Huawei recently released its Cyber Security White Paper of 2016 “The Global Cyber Security Challenge — It is time for real progress in addressing supply chain risks” designed to inform ongoing efforts, excellent practices and standards on how the global ICT industry can address supply chain security challenges.
From 2012 to 2014, The Chinese Networking major company has already published 3 cyber security white papers, sharing its perspective on cyber-security. The latest grey literature logs on how to how to ensure security in the global supply chain, by inscribing collective inputs from global supply chain experts and standards bodies to address this common challenge.
Writing in its official release, Ken Hu, Deputy Chairman of the Board and Chairman of the Global Cyber Security and User Privacy Committee of Huawei asserts, “While there is still no simple answer or solution to the cyber security challenge, it is increasingly apparent that there are steps the global community can take – as well as individual organizations – to drive demonstrable progress in reducing cyber security risk, including that of collaborating so as to reach an agreement on principles, laws, standards, best practices, norms of conduct, and protocols – with recognition that trust has to be earned and continuously validated. Huawei commits itself to supporting such an endeavor.”
The author of the white paper, Andy Purdy, US Cyber Security Officer, Huawei said, “Supply chain risk is a key element of the over-arching cyber security risks that an organization must understand and manage in order to be successful. This is not just about ensuring that products and services will be there when needed, but it is also about a product lifecycle approach that minimizes risks. We must all build on the work that has been done to raise awareness of supply chain risk and what needs to be done about it, and work harder – collaboratively – to drive real progress to better address that risk.”
The report says that Cyberspace has gradually become the “nervous system” through which society operates. A steady and secure global supply chain will help promote the sustainable development of the ICT industry and the use of cyberspace to transform economies and people’s lives.
Huawei touts to have established a comprehensive, ISO 28000-compliant supplier management system that can identify and minimize security risks during the end-to-end process from incoming materials to customer delivery.
Shola Taylor, Secretary-General of the Commonwealth Telecommunications Organization, said:”Cyber security and data privacy is a growing challenge for all organizations and Huawei should be commended for its work in improving supply chain security. An important part of this is helping others to also minimize supply chain risks by defining the standards and working in an open and collaborative way. The Commonwealth Telecommunications Organization applauds Huawei’s efforts in this area.”
Steve Nunn, President and CEO of The Open Group, said: “Having an international standard like the Open Trusted Technology Provider Standard (O-TTPS) – recently approved by ISO as ISO/IEC 20243 – is critical to mitigating the risk of tainted and counterfeit products, particularly when coupled with the Accreditation Program underlying it. The release of this white paper by Huawei illustrates the importance of establishing and consistently following best practices to address cyber and supply chain security threats throughout a product’s lifecycle.”