards; and an inconsistent approach to governance and enforcement.
“At Huawei, we fully understand the cyber security concerns that people have in this digital world and we believe cyber security is a challenge we all share,” Hu said. “No single vendor, government or telco operator can do it alone. We need to work together to clarify and align our responsibilities. Security must be embraced as a great social responsibility. That means embedding trust in all end-to-end processes.”
5G is expected to bring huge benefits to organizations and citizens, but with it is likely to come increasing dependence and reliance on the functioning of networks and systems, and greater risk. The benefits of 5G will not just be increased speed for consumer devices, but will come from 5G being an enabler of the digitization of government and vertical industries, which is expected to spur historic growth in GDP for the nations and regions that embrace it. New vertical industry applications will include remote surgery, autonomous driving, more efficient and accessible government services, smart manufacturing, precision agriculture, green energy, smart cities, and on and on.
Existing cyberspace risk is in part due to the level of complexity involved in telecom networks that is already astonishing, and will only compound as 5G networks go live and scale out. Couple this with the perpetuation of internet of things implementations to drive digital transformation in enterprises and industries, and the complexity and potential for cyber security risk is similarly expanding. This emerging paradigm featuring a multi-vendor world will dramatically enhance the need for operators, vendors, regulators and other stakeholders to develop objective and transparent mechanisms to determine which products and vendors are worthy of trust. One proven mechanism is trust based on independent verification–and that’s the goal of Huawei’s Cyber Security Transparency Center.
Among the primary risks, according to Huawei USA’s Chief Security Officer, Andy Purdy are malicious actors taking advantage of vulnerabilities in network infrastructure, or exploiting hidden functionality in that infrastructure, both of which can be enabled by physical or virtual access during manufacturing or along the global supply chain.
“The center creates an opportunity for our customers to get real visibility into our products and that kind of transparency will hopefully spread across the industry,” Purdy told RCR Wireless News. “It’s the ability to know whether there are significant vulnerabilities or hidden functionality within the products–that’s what the testing of the products can contribute to an understanding by customers and stakeholders of the assurance level of the products and components.”
The goal of the new facility in Brussels is three-fold: first, stakeholders can learn about Huawei’s end-to-end cyber security practices, ranging from R&D, product development, manufacture supply chain, and post installation service and support; second, to create a space to facilitate communication between industry partners; and third, to provide a holistic and confidential platform for security testing and verification.
“No single vendor, government or telco operator can do it alone. We need to work together to clarify and align our responsibilities, hopefully moving toward a unified set of standards and best practices to provide assurance and transparency,” Purdy said.
Click here to learn more about Huawei’s Cyber Security Transparency Center.
