A recent meeting between Huawei executives and UK security officials resulted in an agreement for Huawei to change certain practices to address security concerns.
Huawei will submit a formal letter to the National Cyber Security Centre (NCSC) outlining the details of that agreement. The letter will specify the measures the company will take to reduce and manage identified risks.
The discussions were arranged in part to avoid the UK following the path of countries that have restricted or banned Huawei equipment, such as the United States and Australia. Other nations that have considered restrictions include New Zealand, Japan, India, South Korea and several European states.
Since 2010 the UK has operated the Huawei Cyber Security Evaluation Centre (HCSEC), where GCHQ and other experts examine Huawei products and engineering processes for potential security vulnerabilities.
Earlier this year HCSEC published a report that identified new risks and stated it could no longer fully assure that all risks to UK infrastructure had been mitigated.
“The report concludes that HCSEC’s operational independence is both robust and effective. The Oversight Board has identified some areas for improvement in our engineering processes.
We are grateful for this feedback and are committed to addressing these issues.
Cybersecurity remains Huawei’s top priority, and we will continue to actively improve our engineering processes and risk management systems.”
UK officials reportedly felt Huawei had been slow to address issues raised in the HCSEC report. During the meeting, Huawei is believed to have offered assurances and commitments intended to reassure security authorities.
At the same time, EU Technology Commissioner Andrus Ansip warned recently that the bloc should take concerns about the company seriously. In response, a Huawei spokesperson said:
“We categorically reject any allegation that we might pose a security threat.
Huawei has never been asked by any government to build backdoors or disrupt networks, and we would never tolerate such behaviour by any member of staff.”
Debate among Western governments over Huawei’s role in national 5G networks has increased in recent weeks. Observers say the United States has been encouraging allies to avoid Chinese 5G vendors, and in some cases offering incentives to choose non-Chinese suppliers.
Huawei has criticized what it calls overreach by the US government, saying such behaviour should not be encouraged if it extends beyond national jurisdiction.
This tense climate has been amplified by high-profile legal and political developments. Earlier this week Huawei CFO Meng Wanzhou was arrested in Canada at the request of US authorities on allegations of violating US sanctions on Iran. Meng is the daughter of Huawei founder Ren Zhengfei, and her detention has drawn particular attention because of ongoing scrutiny of the company’s ties and Ren’s past service in the People’s Liberation Army.
Against a backdrop of an escalating trade dispute, some American business leaders have been cautioned about travelling to China because of potential retaliatory actions.
Interested in hearing industry leaders discuss topics like these and sharing their experiences? Attend the Cyber Security & Cloud Expo World Series, which hosts events in Silicon Valley, London and Amsterdam, to learn more.