Cybersecurity has become the most important component in the digitally connected world. Every stakeholder in the digital economy must focus on securing their computer networks against various forms of security breaches to ensure a safe and secure operational models. In an exclusive interview with Telecom Review, Ibrahim Alshamranie, chief security officer, Huawei Saudi Arabia, sheds light on what his company is focusing on in regards to cybersecurity in the Kingdom.
In today's digital era, how does Huawei Saudi Arabia respond to the cybersecurity challenges of enterprises and consumers?
We believe that cybersecurity is a fundamental element in the digital world, and at Huawei, cybersecurity will always remain a top priority for our customers and partners, and we never compromise on it. We have several policies laid out to verify that our entire product range and services meet the industry’s best practices, particularly in cybersecurity, and this has been reflected in our 30 years of zero cybersecurity incidents. We are continuously working with our partners and customers to secure the implementation and development of all products to ensure they have world-class secured services.
How important is cybersecurity and protection of private information in the emergence of technologies like 5G, IoT, virtual reality, AI?
Huawei is compliant with the General Data Protection Regulation (GDPR), the European standard for data protection to ensure the privacy of our customers, and we also ensure to follow the regulations and policies of each country across the world. When it comes to privacy in the Kingdom of Saudi Arabia, there’s an organization called the National Data Management Office, which is responsible to issue regulations and policies in Saudi Arabia for data privacy and protection, and we fully comply with their regulation. We are committed to treat personal information according to local and international regulations and in line with different customer requirements.
What practices can the telecom sector adopt to build trust and transparency in enhancing security?
As vendors, Huawei believes that trust should be built on facts, and facts should be verifiable based on known international standard that everyone can measure against. In this regard, we are working together with vendors, regulators and operators towards NESAS (Network Equipment Security Assurance Scheme), jointly developed by 3GPP and GSMA. The way it works is that the two organizations (3GPP and GSMA) can qualify third party security firms who can audit software development lifecycle before producing the product in order to make sure that it’s following their guidelines and best practices within the industry. This guarantees a secured design, writing and compiling of codes, maintaining it, and integrating third party software as part of your projects. Once audit requirements are fulfilled, the GSMA will give its accreditation. Following this, the accredited product will be introduced to a test at a security lab to verify that it meets security specification and level of assurance that we encourage others to adopt. This assurance must be incorporated in the banking and government sectors whereby the development of products used in the network is verified and accredited. At times, vendors might introduce boxes that are not compliant with the security protocols and that could create issues, because ultimately, one is as strong as the weakest link in the supply chain. The recent incidents of cyberattacks the industry witnessed at the end of 2020 in the supply chain clearly indicate that trust needs to be based on verifiable facts. When it comes to cybersecurity stakeholders, including competitors, we must all work as partners and welcome operators, vendors and government sectors to adopt NESAS and contribute in developing a unified requirement standard for our customers under GSMA and 3GPP.
In your perspective, how will the cybersecurity scene in the region transform in the post-pandemic world? What would be Huawei's contribution on this?
Every region across the world is a target, including the Middle East, considering the current geopolitical situation. However, we can assure our customers that cybersecurity is always a top priority. Our company founder, Mr. Ren Zhengfei, declared that “Huawei guarantees that its commitment to cybersecurity will never be outweighed by the consideration of commercial interests”. Regionally, we can see that Saudi Arabia is the top-ranked Arab country and among the top countries in the world in cybersecurity, as it was ranked 13th overall in the International Telecommunications Union’s (ITU) global cybersecurity index. In 2020, Saudi Arabia was also ranked first amongst 140 countries for its digital competitiveness as the nation invests heavily in the technology sector. That being said, challenges will always arise. We must come together as an industry and collaborate with governments, end users, customers, and operators in order to overcome any challenge. Cybersecurity and privacy protection is not the responsibility of one company, and it cannot be achieved by one enterprise; cybersecurity needs to be built by the whole society.