Thursday, April 30, 2015

The Future Of Network Integrity Depends On Industry Only

Cyber threats are evolving and they are becoming more sophisticated, pervasive, and destructive. This should come as no surprise given the ubiquity of coverage surrounding recent attacks; perhaps more than ever, the future of network integrity is central to the cause of facilitating today’s digital economy. 

In an age moving towards the internet of things, the contours of security will shape the future of commerce, technology, and privacy.
And though there is consensus around the importance of combating digital threats, the path needed to defend our networks is much less clear.

We conduct business in a world defined by connectivity. The past decades’ Information and Communication Technology (ICT) revolution has allowed transnational firms to establish narrowly focused segments of their supply chain across a host of countries. Fiber-optic networks and backbone routers help to enable the smooth transmission of data across the globe and make comparative specialization possible by linking fragmented technologies: RFID tags and sensors, communication networks, operational data, and security management software.

The integrity of that network cannot be taken for granted. While this is not a problem exclusive to industry actors, the global nature of the ICT sector’s supply chain requires international cooperation to ensure that seamless connectivity remains reliable and efficacious. Unfortunately, though standards setting bodies are plentiful, the international regulatory landscape for telecommunications networks remains inadequate.

Today, the most globally competitive companies find themselves in the middle of an escalated regime conflict over the supervision of network integrity. Varied regulatory culture, claims of protectionism, and threats of retaliation made by the world’s two largest economies only exacerbate geopolitical entrenchment and distract from the challenges that industry faces. The reality is that ICT spans across borders, continents, oceans, and even outer space. This only highlights the need for a post-nationalist solution.

Recent revelations (PDF) uncovering alleged covert hacking operations illuminate the problem of decentralization: disparate, clandestine government action is undermining trust in multinational companies’ products. These activities could spur nations to adopt indigenous-only technology that would severely limit the market for multinationals, regardless of where headquartered. In an industry defined by global product research, development, and procurement, a company’s geographic headquarters should not predetermine nor prohibit its access to markets. Unfortunately, the current inadequate regulatory regime leaves room for abuse and distrust.

We believe that beggar-thy-neighbor approaches to network integrity will only exacerbate techno-nationalist policies. Inclusive cybersecurity solutions cannot solely emerge from one nation, nor can government actors alone resolve them. Because information technology network hardware and software operates across borders and sectors, that solution must come from industry and the vendors who supply network infrastructure. In the wake of divergent international policy prescriptions, firms are clamoring for rational solutions that allow companies to compete and innovate on a fair and safe playing field.

Clamoring isn’t enough; only action will suffice. As a member of over 150 international standards bodies, we at Huawei believe that a congruence of recommended international standards is a good first step and we support international negotiations that would institutionally embed sensible rules around the ICT network supply chain. Establishing fair, transparent, and efficient international networking industry standards would ensure that competition centers on products, not security.

But we can do better. To encourage a uniform approach across the industry, companies should be more transparent about their policies and share their approach to standards, ranging from software testing and technical standards to legal compliance and third-party information security management. Vendors should also focus on improving detection and establish means to monitor entry and exit points so that networks can track and trace perpetrators.

There will be an unprecedented 100 billion connections worldwide by 2025. Managing that data safely will be an enormous challenge. As one of the world’s largest providers of network and communication services we are well positioned and dedicated to continually improving security standards. We call on governments, private industry, and end-users around the globe to join us in that commitment.

No comments: