In 2020, the COVID-19 pandemic changed the way we live, work and how organisations operate. Many activities have moved online, and telecommuting, video conferencing, distance education, and telemedicine have become the new normal. In this context, digital technology has played an irreplaceable role in keeping our lives on track and our businesses open.
At the same time, as digital transformation picks up speed, we see growing challenges relating to cyber security and privacy protection. We have witnessed a record number and scale of security vulnerabilities and cyber-attacks around the world, with persistent ransomware attacks and data breaches.
In a digital, intelligent world empowered by 5G, cloud, and AI, a secure and stable cyberspace is critical to securing people’s livelihoods and protecting the vital public and economic functions of any society. It is clear that cyber security and privacy protection are becoming, not only basic, core capabilities, but also inherent requirements in a digital world.
Cyber security is an opportunity for us to promote security and digitisation through enhanced cooperation. All stakeholders in the digital space — including governments and regulators, industry and standards organisations, communication service and technology providers as well as digital service providers — share a joint responsibility to address cyberspace challenges and improve the level of cyber security.
In the case of a cyber-attack, every product and service in cyberspace is exposed to the attack, independent of the supplier. Only by strengthening cyber security protection for the end-to-end supply chain can we more effectively reduce the security risks across the entire network.
As a leading global provider of ICT infrastructure and smart devices, Huawei offers a broad array of products and solutions that apply to many diverse scenarios. Effectively managing the security of these products is a huge, but surmountable challenge. In order to do so, Huawei has incorporated cyber security management requirements into all its business processes, especially the Integrated Product Development (IPD) process.
By integrating product cyber security requirements throughout the planning, design, development, verification, launch, and lifecycle management of the entire IPD process, Huawei is able to ensure that every product and version it releases delivers the expected level of quality in terms of cyber security. The applied management requirements. engineering and technical specifications include the Huawei Product Security Baseline (“the Baseline”), which contains mandatory requirements that Huawei products must meet.
Drawing on our extensive experience over the past decade in the quality of product security, we continuously update and optimise the Baseline and share its value, in ensuring the end-to-end security of the supply chain, with our partners, suppliers, and others. Practices show that the Baseline applies not only to Huawei products but also to its entire supply chain. Our security practices over the past, more than, 10 years also demonstrate that the Baseline is an effective way to manage the quality of product security. The Baseline has ensured that Huawei’s products enjoy a stellar security record on our customer’s networks.