Security Platforms/Tools

Huawei Appoints Cyber Security Guru

Huawei Technologies Co. Ltd. hired prominent IT executive John Suffolk to be its new Global Cyber Security Officer, the Chinese vendor announced on Monday. (See Huawei Appoints Cyber Security Exec.)

Before joining Huawei, Suffolk's last job was CIO of the U.K. government. Prior to that, he has also been an advisor to the World Bank High-Level Experts group, director general of the UK criminal justice transformation program, and managing director of financial services firm Britannia Building Society.

Now he will report to Huawei CEO Ren Zhengfei and spearhead the vendor's new cyber security assurance strategy, which will be implemented across all of the vendor's departments, including research and development, supply chain, marketing and sales, project delivery and technical services.

Suffolk, whose office will be located at Huawei's headquarters in Shenzhen, China, will also be responsible for communicating the new strategy to customers, partners, employees and other stakeholders.

The appointment follows the opening of Huawei's Cyber Security Evaluation Center in the U.K. at the end of last year. The facility is designed to test Huawei's own equipment and show operators and government officials how it can withstand cyber security threats. (See Huawei Opens UK Security Evaluation Center.)

Why this matters
Huawei is on a mission to allay security fears that some governments still have about the company -- the latest example of such concerns cropped up in Taiwan just last month. (See More Security Woes for Huawei.)

The Chinese vendor wants to change its image from security threat to cyber security expert and even services provider. To that end, it has taken unprecedented steps to be more open and transparent. Hiring a high-profile IT exec such as John Suffolk is the company's latest move in this security assurance offensive.

For more
There are those that will see the irony in Huawei's cyber security push as the company has a colorful and controversial history on this front.

— Michelle Donegan, European Editor, Light Reading Mobile

COMMENTS Add Comment
Page 1 / 2   >   >>
pdonegan67 12/5/2012 | 4:57:39 PM
re: Huawei Appoints Cyber Security Guru

Short of Colin Powell taking the job, from a PR point of view such a High Profile British 'Insider" is about as good as Huawei could have got with this appointment.

Meantime, where mobile network security is concerned, Huawei and NSN respectively remain head and shoulders above the other major end to end network infrastructure vendors in terms of thought leadership and communicating a coherent end to end security strategy.

Distrust of Huawei certainly remains deep-rooted in many corners of a lot of operators, government departments, Parliaments and Senates throughout the world. But as security becomes something over which vendors are compelled to compete on more and more, as it surely will, how long before the uniquely intense security grilling that Huawei is being subjected to by some governments starts to morph from a competitive weakness into a competitive advantage?



Michelle Donegan 12/5/2012 | 4:57:39 PM
re: Huawei Appoints Cyber Security Guru

UK prime minister David Cameron has given his blessing to Suffolk's appointment, so he'll take up his post on October 1.

Suffolk said he's "thrilled and privileged" to join Huawei on his blog:





pdonegan67 12/5/2012 | 4:57:38 PM
re: Huawei Appoints Cyber Security Guru

Governments of all kinds have many different of ways of carrying out cyber attacks on telecom networks available to them. Persuading a national champion vendor to collaborate in planting rogue software in their own equipment is just one of them.

Studying the flaws in another vendor's equipment and then bribing a highly placed employee in an operator a stupendous amount of money to exploit those vulnerabilities might be another.

Government policies of all kind change and evolve over over time, whether due to entirely domestic factors or due to changes in relationships and terms of trade with other countries.

Granted it may take a long time, but over time I'm not convinced this will be any different.


krishanguru143 12/5/2012 | 4:57:38 PM
re: Huawei Appoints Cyber Security Guru

No matter what they do and how secure they show they are, if the governments are going to block deals, does it really matter?  It is hard to use how secure their equipment is and use it as an advantage will their gear is automatically excluded from being looked at.  How many carriers do you think have just overlooked Huawei because they know they won’t be able to buy from them?  In many cases, the top three or top five are looked at.  If you are with a company that looks at the top three and you know that Huawei will be excluded at the end, why let them take a spot to begin with?


They are going to have to go much further than what they have to ease the fears of the governments.

krishanguru143 12/5/2012 | 4:57:36 PM
re: Huawei Appoints Cyber Security Guru

We already have open trade with China; of course they don’t do the opposite though and very tightly control their currency.  I also cannot see the NSA ever viewing China as not a threat.  Sure the NSA cannot tell a carrier that they cannot buy Huawei gear, but they can make sure they don’t get government contracts either.  U.S. Cellular looked at Huawei gear, but Senators made sure they made their position well known and that any type of subsidy would be off the table to them.  Chances are of another carrier trying the Huawei route are pretty slim.  Even India doesn’t trust them.


It will be more than a longtime, John Suffolk will be long retired by then.

pdonegan67 12/5/2012 | 4:57:34 PM
re: Huawei Appoints Cyber Security Guru

Security tensions of some kind between China and the U.S are inevitable for years, perhaps decades, to come.

You raise a bunch of other important issues. All of which serve to underline that the interplay between network security and national security is a multi-faceted question- one that goes beyond a narrow focus on the fear of embedded malware in a vendor's network infrastructure. Maybe we can agree on that.

krishanguru143 12/5/2012 | 4:57:34 PM
re: Huawei Appoints Cyber Security Guru


Care to explain why the government doesn’t trust them?  That doesn’t mean the gear cannot be used, but the government is very suspicious of them.  What about them planning on producing wireless gear at a factory in south India?  Coincidence or them trying to make nice with the government by supplying jobs?


So, being security conscious is being myopic?  How about looking the other way and when it turns out to be true, then what?  It is a little hard to undo the damage at that point no?  Maybe we should look at other vendors.  Cisco produces products in China but yet their security products are made in Mexico.  Care to explain that?  So you don’t think that many companies, governments, etc. wouldn’t want products made in China that are for security?  How about the flood of counterfeit products from China?  Customs seized a lot of gear that was fake, but they would work just fine in Cisco routers.  They were being sold as authentic Cisco gear and chances are, the manufacturer was producing extra equipment and selling it themselves.  What would keep them from using custom microcode/firmware in the products?


As for Huawei being a front runner.  Not hard to do when you steal the IP from others.  How many companies have accused Huawei of that and how many times have they paid out?






How about Moto suing Huawei of IP theft?


pdonegan67 12/5/2012 | 4:57:34 PM
re: Huawei Appoints Cyber Security Guru

Not sure I agree where India is concerned. Huawei has secured a very substantial share of India's 3G roll-out, for example.

More broadly where these issues are concerned, in my view the media focus on the risk of malicious embedded software is of course a key national security question but the focus has been, and continues to be, myopic.

If there are reasonable grounds for suspicion there it's a risk, of course. But that is too narrow a definition of national security. Economic competitiveness is a fundamental platform of national security. And economic competiveness is compromised by denying telecom carriers access to the very best in technology innovation. In carrier networks, Huawei is now a front-rank player these days. Excluding them is not without risk from a competitivness stand-point and hence from a national security perspective as well.

The media debate needs to move on to a wider set of risk mitigation trade-offs. I wouldn't want to pay Mr Suffolk the indignity of speculating on when he's going to retire but my money's on this change in outlook transpiring before that date.

Telecomguy0704 12/5/2012 | 4:57:20 PM
re: Huawei Appoints Cyber Security Guru

The way China works is, buying the Elite from each country (with lots of money) then, let them do all the work, performing their most charming influences for China Communist Party (CCP) and its Army (PLA)’s benefits and interests.

Currently, China is threatening the US and other smaller nations in the South China Sea with its bullying and rather weird behaviors. Just look at this way, when China first bought the Ukraine’s old aircraft carrier years ago, China’s “friendly business” front men said it was for the floating Casino purposes. Now, suddenly, we heard on the news, under the CCP and PLA’s influences, this ship has become China’s Navy Arm Force’s (PLAN) first aircraft carrier (to be used for controlling all the International ship lanes of South East Asia Sea).  What make us think that Huawei, ZTE and other “private” companies from China could escape from the strong influence of the CCP and its Army’s strong arm tactics? Should the US’ critical lines of network communication to be controlled and influenced by an unstable foreign power, like the CCP?   

Please read the articles below, especially the comments from various readers for a fair view of the High Tech community.

What makes China telecom Huawei so scary?


China vs. U.S.: The cyber Cold War is raging


pdonegan67 12/5/2012 | 4:57:18 PM
re: Huawei Appoints Cyber Security Guru


Thanks Telecomguy. The CNN article that you provided a link to is among the most balanced I’ve seen on the subject so far.  

Three quotes in the article touch on three different aspects of the conundrum for U.S policy-makers.

·         The critical importance of the spooks. The guy from the Center for Strategic and International Studies (CSIS) in Washington, D.C is quoted as saying. "The national security community in the U.S. is united in its opposition to Huawei." This guy is obviously a whole lot better placed to gauge that than me. But it certainly rings true. And it remains a key issue.

&middot;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; Nevertheless some platinum-plated movers and shakers in U.S security circles believe the exclusion of Huawei is misguided. There&rsquo;s an interesting comment in the CNN article from former vice chairman of the Joint Chiefs of Staff, Admiral Bill Owens. Bill was also my old boss when he was CEO of Nortel. His consulting outfit, Amerilink Telecom, was engaged by Huawei last year in an effort to support an ultimately unsuccessful bid to win a major wireless contract with Sprint. Bill&rsquo;s reflection in the CNN article is that &ldquo;It was a serious mistake for America not to [have had Sprint award Huawei the business]," And again he says: "they're opening all their source code to Sprint, to the U.S. government, to everyone. At Nortel, I never would have opened the source code to anyone, especially not the U.S. government. This is so compellingly wrong in the way this has happened." To repeat, Bill is a former vice chairman of the Joint Chiefs of Staff. He commanded the 6<sup>th</sup> fleet during the first Iraq War of 1990-1991. Oh - and he was a Rhodes Scholar at Oxford University, reputedly scoring higher exam marks than Bill Clinton.

&middot;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; A rich mix of both reliable and unreliable information. The unnamed source in the article who says of Level 3&rsquo;s purchase of Huawei equipment that "It's base stations, core switching equipment -- the kind of stuff that really ought to keep people up at night". Since when did Level 3 ever buy base stations? There may be grounds for policy makers to be kept up at night. But if &nbsp;there are then hyperbole-rich and fact-poor &ldquo;evidence&rdquo; like this is much more likely to make policy makers fall asleep at the wheel.

Good to see that some parts of the media are starting to cover this issue more comprehensively.&nbsp;



Page 1 / 2   >   >>
Sign In