In this hyperconverged era, you can’t be too careful. Even when you think your organization is secure enough at some point, a minor crack is all it takes for a hacker to gain access to your keys. Additionally, a pandemic that has moved countless activities online is a gold mine for threat actors. And as organizations adopt even more sophisticated technologies, so do attackers.
These are the main reasons why cybersecurity should remain the top priority and be on equal footing with other business functions, revealed Syarbeni, Head of Cybersecurity and Privacy, Huawei Indonesia. . As a global ICT solutions provider, Huawei has remained committed to cybersecurity since day one. Our interview with Syarbeni will deepen his thoughts on ongoing cybersecurity issues in Indonesia, Huawei’s approach, and how everyone has a role to play in protecting our country from threat actors.
Questions and answers
Why does Huawei actively participate in promoting cybersecurity standards across the ecosystem through various programs, including supporting CyberHub Fest in collaboration with BSSN & ACCI?
As we deepen digitalization across the world, cybersecurity becomes more important than ever. Meanwhile, due to the pandemic, people are spending more time online than ever before. It’s the new normal. And it is more critical than ever to ensure a healthy and secure cyberspace where nowadays cyber security and privacy has become one of the major social issues that matter to every person, household, organization and nation. .
Huawei has strongly supported the organization of CyberHub Fest for two consecutive years. Our support for CyberHub Fest is part of our commitment, established for more than 22 years in Indonesia, to actively contribute to the development of the Indonesian ICT ecosystem and to create a healthier and more secure cyberspace.
What role can Huawei play in improving cybersecurity? Why did Huawei release the Product Security Baseline?
Improving product security is key to mitigating the risk of cybersecurity incidents that occur frequently around the world.
Integrating security management into the product development process and making cybersecurity a core product feature is the fundamental approach to solving cybersecurity issues.
Developing and implementing a baseline of common product safety requirements ensures that all products meet the same fundamental safety quality requirements, and that safety quality is consistent. continuously improves as the baseline is updated.
Huawei’s end-to-end cybersecurity framework integrates the baseline into the product development process as a fundamental security requirement. The baseline and various quality assurance activities are strictly implemented to ensure product safety quality and prevent safety incidents.
Practices show that the baseline applies not only to Huawei products, but also to its entire supply chain. Our safety practices over the past 10 years also demonstrate that the baseline is an effective way to manage product safety quality. The baseline has ensured a stellar security record of Huawei products on customer networks.
By releasing the product safety benchmark, Huawei plans to communicate and discuss the benchmark with all stakeholders – including carriers, enterprises, upstream and downstream supply chain partners and government regulators. – on the details of security management, technical and engineering specifications, as well as testing and verification. solutions. This way we can continuously improve end-to-end cybersecurity in the supply chain.
What is the main content of the Huawei Product Security Baseline?
Huawei has developed the result-based, universal, applicable to all, and continuously optimized baseline, which is effective, achievable, and verifiable, and continuously improves the security of Huawei products.
Huawei developed the baseline based on common and critical security requirements identified through its study of applicable laws and regulations, as well as its in-depth understanding of legal and regulatory requirements, customer business requirements, best industry practices, known issues, etc. The baseline includes 54 requirements divided into 15 categories and 112 entries for implementation guidance and interpretation.
What kind of cooperation do you think is needed to truly succeed in jointly protecting cyberspace in today’s digital age?
I would like to take this opportunity to share three quick thoughts.
The first is that we must develop our capacities together. Cybersecurity threats are complex, diverse and evolving. No organization can address them all. From governance, standards and technology to verification, we need to work together, combine our strengths and build our collective capabilities.
We also need to share knowledge, such as Huawei Product Security Baselines, OIC-CERT Security Framework, and GSMA-led 5G Cybersecurity Knowledge Base. The more knowledge and best practices we share, the more effectively we can strengthen cybersecurity as a community.
And finally, we need to form tighter coalitions. This means governments, standards bodies and technology vendors need to work more closely together to develop a unified understanding of cybersecurity challenges. It must be an international effort.
We must define common goals, align responsibilities and work together to build a trusted digital environment that meets the challenges of today and tomorrow.
How is Huawei working with different stakeholders, including states, to build trust and strengthen cybersecurity in the future?
AT 5 :
At Huawei, cybersecurity is our top priority. We share this responsibility with our customers to ensure that the equipment they use is safe and secure.
Of course, our cybersecurity assurance systems were not developed in a vacuum. They are also the result of regular engagement, joint research and joint innovation with our customers, partners, regulators and standards bodies around the world.
Cybersecurity is a complex and evolving challenge that requires close collaboration and information sharing. We still lack a coordinated, standards-based approach across the industry, particularly around governance, technical capabilities, certification, and collaboration.
Also, in some places, unfortunately, there is still a misconception that the country of origin affects the security of network equipment and technology. It’s just not true. This does not solve the real challenges and it prevents us from forming a unified approach.
To tackle such issues, we need to develop collective capabilities and combine our strengths – starting with governance, standards and technology, all the way to verification. We also need to effectively strengthen our cybersecurity and privacy together through sharing knowledge of best practices and building stronger coalitions.
Overall, for safety, we think of the ABC principle at Huawei: “Adon’t assume anything. Bdon’t believe anyone. VSshit everything.”
Because we believe that trust is the foundation of a healthy digital environment. Therefore, trust and distrust should be based on facts, not on feelings, speculation, or baseless rumors. We believe that facts should be verifiable; and verification should be standards-based.