Data Security

Huawei and RCR Wireless Host a Fireside Chat on Zero-Trust Cybersecurity Strategy

In collaboration with RCR Wireless, Huawei Technologies USA held a fireside chat with Andy Purdy, Chief Security Officer at Huawei Technologies USA, and Sean Kinney, Editor in Chief at RCR Wireless, to explore how organizations can understand and adopt zero-trust strategies. Purdy, a cybersecurity specialist, provides insights into accelerating the global adoption of standardized processes for ensuring the security of all telecom devices. He also discusses the wider implications of Huawei's inclusion on the US export controls list on the supply chain. While the list was established to protect national security, it has grown in scope and has had unexpected consequences for the global supply chain.

The fireside chat, which can be seen here, goes into greater detail on the importance of reestablishing global trust and cooperation to maintain a regular supply chain. Zero-trust cybersecurity strategies can promote an environment for innovation while also protecting national security through an intervention based on facts, verification, transparency, and risk management. The zero-trust model, which is based on never trusting and always verifying, assists companies in minimizing damage and reducing the possibility of hackers trying to infiltrate their systems. Following SolarWinds and other cyberattacks, the cybersecurity community has recognized the crucial importance of transparency and accountability. Experts emphasize the growing importance of incentives to encourage companies to uphold secure cybersecurity practices, as well as the need to hold organizations accountable when they fail to do so.

Are telecom operators building their networks following zero-trust principles? What will experts do to improve industry assurance, accountability, and transparency? What else will Huawei do to push for the global adoption of standardized processes for checking the security of all telecom equipment, not just Huawei's? And how has Huawei's inclusion on the U.S. Commerce Department's Bureau of Industry and Security entity list affected the company overall? Purdy and Kinney delve into these and other issues, including actionable insights into making cyberspace safer and more transparent by using zero-trust cybersecurity.

About Huawei

Huawei is a world leader in infrastructure and smart devices for information and communications technology (ICT). We are dedicated to bringing digital to every person, home, and enterprise through interconnected technologies across four key domains – telecom networks, IT, smart devices, and cloud services – for a fully connected, intelligent world.

Huawei's whole product, solution, and service portfolio are both competitive and secure. We create long-term value for our customers by an open partnership with ecosystem partners, collaborating to empower people, enhance home life, and inspire innovation in organizations of all sizes.

Huawei innovates to meet the needs of its customers. We make significant investments in basic research, focusing on technological breakthroughs that drive the world forward. We hire over 188,000 people and operate in over 170 countries and regions. Huawei, which was established in 1987, is a private company that is entirely owned by its employees.

Spotlight

Spotlight

Related News

Cloud Security

Google Cloud Next 2023 Embraces Generative AI for Safer Digital Future

Google | September 18, 2023

Google reveals its pioneering approach to applying generative AI in cybersecurity at the Google Cloud Next conference in San Francisco. Alphabet and Google CEO Sundar Pichai's keynote emphasizes Google's AI-first approach and the transformative impact of AI across industries. Google introduces innovative security updates and trends, highlighting its commitment to enhancing cybersecurity capabilities. Google Cloud extends Duet AI to three key products in preview mode, empowering security teams to address complex cybersecurity challenges more efficiently. Google unveiled its pioneering approach to applying generative AI in cybersecurity at the Google Cloud Next conference in San Francisco. This significant revelation follows the broader accessibility of generative AI, made possible earlier this year by technologies like ChatGPT. Google's strategic endeavor aims to harness the potential of AI to combat cybersecurity challenges. Additionally, the event featured a keynote address by Alphabet and Google CEO Sundar Pichai, who underscored the transformative influence of AI across sectors and emphasized Google's extensive history of adopting an AI-first approach. During the conference, Google seized the opportunity to introduce innovative security updates and trends, signifying its commitment to enhancing cybersecurity capabilities for its customers. These developments come at a time when the integration of AI technologies in addressing cybersecurity concerns has gained substantial attention and recognition. Alphabet and Google CEO Sundar Pichai, a prominent figure in the technology industry, initiated the conference, reiterating the profound influence of AI across various sectors, industries, and business functions. His emphasis on Google's decade-long dedication to an AI-first approach solidified the company's leadership position in this transformative era. Furthermore, Google unveiled significant developments in the conference, including expanding Vertex AI with over 100 foundation models and introducing enhancements like PaLM 2, supercomputing capabilities, and the fifth-gen Tensor Processing Units. However, their commitment to democratizing AI was highlighted, demonstrated through customer stories and live demos. Google Cloud's developer advocate, Priyanka Vergadia, showcased Duet AI, an intelligent chatbot assistant that streamlines developers' tasks, saving time and enhancing security. Duet AI automates deployments, configures applications correctly, aids in debugging, and strengthens security. Its preview release marks a step towards achieving shift-left and DevSecOps goals, empowering developers to secure their code effectively and allowing security teams to scale their efforts. The research conducted by ESG and ISSA highlights the challenges faced by cybersecurity professionals. A significant majority (63%) have found their roles increasingly complex over the past two years. A closer look reveals that the surge in complexity (81%), rising workloads, and growing cyberthreats (59%), as well as understaffing issues (46%), are the primary factors contributing to this challenge. In response to these evolving demands, Google Cloud has taken a proactive step by extending the application of Duet AI to three key products, now available in preview mode. These applications empower security teams with Mandiant Threat Intelligence for threat analysis, Google Chronicle for accelerated SecOps processes, and Google Security Command Center for risk mitigation. A live demonstration showcased how Duet AI streamlines security analysts' workflows, making threat detection and response more efficient and enhancing overall security posture management. Google Cloud announced Mandiant Hunt for Chronicle Security Ops in preview, boosting threat hunting with expert Mandiant insights. Agentless vulnerability scanning (powered by Tenable) in preview detects OS, software, and network vulnerabilities on Google Compute Engine VMs. Custom posture findings and threat detectors are now available in the Security Command Center. Cloud Firewall Plus, in preview, enhances firewall service with advanced threat protection (Palo Alto Networks). These updates, utilizing Duet AI in preview, demonstrate Google Cloud's dedication to cybersecurity innovation, with specific availability details to come. The conference also highlighted partner offerings in the ever-evolving cloud security landscape.

Read More

Data Security

Oracle Attempts to Design New Open Network and Data Security Standard

Oracle | September 20, 2023

Oracle to participate in an industry-wide initiative to design a new open network and data security standard. Oracle and Applied Invention are assisting to developing and promoting a novel network and data-centric security standard to tackle distributed cloud deployment challenges. This standard will enable organizations to protect their data throughout its entire lifecycle without requiring modifications to their distributed cloud environments' underlying architecture. Oracle, one of the world's largest database management companies, announced that it will participate in an industry-wide initiative to design a new open network and data security standards that will assist organizations in protecting their data in distributed IT environments. Oracle will collaborate with Applied Invention, a significant technology provider, and other industry leaders, including Nomura Research Institute, Ltd. (NRI), a global leader in consulting and system solutions. This new standard will enable networks to enforce shared security policies collectively, thereby augmenting the security architecture organizations already employ without requiring modifications to existing applications and networks. Oracle plans to launch the Oracle Zero-Trust Packet Routing Platform, based on the new standard, to support this new initiative. This platform will assist organizations in preventing illegal access or use of their data without imposing additional obstacles on legitimate activities. Executive Vice President of Security and Developer Platforms at Oracle Cloud Infrastructure, Mahesh Thiagarajan, said, Over the last 20 years, the cybersecurity industry has produced many incremental changes, but we need a fundamentally novel approach to protect our data in the increasingly complex cloud era. Organizations require a way to describe their data security policies in one place where they can be easily understood and audited, and they need a way to make sure those policies are enforced across their entire computing infrastructure, including their clouds. [Source – Cision PR Newswire] As the adoption of cloud technology rises and IT landscapes become more intricate with distributed cloud deployments, organizations face escalating challenges in safeguarding their data using conventional methods and tools. For example, many existing systems necessitate security teams to orchestrate disparate solutions across various facets, including database, application, network, and identity security. This complexity is further compounded when applied across diverse environments. Ensuring seamless collaboration among these solutions becomes a formidable task due to the dynamic and independent changes in applications, environments, and user profiles. Additionally, current security systems demand extensive configurations to accurately distinguish between different user categories, such as full-time employees and contractors, without compromising security or restricting access. Research Vice President of Cloud and Edge Infrastructure Services at IDC, Dave McCarthy, said, The new standard Oracle develop has the potential to change all of that by adding a unified layer of security on top of existing solutions. Building data protection policies into the network itself will assist users get the access they require while ensuring the data remains secure behind the scenes. [Source – Cision PR Newswire] Oracle and Applied Invention are assisting in designing and promoting a novel security standard, focusing on network and data-centric security, which aims to tackle these challenges. This innovative standard will empower organizations to safeguard their data across its entire lifecycle, including distributed cloud environments. To accomplish this, the standard will implement an intent-based security policy that is designed to be understandable, auditable, and interpretable by humans. This intent-driven approach will be put into practice at the network layer, ensuring that every data transmission contains authenticated attributes concerning the sender, receiver, and the nature of the data in transit.

Read More

Network Threat Detection

Juniper Networks Unveils the Industry’s First Distributed Security Services Architecture for Unmatched Scalability and Operational Simplicity

Business Wire | October 20, 2023

Juniper Networks (NYSE: JNPR), the leader in secure, AI-driven networks, today announced the expansion of its Connected Security portfolio with new products and capabilities that empower organizations to seamlessly extend security services and Zero Trust policies across distributed data center environments. The new Juniper Connected Security Distributed Services Architecture uniquely integrates Juniper’s unified security management paradigm with best-in-class routing and AI-Predictive Threat Prevention to bring much-needed operational simplicity and scale to data center security. In addition, four new high-performance firewall platforms deliver unmatched performance in a compact footprint that minimizes cost, space and power consumption. With the adoption of edge computing, multicloud, 5G and IoT, business data is increasingly distributed across geographically dispersed locations, making it harder to secure and manage. To adapt to this changing environment, organizations need a new modern data center architecture that delivers reliability through automated data center operations, scalable performance to support the most stringent workloads (e.g., AI model training) and comprehensive data security, regardless of where the data resides. The newest enhancements to Juniper’s Connected Security portfolio provide a secure bridge for customers to facilitate their transition to a modern data center, at their own pace. This is achieved via the following unique innovations: Juniper’s Connected Security Distributed Services Architecture: Juniper is the first in the industry to deliver an architecture design that fully decouples the forwarding and security services layers that have traditionally been combined in a single firewall appliance. By decoupling these layers, customers can utilize their existing Juniper MX series routers as an intelligent forwarding engine and load balancer. This unique design gives customers independent scaling flexibility without chassis limitations, multi-path resiliency and cost efficiency. When coupled with Juniper Security Director Cloud, the operational experience is as simple as managing one logical element, regardless of the quantities and form factors of any additional firewall engines added to the architecture. AI-Predictive Threat Prevention: Building on Juniper’s Adaptive Threat Profiling and Encrypted Traffic Insights, AI-Predictive Threat Prevention automatically generates custom signatures unique to the customer’s environment through a proxy-less architecture. Coupled with AI, customers gain even more effective malware prevention at line rate. Additionally, the enhanced URL filtering solution provides more granular control, with more than 200 categories to choose from and support for up to 200 languages, as well as a new portal for better insights on web content and easy recategorization. The AI-powered security solution enables customers and partners to predict and find real threats faster, leaving human experts to focus on more strategic security tasks. Four new best-in-class high-performance firewalls: The new Juniper Networks SRX firewalls (SRX1600, SRX2300, SRX4300, SRX4700) are 1RU in size, scale up to 1.4 Tbps and include built-in Zero Trust capabilities, delivering the industry’s highest firewall throughput performance per rack unit. The new platforms feature wire-speed MACsec along with natively embedded TPM 2.0 chips and cryptographically signed device IDs that allow security administrators and network operators to easily verify the trust posture of devices remotely and mitigate the risks of supply chain attacks. These new firewalls, like the whole SRX family, support industry-standard EVPN-VXLAN Type 5 integration, providing full fabric awareness to security operators and allowing them to respond to threats faster. When combined with Juniper’s Connected Security Distributed Services Architecture, these additions to the Juniper SRX series family offer customers even more options to build and expand their data center architectures securely and with sustainability objectives top of mind.

Read More