Huawei Recommends List of Cyber Security Requirements

10 years ago

List of questions across 11 categories provides a strong foundation for valuable dialogue between customers and their vendors and suppliers.

In its latest cyber security white paper, Cyber Security Perspectives–100 Requirements When Considering End-to-End Cyber Security with Your Technology Vendors, Huawei outlines the industry’s first list of end-to-end requirements buyers must consider when assessing vendor cyber security capabilities.

Over the past year, more countries have taken a pragmatic approach to cyber security. As a result, standards relating to enterprises, governments, and end users have been gradually formulated. Driving the next phase, specifically involving the development of anaccepted set of cyber security standards especially for hardware and software manufacturers, Huawei’s white paper recommends 100 requirements for buyers across 11 key areas including: strategy governance and control; standards and processes; laws and regulations; human resources; research and development; verification; third-party supplier management; manufacturing; delivering services securely; issue, defect and vulnerability resolution; and finally audit.

Bruce McConnell, Senior Vice President of leading international think tank EastWest Institute, remarked, “Huawei’s report provides much needed support for addressing one of the most vexing problems in cyber security today. The list of questions across 11 categories provides a strong foundation for valuable dialogue between customers and their vendors and suppliers.”

John Suffolk, Huawei’s Global Cyber Security Officer, said, “In almost every walk of life Governments, regulators, industry and consumers have worked together to improve product quality and safety, yet in the security safety of ICT this has not really happened. We hope our white paper will go some way to start this process”