Huawei stopped fighting metaphorical fires today to lift the curtain on its Brussels Cyber Security Transparency Centre in a move to position the Chinese company as a driving force for new global security standards.
"We need to work together on unified standards. Based on a common set of standards, technical verification and legal verification can lay the foundation for building trust," said rotating chairman Ken Hu, giving the inauguration speech for the Huawei Cyber Security Transparency Centre (HCSTC) at Brussels' Palais des Academies this morning.
Huawei said in a statement that its aim with the HCSTC in Brussels was "to offer government agencies, technical experts, industry associations, and standards organizations a platform, where they can communicate and collaborate to balance out security and development in the digital era".
The centre will also act as a shop window for Huawei's security products, focusing on 5G, IoT and cloud, and "independent testing organisations" as well as telcos and nation states, which are, the company said, most welcome to use its "dedicated testing environments".
EU functionary Ulrik Trolle Smed, who works in the office of EU Security Commissioner Julian King, gave a speech at the event praising the opening of the centre. He said: "We are in favour of anything that leads to better cybersecurity because it's a collective responsibility."
Any chumminess displayed by EU institutions towards Huawei is likely to alarm the Anglosphere Five Eyes spying alliance. The Five Eyes countries – America, Australia, the UK, Canada and New Zealand – are almost all against allowing Huawei's network equipment to be installed in their core networks. The UK, however, has not closed the door on Huawei's involvement in next-generation mobile networks, despite its oversight panel delivering some muted criticism of its firmware security.
We believe that European regulators are on track to lead the international community in terms of cyber security standards and regulatory mechanisms. We commit to working more closely with all stakeholders in Europe, including regulators, carriers, and standards organizations, to build a system of trust based on facts and verification.
Ken Hu, Huawei rotating chairman
Hu called for a "collaborative effort" on cybersecurity from both governments and industry "because no single vendor, government, or telco operator can do it alone", going on to praise the GSMA's Network Equipment Security Assurance Scheme: "We believe that all stakeholders should get behind this framework. Ultimately, the standards we adopt must be verifiable for all technology providers and all carriers."
The HCSTC currently employs "around eight to 10 people" according to a company spokesman who gave a brief tour of its offices, located in a nondescript block on Gruinard 9. The company is pitching the centre as a UK-style code review facility, open to telcos and states alike, and a platform for influencing the European Union’s renewed drive to improve cyber security standards.
"At Huawei, we have the ABC principle for security: "Assume nothing. Believe nobody. Check everything," quipped Hu.
Even if some of the security world rejects the idea of Huawei doing the checking, it appears the Chinese company is deepening its ties with the European Union. ®