At a Glance:
A Huawei executive and a US Department of Defense official got on stage together Wednesday at the RSA Conference in San Francisco, and the conversation got heated.
Katie Arrington insisted that lawmakers and President Donald Trump had good reason to remove Huawei products from government use.
The topic at hand was supply chain security, or the process of making sure security flaws don't get introduced into tech during the manufacturing process.
Things got tense.
The digital economy will produce US$23 trillion in new economic potential by 2025 (from US$12.9 trillion in 2017). In other words, by 2025, the digital economy will represent 24.3% of global GDP, up from 17.1% in 2017.
The rapid development of digital technologies also brings . All industries are undergoing digital transformation. . All of these mean that cyber security risks are rising. If we want to benefit from the expansionary economic impact of ICT, maintaining secure ICT environment is key.
Today, cybersecurity is increasingly intertwined with political suspicions and trade barriers and falling trust between nations. Political suspicions have done nothing to solve the issues of cybersecurity. Frequently, cybersecurity is used simply as an excuse to erect trade barriers, and this has further obscured the real issues.
A Huawei executive and a US Department of Defense official got on stage together Wednesday at the RSA Conference in San Francisco, and the conversation got heated. Katie Arrington, an official in charge of acquisition at the Defense Department, insisted that lawmakers and Huawei USA Chief Security Officer Andy Purdy said the decision was the wrong approach.
The government was following a policy of "rip and replace," tearing useful technology from the hands of government workers serving US citizens. The US government can find ways to build trust by observing the manufacturing process more closely.
Andy Purdy, USA Chief Security Officer, Huawei.
Arrington countered that, "because the risk is so high." The US can't consider conveying control of sensitive information to another country, Arrington said, "end of story, period."
The topic at hand was supply chain security or the process of making sure security flaws don't get introduced into tech during the manufacturing process. Since phones, computers, and other devices are made in overseas factories, overseen by a complex web of contractors, there are countless ways bugs can wind up inside your tech. The question of whether the bugs were put there on purpose, and by whom, can lead to an international relations crisis.
Craig Spiezle, a consultant at Agelight Advisory Group who focuses on increasing trust in tech and addressing ethics, moderated the panel. Also, on stage Wednesday were tech policy experts Bruce Schneier of the Harvard Kennedy School and Kathryn Waldron of the R Street Institute think tank.
The US government didn't mind that devices were insecure because its spy agencies were the best at using those vulnerabilities to gain intelligence. As other countries came to match the United States' ability to spy, the government has become more concerned with patching up flaws. That's going to decrease everyone's ability to spy. Security will come at the expense of surveillance.
Bruce Schneier, Renowned Security Technologist
Waldron said the US government's decision to ban Huawei tech has cemented the idea that Chinese tech companies are closely tied to the Chinese government and that that association can't be undone at this point.
The US has its own history of putting unprotected communications devices out into the world. A recent report from the Washington Post detailed how the CIA secretly ran a cryptography company, selling machines with backdoors to governments around the world under the auspices of Crypto AG."All countries are engaged in spying," Waldron said. "I don't think that's a surprise to anyone."
Governments and industry organizations should work together on unified cybersecurity standards. These standards should be technology-neutral and apply equally to all companies and networks. Over many years, the telecom industry has made great strides in delivering continuity, reliability, and compatibility across telecom networks by developing shared, unified standards. As MIT Media Lab cofounder Nicholas Negroponte wrote in an article on Fast Company, "Telecommunications policy should be based on objective standards, not geopolitical issues."