[Dongguan, China, June 9, 2021] Huawei opened its largest Global Cyber Security
and Privacy Protection Transparency Center in Dongguan, China today, with
representatives from GSMA, SUSE, the British Standards Institution, and regulators
from the UAE and Indonesia speaking at the opening ceremony.
Along with the opening of the new center, Huawei also released its Product Cyber
Security Baseline, marking the first time the company has made its product security
baseline framework and management practices available to the industry as a whole.
These actions are part of the company’s broader efforts to engage with customers,
suppliers, standards organizations, and other stakeholders to jointly strengthen cyber
security across the industry.
“Cyber security is more important than ever,” said Ken Hu, Huawei’s Rotating
Chairman, at the opening of the Dongguan center. “As an industry, we need to work
together, share best practices, and build our collective capabilities in governance,
standards, technology, and verification. We need to give both the general public and
regulators a reason to trust in the security of the products and services they use on a
daily basis. Together, we can strike the right balance between security and
development in an increasingly digital world.”
Cyber Security and Privacy Protection Transparency Center in Dongguan, China
Over the past few years, industry digitalization and new technologies like 5G and AI
have made cyberspace more complex than ever, compounded by the fact that
people have been spending a greater portion of their lives online throughout the
COVID-19 pandemic. These trends have led to a rise in new cyber security risks.
Huawei opened the new Global Cyber Security and Privacy Protection Transparency
Center in Dongguan to address these issues, providing a platform for industry
stakeholders to share expertise in cyber governance and work on technical solutions
together. The center is designed to demonstrate solutions and share experience,
facilitate communication and joint innovation, and support security testing and
verification. It will be open to regulators, independent third-party testing
organizations, and standards organizations, as well as Huawei customers, partners,
and suppliers.
To further a unified approach to cyber security in the telecoms industry,
organizations like GSMA and 3GPP have also been working with industry stakeholders
to promote NESAS Security Assurance Specifications and independent certifications.
These baselines have seen wide acceptance in the industry, and will play an
important role in the development and verification of secure networks.
Mats Granryd, Director General of GSMA, spoke at the opening of Huawei’s new
center. “The delivery of existing and new services in the 5G era will rely heavily on
the connectivity provided by mobile networks and will fundamentally depend on the
underlying technology being secure and trusted,” he said. “Initiatives such as the
GSMA 5G Cybersecurity Knowledge Base, designed to help stakeholders understand
and mitigate network risks, and NESAS, an industry-wide security assurance
framework, are designed to facilitate improvements in network equipment security
levels across the sector.”
At the event, Huawei also released its Product Cyber Security Baseline, the
culmination of over a decade of experience in product security management,
incorporating a broad range of external regulations, technical standards, and
regulatory requirements. The Baseline, together with Huawei’s other governance
mechanisms, helps ensure the quality, security, and trustworthiness of the
company’s products. Over the years, Huawei has built over 1,500 networks that
connect more than three billion people across 170 countries and regions. None of
these networks have ever experienced a major security incident.
“This is the first time we’ve shared our security baseline framework with the entire
industry, not just core suppliers,” said Sean Yang, Director of Huawei’s Global Cyber
Security and Privacy Protection Office. “We want to invite all stakeholders, including
customers, regulators, standards organizations, technology providers, and testing
organizations, to join us in discussing and working on cyber security baselines.
Together, we can continuously improve product security across the industry.”
At present, the industry still lacks a standards-based, coordinated approach,
especially when it comes to governance, technical capabilities, certification, and
collaboration.
“Cybersecurity risk is a shared responsibility,” concluded Ken Hu in his opening
remarks. “Governments, standards organizations, and technology providers need to
work closer together to develop a unified understanding of cyber security challenges.
This must be an international effort. We need to set shared goals, align
responsibilities, and work together to build a trustworthy digital environment that
meets the challenges of today and tomorrow.”
