Story image

Huawei cyber security white paper places onus on supply chain

21 Jun 16

Huawei's "The Global Cyber Security Challenge" 2016 white paper was released last week, which identifies some of the security challenges facing the global supply chain.

The paper discusses how to ensure security issues and it also analyses practices adopted by supply chain experts, standards bodies across the world. The paper champions accelerated collaboration techniques to tackle the challenge, through networks and social progress.

The paper says open networks have been a catalyst for information flows, innovation opportunities and have lifted economic growth, particularly through supply chains.

The report says that there is a long, slow path from risk awareness to addressing it while increasing trust and assurance and reducing risk. It says that emerging information technology risks are not properly addressed.

Supply chains promote 'sustainable development' of the ICT industry, and Huawei says that supply chain management is more than providing on-time products and services, but also about approaching the product lifecycle with a view to minimise risk brought in by malicious actors or counterfeit components.

“While there is still no simple answer or solution to the cyber security challenge, it is increasingly apparent that there are steps the global community can take – as well as individual organisations – to drive demonstrable progress in reducing cyber security risk, including that of collaborating so as to reach an agreement on principles, laws, standards, best practices, norms of conduct, and protocols – with recognition that trust has to be earned and continuously validated. Huawei commits itself to supporting such an endeavour,” says Ken Hu, chairman of the board and chairman of the Global Cyber Security and User Privacy Committee of Huawei.

The paper goes into detail about Huawei's own supply chain security efforts, commended by figureheads such as Shola Taylor, Secretary-General of the Commonwealth Telecommunications Organisation, Bruce McConnell, global vice president of the EastWest Institute and Steve Nunn, president and CEO of The Open Group.

“Supply chain risk is a key element of the over-arching cyber security risks that an organisation must understand and manage in order to be successful. This is not just about ensuring that products and services will be there when needed, but it is also about a product lifecycle approach that minimizes risks. We must all build on the work that has been done to raise awareness of supply chain risk and what needs to be done about it, and work harder – collaboratively – to drive real progress to better address that risk," concludes Andy Purdy, white paper author and US cyber security officer, Huawei.

Cylance makes APIs available in endpoint detection offering
Extensive APIs enable security teams to more efficiently view, enrich, and contextualise real-time intelligence collected at the endpoint to keep systems secure.
SolarWinds adds SDN monitoring support to network management portfolio
SolarWinds announced a broad refresh to its network management portfolio, as well as key enhancements to the Orion Platform. 
JASK prepares for global rollout of their AI-powered ASOC platform
The JASK ASOC platform automates alert investigations, supposedly freeing the SOC analyst to do what machines can’t. 
Pitfalls to avoid when configuring cloud firewalls
Flexibility and granularity of security controls is good but can still represent a risk for new cloud adopters that don’t recognise some of the configuration pitfalls.
Securing hotel technology to protect customer information
Network security risks increase exponentially as hotels look to incorporate newer technologies to support a range of IoT devices, including smart door locks.
Why total visibility is the key to zero trust
Over time, the basic zero trust model has evolved and matured into what Forrester calls the Zero Trust eXtended (ZTX) Ecosystem.
Gartner names Proofpoint Leader in enterprise information archiving
The report provides a detailed overview of the enterprise information archiving market and evaluates vendors based on completeness of vision and ability to execute.
Tensions on the rise after Huawei CFO arrest
“Recently our corporate CFO, Meng Wanzhou, was provisionally detained by the Canadian authorities on behalf of the United States of America."