Trust is the foundation for a healthy digital environment. But as technology evolves, building trust becomes more difficult. Telecom operators that once ran closed networks are now running open ones connected to the internet. The world lacks a common and unified understanding of cybersecurity.
Ken Hu is Deputy Chairman at Huawei Technologies. Since 2011, Ken Hu acts as Chairman of Huawei Global Cyber Security and Privacy Protection Committee (GSPC), which is the overall governance organization of Huawei group’s practice on security and privacy.
The tech industry as a whole lacks a unified set of security standards and verification systems. Network equipment and phones include components from different countries with different standards or out-of-date standards, creating an urgent need to invest in security standards and verification systems at the national level. And in some countries, cyber security management lacks legislative support.
When it comes to cybersecurity, both trust and distrust should be based on facts, not speculation, and not baseless rumour. We believe that facts must be verifiable, and verification must be based on standards.
That’s why Huawei is opening its Cyber Security Transparency Centre in Brussels. Complementing existing centres in Banbury UK, Bonn, Dubai, Toronto, and Shenzhen, the Brussels Centre provides a platform for security communications, collaboration and innovation on security standard and verification mechanism, while letting our customers verify and test Huawei equipment.
This approach helps to lay a foundation for the ultimate goal: the creation of unified standards for assessing and certifying the security of network equipment. Having a common standard to which all equipment vendors are held will let countries objectively assess the security of telecommunications products and services.
Non-technical issues will not create political pressures that lead policymakers to make bad decisions or even use cybersecurity as an excuse for protectionism.
For example, when governments block major vendors from their markets, reduced competition drives up costs, leading businesses to curtail their investments. Overall innovation drops, and consumers ultimately pay higher prices for inferior products and services. Unified cybersecurity standards, by contrast, foster competition and support innovation in the interest of companies and national governments.
A prosperous digital Europe needs up-to-date cyber rules that manage the risks inevitably created by new technology. Last year’s enactment of the General Data Protection Regulations (GDPR) demonstrates how European policymakers can respond to challenges such as the need to implement robust legal protections for private data.
GDPR sets clear standards, defines responsibilities for all parties, and applies equally to all companies operating in Europe. Some call GDPR the gold standard for digital privacy protection.
I believe that European regulators can also lead the way on similar mechanisms for cybersecurity. We hope, for example, that one day there will be a cybersecurity certification framework shared by Europe.
This would set goals to improve the security environment in Europe, and help leading enterprises in vertical industries to improve their security capabilities, as well as local businesses in Europe, especially small and medium-sized enterprises.
Technology drives growth and improves living standards. Politics, meanwhile, corrodes our ability to evaluate technology on its merits and increases the risk of making bad decisions based on emotion, rather than logic.
Unified verification standards increase trust, allowing digital ecosystems to take root and grow. Governments, standard bodies, telcos and technology providers must collaborate to develop standards that allow society to put politics aside, embrace transparency, and move toward common goals using trusted digital systems.