Chinese computing giant Huawei has released a new report outlining what it believes are the top 100 requirements organizations should consider when appraising the security capabilities of their technology vendors.
The white paper, Cyber Security Perspectives, is authored by former UK government CIO John Suffolk, who is Huawei’s global cyber security officer.
It claims to draw on the experience not only of the company itself and the questions asked of it by customers, but also various standards and industry best practices.
In a webcast to launch the paper, Suffolk argued that cyber-security capabilities have not kept up with the rapid technological pace of change.
He said innovation, whilst great for consumers, has increased complexity and therefore risk on the vendor side, and that the sheer “ubiquity of technology leads to levels of complacency.”
Although legislators can boast “vertical slivers of brilliance” they are not knowledgeable enough across the board to create regulations mandating security standards in tech products.
“The Top 100 is a set of requirements, policies, procedures and strategies … that should be demonstrable to anyone to prove that you’re serious about security when designing products and services,” said Suffolk.
The report is part of Huawei’s efforts to take a greater leadership role in the global cyber-security debate by calling on the international community to reduce overlaps and create more harmonization between competing standards.
In so doing, it could also be seen as an effort by the firm to distance itself from the allegations that have followed it for years that its products are not safe.
These came to a head when a US congressional committee effectively barred it and ZTE from competing in the US telecoms equipment market for fears over national security.
The firm has also been a victim, according to revelations earlier this year that the NSA infiltrated corporate servers at its Shenzhen headquarters to find out more about how its routers and switches work.