Trust is the foundation for a healthy digital environment. But as technology evolves, building trust becomes more difficult. Telecom operators that once ran closed networks are now running open ones connected to the internet. As smartphones and other devices go online, networks have larger attack surfaces than ever before. The world lacks a common and unified understanding of cyber security, so different stakeholders have different expectations, and there is no alignment of responsibilities.
At the same time, the tech industry as a whole lacks a unified set of security standards and verification systems. Network equipment and phones include components from different countries with different standards or out-of-date standards, creating an urgent need to invest in security standards and verification systems at the national level. And in some countries, cyber security management lacks legislative support.
Trust is a feeling. But when it comes to cybersecurity, both trust and distrust should be based on facts, not feelings, not speculation, and not baseless rumour. We believe that facts must be verifiable, and verification must be based on standards.
That’s why Huawei is opening its Cyber Security Transparency Centre in Brussels. Complementing existing centers in Banbury UK, Bonn, Dubai, Toronto, and Shenzhen, the Brussels Centre provides a platform for security communications, collaboration and innovation on security standard and verification mechanism, while letting our customers verify and test Huawei equipment.
This approach helps to lay a foundation for the ultimate goal: the creation of unified standards for assessing and certifying the security of network equipment. Having a common standard to which all equipment vendors are held will let countries objectively assess the security of telecommunications products and services. Non-technical issues will not create political pressures that lead policymakers to make bad decision or even use cybersecurity as an excuse for protectionism.
For example, when governments block major vendors from their markets, reduced competition drives up costs, leading businesses to curtail their investments. Overall innovation drops, and consumers ultimately pay higher prices for inferior products and services. Unified cybersecurity standards, by contrast, foster competition and support innovation in the interest of companies and national governments.
A prosperous digital Europe needs up-to-date cyber rules that manage the risks inevitably created by new technology. Last year’s enactment of the General Data Protection Regulations (GDPR) demonstrates how European policymakers can respond to challenges such as the need to implement robust legal protections for private data. GDPR sets clear standards, defines responsibilities for all parties, and applies equally to all companies operating in Europe. Some would call GDPR the gold standard for digital privacy protection.
I believe that European regulators can also lead the way on similar mechanisms for cyber security. We hope, for example, that one day there will be a cyber security certification framework shared by Europe. This would set goals to improve the security environment in Europe, and help leading enterprises in vertical industries to improve their security capabilities, as well as local businesses in Europe, especially small and medium-sized enterprises.
Huawei supports the work of European policymakers as they explore ways to enhance network security and define relevant standards, and stands ready to make our resources and our expertise available as needed in the pursuit of this important task.
Technology drives growth and improves living standards. Politics, meanwhile, corrodes our ability to evaluate technology on its merits and increases the risk of making bad decisions based on emotion, rather than logic.
Unified verification standards increase trust, allowing digital ecosystems to take root and grow. Governments, standard bodies, telcos and technology providers must collaborate to develop standards that allow society to put politics aside, embrace transparency, and move toward common goals using trusted digital systems.