Total security approach more important than country of origin: Huawei

Technology vendor asks people to listen without prejudice

When it comes to security, it is more important to secure everything, from sales, to HR to supply chain, than to focus on origin.

Huawei global security chief, John Suffolk, made the observation during the Communications Alliance Forum in Sydney, in relation to the company’s Chinese roots.

“We are a Chinese company that most people have heard of, and we are proud of our heritage and roots,” he said.

“The reality is that some people have concerns about the company and a country they know little about.”

Suffolk highlight that Huawei is one of the most audited and inspected companies in the world, and it helped the vendor get a more comprehensive view on what good security is.

“People assume that since a Dell computer is American, because the company is American,” he said.

“However, 70 per cent of the components that go into our hardware is not made by us.”

According to Suffolk, the majority of parts in Huawei’s products is actually made by other vendors from around the world.

“When you look at a label, you make one set of assumptions, but for us it is about risk management and not elimination,” he said.

For that reason, Suffolk said the priority should be to secure those thousands of suppliers.

“There is very little point in focusing on the 30 per cent when the threat is coming somewhere else in the supply chain,” he said.

The meaning of security

The challenge that Suffolk sees clients in Australia facing is how to translate what they want to do with security into specifications and into law.

Read more: Presence of IT partners with ClickSuper

“Customer, whether they are government or not, are struggling to find out what good security looks like,” he said.

Suffolk said that the definition of cyber security will also vary between people, both locally and around the world.

“Most people who talk about security do it in terms of bits and bytes, hardware and software, and vulnerabilities,” he said.

“That is absolutely true, be it is not the be all end all of cyber security.”

Patrick Budmar covers consumer and enterprise technology breaking news for IDG Communications. Follow Patrick on Twitter at @patrick_budmar.

Join the CSO newsletter!

Error: Please check your email address.

Tags complianceHuaweisecurity

More about DellHuaweiIDGIDG CommunicationsIDG CommunicationsIDG Communications

Show Comments

Featured Whitepapers

Editor's Recommendations

Solution Centres

Stories by Patrick Budmar

Latest Videos

  • 150x50

    CSO Webinar: The Human Factor - Your people are your biggest security weakness

    ​Speakers: David Lacey, Researcher and former CISO Royal Mail David Turner - Global Risk Management Expert Mark Guntrip - Group Manager, Email Protection, Proofpoint

    Play Video

  • 150x50

    CSO Webinar: Current ransomware defences are failing – but machine learning can drive a more proactive solution

    Speakers • Ty Miller, Director, Threat Intelligence • Mark Gregory, Leader, Network Engineering Research Group, RMIT • Jeff Lanza, Retired FBI Agent (USA) • Andy Solterbeck, VP Asia Pacific, Cylance • David Braue, CSO MC/Moderator What to expect: ​Hear from industry experts on the local and global ransomware threat landscape. Explore a new approach to dealing with ransomware using machine-learning techniques and by thinking about the problem in a fundamentally different way. Apply techniques for gathering insight into ransomware behaviour and find out what elements must go into a truly effective ransomware defence. Get a first-hand look at how ransomware actually works in practice, and how machine-learning techniques can pick up on its activities long before your employees do.

    Play Video

  • 150x50

    CSO Webinar: Get real about metadata to avoid a false sense of security

    Speakers: • Anthony Caruana – CSO MC and moderator • Ian Farquhar, Worldwide Virtual Security Team Lead, Gigamon • John Lindsay, Former CTO, iiNet • Skeeve Stevens, Futurist, Future Sumo • David Vaile - Vice chair of APF, Co-Convenor of the Cyberspace Law And Policy Community, UNSW Law Faculty This webinar covers: - A 101 on metadata - what it is and how to use it - Insight into a typical attack, what happens and what we would find when looking into the metadata - How to collect metadata, use this to detect attacks and get greater insight into how you can use this to protect your organisation - Learn how much raw data and metadata to retain and how long for - Get a reality check on how you're using your metadata and if this is enough to secure your organisation

    Play Video

  • 150x50

    CSO Webinar: How banking trojans work and how you can stop them

    CSO Webinar: How banking trojans work and how you can stop them Featuring: • John Baird, Director of Global Technology Production, Deutsche Bank • Samantha Macleod, GM Cyber Security, ME Bank • Sherrod DeGrippo, Director of Emerging Threats, Proofpoint (USA)

    Play Video

  • 150x50

    IDG Live Webinar:The right collaboration strategy will help your business take flight

    Speakers - Mike Harris, Engineering Services Manager, Jetstar - Christopher Johnson, IT Director APAC, 20th Century Fox - Brent Maxwell, Director of Information Systems, THE ICONIC - IDG MC/Moderator Anthony Caruana

    Play Video

More videos

Blog Posts