Huawei Technologies USA Chief Security Officer highlights the need for consistent security standards across the telecoms industry
With ICT vendor Huawei Technologies largely locked out of the market in the United States and some of its allied countries, the Chinese company is continuing its push to have global regulators, operators and other technology partners adopt a zero-trust approach to cybersecurity. The end goal is for there to be a clear set of testing and validation processes applied across-the-board to all equipment vendors, driving a heightened level of security in networks around the world.
Andy Purdy, chief security officer of Huawei Technologies USA, laid out the importance of a zero-trust approach to cybersecurity in a recent video interview with RCR Wireless News, and provided an update on how the company is faring in the face of U.S. sanctions that hamper its ability to buy components from U.S.-based suppliers.
“It’s a departure from the old trust but verify approach,” Purdy said. “This model is a never trust, always verify model.”
Speaking broadly on the level of adoption of zero-trust in telecoms, Purdy noted that different organizations have different levels of maturity but added that operators have significant governance control as it relates to devices operating on their networks and vendors servicing those networks. “I think it’s moving very much in the right direction,” he said.
Purdy pointed to a new cyber security measure adopted by Germany officials, the IT Security Law 2.0, that aims to set politics aside and hold 5G equipment vendors to a two-part assessment requiring a technical evaluation and the vendor to issue a declaration that its kit cannot be used for sabotage or espionage. He said the emphasis on “transparency and accountability” can serve as a guide post for other countries grappling with similar issues.
To his point around the importance of transparency, Huawei operates a number of facilities similar to the Cyber Security Transparency Centre in Brussels that was opened in March 2019. The goal of the facility is to provide a venue for public and private stakeholders to conduct technical verification and evaluation of telecoms equipment.
The post Understanding and implementing a zero-trust cybersecurity strategy appeared first on RCR Wireless News.