Huawei cyber security white paper places onus on supply chain
Huawei's "The Global Cyber Security Challenge" 2016 white paper was released last week, which identifies some of the security challenges facing the global supply chain.
The paper discusses how to ensure security issues and it also analyses practices adopted by supply chain experts, standards bodies across the world. The paper champions accelerated collaboration techniques to tackle the challenge, through networks and social progress.
The paper says open networks have been a catalyst for information flows, innovation opportunities and have lifted economic growth, particularly through supply chains.
The report says that there is a long, slow path from risk awareness to addressing it while increasing trust and assurance and reducing risk. It says that emerging information technology risks are not properly addressed.
Supply chains promote 'sustainable development' of the ICT industry, and Huawei says that supply chain management is more than providing on-time products and services, but also about approaching the product lifecycle with a view to minimise risk brought in by malicious actors or counterfeit components.
“While there is still no simple answer or solution to the cyber security challenge, it is increasingly apparent that there are steps the global community can take – as well as individual organisations – to drive demonstrable progress in reducing cyber security risk, including that of collaborating so as to reach an agreement on principles, laws, standards, best practices, norms of conduct, and protocols – with recognition that trust has to be earned and continuously validated. Huawei commits itself to supporting such an endeavour,” says Ken Hu, chairman of the board and chairman of the Global Cyber Security and User Privacy Committee of Huawei.
The paper goes into detail about Huawei's own supply chain security efforts, commended by figureheads such as Shola Taylor, Secretary-General of the Commonwealth Telecommunications Organisation, Bruce McConnell, global vice president of the EastWest Institute and Steve Nunn, president and CEO of The Open Group.
“Supply chain risk is a key element of the over-arching cyber security risks that an organisation must understand and manage in order to be successful. This is not just about ensuring that products and services will be there when needed, but it is also about a product lifecycle approach that minimizes risks. We must all build on the work that has been done to raise awareness of supply chain risk and what needs to be done about it, and work harder – collaboratively – to drive real progress to better address that risk," concludes Andy Purdy, white paper author and US cyber security officer, Huawei.