Story image

Huawei cyber security white paper places onus on supply chain

21 Jun 2016

Huawei's "The Global Cyber Security Challenge" 2016 white paper was released last week, which identifies some of the security challenges facing the global supply chain.

The paper discusses how to ensure security issues and it also analyses practices adopted by supply chain experts, standards bodies across the world. The paper champions accelerated collaboration techniques to tackle the challenge, through networks and social progress.

The paper says open networks have been a catalyst for information flows, innovation opportunities and have lifted economic growth, particularly through supply chains.

The report says that there is a long, slow path from risk awareness to addressing it while increasing trust and assurance and reducing risk. It says that emerging information technology risks are not properly addressed.

Supply chains promote 'sustainable development' of the ICT industry, and Huawei says that supply chain management is more than providing on-time products and services, but also about approaching the product lifecycle with a view to minimise risk brought in by malicious actors or counterfeit components.

“While there is still no simple answer or solution to the cyber security challenge, it is increasingly apparent that there are steps the global community can take – as well as individual organisations – to drive demonstrable progress in reducing cyber security risk, including that of collaborating so as to reach an agreement on principles, laws, standards, best practices, norms of conduct, and protocols – with recognition that trust has to be earned and continuously validated. Huawei commits itself to supporting such an endeavour,” says Ken Hu, chairman of the board and chairman of the Global Cyber Security and User Privacy Committee of Huawei.

The paper goes into detail about Huawei's own supply chain security efforts, commended by figureheads such as Shola Taylor, Secretary-General of the Commonwealth Telecommunications Organisation, Bruce McConnell, global vice president of the EastWest Institute and Steve Nunn, president and CEO of The Open Group.

“Supply chain risk is a key element of the over-arching cyber security risks that an organisation must understand and manage in order to be successful. This is not just about ensuring that products and services will be there when needed, but it is also about a product lifecycle approach that minimizes risks. We must all build on the work that has been done to raise awareness of supply chain risk and what needs to be done about it, and work harder – collaboratively – to drive real progress to better address that risk," concludes Andy Purdy, white paper author and US cyber security officer, Huawei.

Oracle updates enterprise blockchain platform
Oracle’s enterprise blockchain has been updated to include more capabilities to enhance development, integration, and deployment of customers’ new blockchain applications.
Used device market held back by lack of data security regulations
Mobile device users are sceptical about trading in their old device because they are concerned that data on those devices may be accessed or compromised after they hand it over.
Gartner names ExtraHop leader in network performance monitoring
ExtraHop provides enterprise cyber analytics that deliver security and performance from the inside out.
Symantec acquires zero trust innovator Luminate Security
Luminate’s Secure Access Cloud is supposedly natively constructed for a cloud-oriented, perimeter-less world.
Palo Alto releases new, feature-rich firewall
Palo Alto is calling it the ‘fastest-ever next-generation firewall’ with integrated cloud-based DNS Security service to stop attacks.
The right to be forgotten online could soon be forgotten
Despite bolstering free speech and access to information, the internet can be a double-edged sword, because that access to information goes both ways.
Opinion: 4 Ransomware trends to watch in 2019
Recorded Future's Allan Liska looks at the past big ransomware attacks thus far to predict what's coming this year.
Red Box gains compliance boost with new partnership
By partnering with Global Relay, voice platform provider Red Box is improving the security of its offerings for high-value and risk voice data.