SlideShare a Scribd company logo

Huwei Cyber Security Presentation

Download as PPTX, PDF
P
Peter921148

Huwei Cyber Security / Digital Transformation Presentation

Data & Analytics
1 of 13
Huawei Cyber Security, Mitigating Security Risks in Digital Transformation
New Technologies Inject Vitality into the Digital Economy, But Also Present New Challenges for Cyber Security and Privacy Protection New technologies New opportunities New challenges Mobile networks and sensors enable high-density interconnection. Cloudification enables resource sharing and closed service platforms are opened up. AI and big data power the in-depth mining of information. The boundaries for protection become increasingly blurred. Data processing is more complex and the risk of data leaks is increasing. The attack surface is larger and vulnerabilities more numerous. Cloud service SDN/NFV AI 5G IoT
Cyber Security Is Huawei's Top Priority Over the past 30 years, Huawei has served more than 3 billion people around the world and supported the stable operation of more than 1500 carrier networks in over 170 countries and regions. We have maintained a solid track record in cyber security, and our practices in cyber security have earned us the full trust of customers. "Huawei views building and fully implementing an end-to-end global cyber security assurance system as a key corporate strategy. Based on compliance with the applicable laws, regulations, standards of relevant countries and regions, and by referring to the industry best practices, we work with governments, customers, and industry partners to jointly tackle the challenges of cyber security in an open and transparent manner and fully meet customers' cyber security needs. In addition, Huawei guarantees that our commitment to cyber and service security will never be outweighed by our commercial interests." Statement on Establishing a Global Cyber Security Assurance System "Huawei has elevated cyber security and privacy protection to our top priorities. We are committed to building trust and high quality into every ICT infrastructure product and solution we develop." An open letter to all Huawei employees
End-to-End Cyber Security Assurance System Covers Each Part and Person of Huawei Strategy, governance, and control Standards and processes Laws/Regulations HR R&D Verification Audit Traceability Issue and vulnerability remediation Security delivery services Manufacturing and logistics Third-party suppliers Huawei's top priority GSPC Adopt the best standards Embedded Legal compliance 800+ legal experts 100% employees signed BCG Accountability system Critical position management Trustworthiness US$750 million investment Invest US$2 billion in software engineering capability improvement Assume nothing, believe no one, and check everything Many hands and many eyes Reaching security agreements with 3855 suppliers Supplier qualification Incoming material test ISO 28000, C-TPAT, TAPA, etc. Automatic testing equipment (ATE) Digital signature Three approvals Secure remote access platform Security work certificate Product Security Incident Response Team (PSIRT) Responsible disclosure Software: 1h Hardware: 4h Internal audit Third-party audit Audit by customers Personnel, processes, and technologies
Organization and position management Personnel capability improvement Culture and climate building 100% employees have signed the Business Conduct Guidelines Security KPIs set in 20+ business organizations Identification and management of 10+ types of high-risk positions 500+ employees have obtained security certifications such as IAPP and CISSP. Integration of cyber security requirements into competency & qualification (C&Q) Training and practice of the cyber security task force Over 99% of all employees have received cyber security awareness training Various cyber security publicity activities Incentives and accountability measures Incorporate cyber security into HR policies/processes/IT systems Every Huawei employee, both managers and new employees, participates in cyber security practices through daily work. Personnel: Improve Employees' Awareness and Capabilities to Avoid Risks to the Company Caused by Personal Misconduct
TR1 TR2 TR3 TR4 TR4A TR5 TR6 GA Concept Plan Development Verification Release Lifecycle Security requirement Security design Security development Security test Security delivery and maintenance Security architecture design Privacy impact assessment Security competitiveness analysis Security test design Security compliance management Code security review Secure compilation Static analysis Compliance test Fuzzification Dynamic analysis Digital signatures of versions Virus scanning Vulnerability management Security requirement collection Independent verification ICSL Vulnerability test ICSL Compliance test UK CSEC Independent test Customer and third-party test Huawei's Cyber Security Transparency center Industry certification • We follow the principle of "Assume Nothing, Believe No One, Check Everything". • We have established a "many hands and many eyes" cyber security verification system to ensure openness and transparency. • Customers perform independent security tests and verification through our open platform. • Ensures "No shortcut" test methods to protect customers' investment and services. Internal and external verification Incorporate security activities into the IPD process Full process, multi-level, and multi-organization ensures trustworthiness and security implementation Process: Full-Process, Multi-Level, and Multi-Organization Ensure Trustworthiness and Security Implementation
Introduction to ICSL: Corporate-Level Trustworthiness and Security Evaluation Center Verifies product compliance with security baselines and requirements Tests products for potential security vulnerabilities 1. Ensures that products comply with various security compliance requirements (such as EU GDPR). 2. Ensures sensitive data protection and minimum authorization. 3. Tests web system, management and O&M security. 4. Verifies transmission of internal communication data is encrypted to prevent interception and tampering. 1. Performs code-level white-box tests on products to ensure they have no vulnerabilities. 2. Performs tests against external attacks such as spoofing, tampering, and information leakage. 3. Checks whether service logic vulnerabilities and existing CVE vulnerabilities are resolved. CLI As an independent evaluator, the Internal Cyber Security Lab (ICSL) has developed strict security redline standards and painstakingly evaluates the security of each Huawei product to be sold to customers before official release. Products that fail to pass the test cannot be released.
Basic Security and Trustworthiness Capabilities Underpin Stable Operation of Tens of Millions of Datacom Devices Worldwide V1 V5 V8 Multi-process and multi-core V3 Distributed Single-process and single-core Centralized 1994 2022 Software platform core devices 12 million+ years of R&D accumulation 27+ 11,000+ R&D personnel CloudEngine S8700 NetEngine AR 6700 CloudEngine 16800 HiSecEngine USG12000-F security gateway CloudEngine 8800 NetEngine 8000 F1A NetEngine 8000 F8 CloudEngine 6860 CloudCampus network Huawei hyper-converged DCN Cloud WAN Cyber security HiSecEngine USG6000F NetEngine 8000 M8 series
20 Years of In-depth Security Development: Huawei Builds Full-Stack, Independent, and Controllable AI + Cyber Security Capabilities AI-based precise detection Full-stack independence and controllability Global talent distribution w b J(18,19.5)=175 J(14,7)=1 J(17,18)=90 • Online and offline federated learning ensures the threat detection accuracy of 97%. • The threat detection rate is 12% higher than that of competitor A outside China. • The model optimization time is shortened from 60 days to 6 days, greatly improving the threat information production efficiency. 85% Competitor A 97% Huawei Threat detection rate Federated learning Industry's only high performance secure SoC processor Server management and control series chips Basic chips System software/platforms Devices YunShan platform EulerOS Big data platform Big data security APT products AI firewalls IPS/Anti-DDoS products Security R&D team employees: 2500+ Investment in 2020: CNY10 billion+ Additional investment in trustworthiness in the next five years: CNY12 billion Perlis Lab • Automatic evaluation tool • Research on core technologies of network protection • Static analysis of malware • Big data-based security algorithm • Security services and emergency response • Intelligent analysis and detection algorithm • Dynamic analysis of malware Germany Lab Canada Lab Beijing Lab
Innovative Anti-ransomware Solution Provides Network + Storage Full Protection Network Interception Extranet E E E Sandbox Situational awareness Terminal Firewall Switch Production Environment Backup Environment Production network SAN/NAS Production storage Detection Isolation zone storage Anti-tamper Anti-tamper Backup storage Anti-tamper Anti-tamper Detection Backup network AIR GAP AIR GAP Production hosts 1. Firewall Intrusion detection to filter known ransomware 2. Sandbox for in-depth analysis to identify unknown ransomware 3. Combined with the situational awareness platform to block horizontal ransomware spread Protection layer 2: production protection Backup storage Isolation zone Isolation zone Protection layer 3: backup protection Network product implementation Protection layer 1: network detection
Core Components, Independent and Controllable Key Technologies Build a Complete and Resilient Supply Chain Forwarding Software Computing Optical module RF module  HiSilicon series chips are applied to multiple products including routers, switches, and security gateways.  Provides open programmability.  HiSilicon CPU provides high- performance computing capabilities for network devices.  HiSilicon interface chip.  Full series of optical modules from GE and 10GE to 100GE, 200GE, and 400GE.  HiSilicon series chip, which provides high- speed and stable wireless air interface connections.  Powered by 5G technologies.  Datacom YunShan OS.  EulerOS, and GaussDB.  Huawei-developed controller and analyzer. 100% of core components are self-developed and supplied
Nearly 100 Million Huawei Datacom Products Have Been Running Stably, Securely, and Reliably in 100+ Countries 1120+ 1180+ 2200+ 320+ 380+ Finance Education ISP Energy Transportation 17 100+ of top 10 banks of QS top 100 universities Highway/Railway (km) of top 20 oil and gas fields Countries 32 230,000 6 new global enterprise customers in 2021, serving 267 Fortune Global 500 companies 1100+ 1160+ Government National government broadband network 60+
Copyright©2022 Huawei Technologies Co., Ltd. All Rights Reserved. The information in this document may contain predictive statements including, without limitation, statements regarding the future financial and operating results, future product portfolio, new technology, etc. There are a number of factors that could cause actual results and developments to differ materially from those expressed or implied in the predictive statements. Therefore, such information is provided for reference purpose only and constitutes neither an offer nor an acceptance. Huawei may change the information at any time without notice. 把数字世界带入每个人、每个家庭、 每个组织,构建万物互联的智能世界。 Bring digital to every person, home, and organization for a fully connected, intelligent world. Thank you.

Recommended

Smart security solutions for SMBs
Smart security solutions for SMBsSmart security solutions for SMBs
Smart security solutions for SMBsJyothi Satyanathan
 
Security solutions for a smarter planet
Security solutions for a smarter planetSecurity solutions for a smarter planet
Security solutions for a smarter planetVincent Kwon
 
Core.co.enterprise.deck.06.16.10
Core.co.enterprise.deck.06.16.10Core.co.enterprise.deck.06.16.10
Core.co.enterprise.deck.06.16.10Core Security Technologies
 
GE디지털 월드테크 브로셔(GE Digital Wurldtech)
GE디지털 월드테크 브로셔(GE Digital Wurldtech)GE디지털 월드테크 브로셔(GE Digital Wurldtech)
GE디지털 월드테크 브로셔(GE Digital Wurldtech)GE코리아
 
Security is our duty and we shall deliver it - White Paper
Security is our duty and we shall deliver it - White PaperSecurity is our duty and we shall deliver it - White Paper
Security is our duty and we shall deliver it - White PaperMohd Anwar Jamal Faiz
 
Cyber security service portfolio of Future Data Ltd
Cyber security service portfolio of Future Data LtdCyber security service portfolio of Future Data Ltd
Cyber security service portfolio of Future Data LtdSabrina Chan
 
IBM Relay 2015: Securing the Future
IBM Relay 2015: Securing the Future IBM Relay 2015: Securing the Future
IBM Relay 2015: Securing the Future IBM
 
Building cybersecurity transparency with clients using compliance automation...
Building cybersecurity transparency with clients using compliance automation... Building cybersecurity transparency with clients using compliance automation...
Building cybersecurity transparency with clients using compliance automation...ELEKS
 

Recommended

Smart security solutions for SMBs
Smart security solutions for SMBsSmart security solutions for SMBs
Smart security solutions for SMBsJyothi Satyanathan
 
Security solutions for a smarter planet
Security solutions for a smarter planetSecurity solutions for a smarter planet
Security solutions for a smarter planetVincent Kwon
 
Core.co.enterprise.deck.06.16.10
Core.co.enterprise.deck.06.16.10Core.co.enterprise.deck.06.16.10
Core.co.enterprise.deck.06.16.10Core Security Technologies
 
GE디지털 월드테크 브로셔(GE Digital Wurldtech)
GE디지털 월드테크 브로셔(GE Digital Wurldtech)GE디지털 월드테크 브로셔(GE Digital Wurldtech)
GE디지털 월드테크 브로셔(GE Digital Wurldtech)GE코리아
 
Security is our duty and we shall deliver it - White Paper
Security is our duty and we shall deliver it - White PaperSecurity is our duty and we shall deliver it - White Paper
Security is our duty and we shall deliver it - White PaperMohd Anwar Jamal Faiz
 
Cyber security service portfolio of Future Data Ltd
Cyber security service portfolio of Future Data LtdCyber security service portfolio of Future Data Ltd
Cyber security service portfolio of Future Data LtdSabrina Chan
 
IBM Relay 2015: Securing the Future
IBM Relay 2015: Securing the Future IBM Relay 2015: Securing the Future
IBM Relay 2015: Securing the Future IBM
 
Building cybersecurity transparency with clients using compliance automation...
Building cybersecurity transparency with clients using compliance automation... Building cybersecurity transparency with clients using compliance automation...
Building cybersecurity transparency with clients using compliance automation...ELEKS
 
Fortify-Application_Security_Foundation_Training.pptx
Fortify-Application_Security_Foundation_Training.pptxFortify-Application_Security_Foundation_Training.pptx
Fortify-Application_Security_Foundation_Training.pptxYoisRoberthTapiadeLa
 
Fortify-Application_Security_Foundation_Training.pptx
Fortify-Application_Security_Foundation_Training.pptxFortify-Application_Security_Foundation_Training.pptx
Fortify-Application_Security_Foundation_Training.pptxVictoriaChavesta
 
CyberKnight capabilties
CyberKnight capabiltiesCyberKnight capabilties
CyberKnight capabiltiesSneha .
 
Life After Compliance march 2010 v2
Life After Compliance march 2010 v2Life After Compliance march 2010 v2
Life After Compliance march 2010 v2SafeNet
 
Scalar Security Roadshow April 2015
Scalar Security Roadshow April 2015Scalar Security Roadshow April 2015
Scalar Security Roadshow April 2015Scalar Decisions
 
Week 09_Cyber security u.pdf
Week 09_Cyber security u.pdfWeek 09_Cyber security u.pdf
Week 09_Cyber security u.pdfdhanywahyudi17
 
Segurança da Informação e Estrutura de Redes - Café Empresarial 15/05
Segurança da Informação e Estrutura de Redes - Café Empresarial 15/05 Segurança da Informação e Estrutura de Redes - Café Empresarial 15/05
Segurança da Informação e Estrutura de Redes - Café Empresarial 15/05 sucesuminas
 
HPE Security Keynote from Istanbul 20th Jan 2016
HPE Security Keynote from Istanbul 20th Jan 2016HPE Security Keynote from Istanbul 20th Jan 2016
HPE Security Keynote from Istanbul 20th Jan 2016SteveAtHPE
 
第7回VEC制御システムサイバーセキュリティカンファレンス
第7回VEC制御システムサイバーセキュリティカンファレンス第7回VEC制御システムサイバーセキュリティカンファレンス
第7回VEC制御システムサイバーセキュリティカンファレンスchomchana trevai
 
Cyber Tekes Safety and Security programme 2013
Cyber Tekes Safety and Security programme 2013Cyber Tekes Safety and Security programme 2013
Cyber Tekes Safety and Security programme 2013Turvallisuus2013
 
Cy Cops Company Presentation
Cy Cops Company PresentationCy Cops Company Presentation
Cy Cops Company PresentationChaitanyaS
 
Security Everywhere: A Growth Engine for the Digital Economy
Security Everywhere: A Growth Engine for the Digital EconomySecurity Everywhere: A Growth Engine for the Digital Economy
Security Everywhere: A Growth Engine for the Digital EconomyCisco Russia
 
Security and Policing event presentation by Steve lamb from hewlett packard e...
Security and Policing event presentation by Steve lamb from hewlett packard e...Security and Policing event presentation by Steve lamb from hewlett packard e...
Security and Policing event presentation by Steve lamb from hewlett packard e...Steve Lamb
 
MCGlobalTech Consulting Service Presentation
MCGlobalTech Consulting Service PresentationMCGlobalTech Consulting Service Presentation
MCGlobalTech Consulting Service PresentationWilliam McBorrough
 
MCGlobalTech Service Presentation
MCGlobalTech Service PresentationMCGlobalTech Service Presentation
MCGlobalTech Service PresentationWilliam McBorrough
 
Ooredoo%20Security%20Managed%20Services
Ooredoo%20Security%20Managed%20ServicesOoredoo%20Security%20Managed%20Services
Ooredoo%20Security%20Managed%20ServicesMuhammad Mudassar
 
MT50 Data is the new currency: Protect it!
MT50 Data is the new currency: Protect it!MT50 Data is the new currency: Protect it!
MT50 Data is the new currency: Protect it!Dell EMC World
 
Software security, secure software development in the age of IoT, smart thing...
Software security, secure software development in the age of IoT, smart thing...Software security, secure software development in the age of IoT, smart thing...
Software security, secure software development in the age of IoT, smart thing...LabSharegroup
 
Microsoft Office 365 Security and Compliance
Microsoft Office 365 Security and ComplianceMicrosoft Office 365 Security and Compliance
Microsoft Office 365 Security and ComplianceDavid J Rosenthal
 
DevOps for Highly Regulated Environments
DevOps for Highly Regulated EnvironmentsDevOps for Highly Regulated Environments
DevOps for Highly Regulated EnvironmentsDevOps.com
 
Amazon TQM (2) Amazon TQM (2)Amazon TQM (2).pptx
Amazon TQM (2) Amazon TQM (2)Amazon TQM (2).pptxAmazon TQM (2) Amazon TQM (2)Amazon TQM (2).pptx
Amazon TQM (2) Amazon TQM (2)Amazon TQM (2).pptxAbdelrhman abooda
 
Industrialised data - the key to AI success.pdf
Industrialised data - the key to AI success.pdfIndustrialised data - the key to AI success.pdf
Industrialised data - the key to AI success.pdfLars Albertsson
 

More Related Content

Similar to Huwei Cyber Security Presentation

Fortify-Application_Security_Foundation_Training.pptx
Fortify-Application_Security_Foundation_Training.pptxFortify-Application_Security_Foundation_Training.pptx
Fortify-Application_Security_Foundation_Training.pptxYoisRoberthTapiadeLa
 
Fortify-Application_Security_Foundation_Training.pptx
Fortify-Application_Security_Foundation_Training.pptxFortify-Application_Security_Foundation_Training.pptx
Fortify-Application_Security_Foundation_Training.pptxVictoriaChavesta
 
CyberKnight capabilties
CyberKnight capabiltiesCyberKnight capabilties
CyberKnight capabiltiesSneha .
 
Life After Compliance march 2010 v2
Life After Compliance march 2010 v2Life After Compliance march 2010 v2
Life After Compliance march 2010 v2SafeNet
 
Scalar Security Roadshow April 2015
Scalar Security Roadshow April 2015Scalar Security Roadshow April 2015
Scalar Security Roadshow April 2015Scalar Decisions
 
Week 09_Cyber security u.pdf
Week 09_Cyber security u.pdfWeek 09_Cyber security u.pdf
Week 09_Cyber security u.pdfdhanywahyudi17
 
Segurança da Informação e Estrutura de Redes - Café Empresarial 15/05
Segurança da Informação e Estrutura de Redes - Café Empresarial 15/05 Segurança da Informação e Estrutura de Redes - Café Empresarial 15/05
Segurança da Informação e Estrutura de Redes - Café Empresarial 15/05 sucesuminas
 
HPE Security Keynote from Istanbul 20th Jan 2016
HPE Security Keynote from Istanbul 20th Jan 2016HPE Security Keynote from Istanbul 20th Jan 2016
HPE Security Keynote from Istanbul 20th Jan 2016SteveAtHPE
 
第7回VEC制御システムサイバーセキュリティカンファレンス
第7回VEC制御システムサイバーセキュリティカンファレンス第7回VEC制御システムサイバーセキュリティカンファレンス
第7回VEC制御システムサイバーセキュリティカンファレンスchomchana trevai
 
Cyber Tekes Safety and Security programme 2013
Cyber Tekes Safety and Security programme 2013Cyber Tekes Safety and Security programme 2013
Cyber Tekes Safety and Security programme 2013Turvallisuus2013
 
Cy Cops Company Presentation
Cy Cops Company PresentationCy Cops Company Presentation
Cy Cops Company PresentationChaitanyaS
 
Security Everywhere: A Growth Engine for the Digital Economy
Security Everywhere: A Growth Engine for the Digital EconomySecurity Everywhere: A Growth Engine for the Digital Economy
Security Everywhere: A Growth Engine for the Digital EconomyCisco Russia
 
Security and Policing event presentation by Steve lamb from hewlett packard e...
Security and Policing event presentation by Steve lamb from hewlett packard e...Security and Policing event presentation by Steve lamb from hewlett packard e...
Security and Policing event presentation by Steve lamb from hewlett packard e...Steve Lamb
 
MCGlobalTech Consulting Service Presentation
MCGlobalTech Consulting Service PresentationMCGlobalTech Consulting Service Presentation
MCGlobalTech Consulting Service PresentationWilliam McBorrough
 
MCGlobalTech Service Presentation
MCGlobalTech Service PresentationMCGlobalTech Service Presentation
MCGlobalTech Service PresentationWilliam McBorrough
 
Ooredoo%20Security%20Managed%20Services
Ooredoo%20Security%20Managed%20ServicesOoredoo%20Security%20Managed%20Services
Ooredoo%20Security%20Managed%20ServicesMuhammad Mudassar
 
MT50 Data is the new currency: Protect it!
MT50 Data is the new currency: Protect it!MT50 Data is the new currency: Protect it!
MT50 Data is the new currency: Protect it!Dell EMC World
 
Software security, secure software development in the age of IoT, smart thing...
Software security, secure software development in the age of IoT, smart thing...Software security, secure software development in the age of IoT, smart thing...
Software security, secure software development in the age of IoT, smart thing...LabSharegroup
 
Microsoft Office 365 Security and Compliance
Microsoft Office 365 Security and ComplianceMicrosoft Office 365 Security and Compliance
Microsoft Office 365 Security and ComplianceDavid J Rosenthal
 
DevOps for Highly Regulated Environments
DevOps for Highly Regulated EnvironmentsDevOps for Highly Regulated Environments
DevOps for Highly Regulated EnvironmentsDevOps.com
 

Similar to Huwei Cyber Security Presentation (20)

Fortify-Application_Security_Foundation_Training.pptx
Fortify-Application_Security_Foundation_Training.pptxFortify-Application_Security_Foundation_Training.pptx
Fortify-Application_Security_Foundation_Training.pptx
 
Fortify-Application_Security_Foundation_Training.pptx
Fortify-Application_Security_Foundation_Training.pptxFortify-Application_Security_Foundation_Training.pptx
Fortify-Application_Security_Foundation_Training.pptx
 
CyberKnight capabilties
CyberKnight capabiltiesCyberKnight capabilties
CyberKnight capabilties
 
Life After Compliance march 2010 v2
Life After Compliance march 2010 v2Life After Compliance march 2010 v2
Life After Compliance march 2010 v2
 
Scalar Security Roadshow April 2015
Scalar Security Roadshow April 2015Scalar Security Roadshow April 2015
Scalar Security Roadshow April 2015
 
Week 09_Cyber security u.pdf
Week 09_Cyber security u.pdfWeek 09_Cyber security u.pdf
Week 09_Cyber security u.pdf
 
Segurança da Informação e Estrutura de Redes - Café Empresarial 15/05
Segurança da Informação e Estrutura de Redes - Café Empresarial 15/05 Segurança da Informação e Estrutura de Redes - Café Empresarial 15/05
Segurança da Informação e Estrutura de Redes - Café Empresarial 15/05
 
HPE Security Keynote from Istanbul 20th Jan 2016
HPE Security Keynote from Istanbul 20th Jan 2016HPE Security Keynote from Istanbul 20th Jan 2016
HPE Security Keynote from Istanbul 20th Jan 2016
 
第7回VEC制御システムサイバーセキュリティカンファレンス
第7回VEC制御システムサイバーセキュリティカンファレンス第7回VEC制御システムサイバーセキュリティカンファレンス
第7回VEC制御システムサイバーセキュリティカンファレンス
 
Cyber Tekes Safety and Security programme 2013
Cyber Tekes Safety and Security programme 2013Cyber Tekes Safety and Security programme 2013
Cyber Tekes Safety and Security programme 2013
 
Cy Cops Company Presentation
Cy Cops Company PresentationCy Cops Company Presentation
Cy Cops Company Presentation
 
Security Everywhere: A Growth Engine for the Digital Economy
Security Everywhere: A Growth Engine for the Digital EconomySecurity Everywhere: A Growth Engine for the Digital Economy
Security Everywhere: A Growth Engine for the Digital Economy
 
Security and Policing event presentation by Steve lamb from hewlett packard e...
Security and Policing event presentation by Steve lamb from hewlett packard e...Security and Policing event presentation by Steve lamb from hewlett packard e...
Security and Policing event presentation by Steve lamb from hewlett packard e...
 
MCGlobalTech Consulting Service Presentation
MCGlobalTech Consulting Service PresentationMCGlobalTech Consulting Service Presentation
MCGlobalTech Consulting Service Presentation
 
MCGlobalTech Service Presentation
MCGlobalTech Service PresentationMCGlobalTech Service Presentation
MCGlobalTech Service Presentation
 
Ooredoo%20Security%20Managed%20Services
Ooredoo%20Security%20Managed%20ServicesOoredoo%20Security%20Managed%20Services
Ooredoo%20Security%20Managed%20Services
 
MT50 Data is the new currency: Protect it!
MT50 Data is the new currency: Protect it!MT50 Data is the new currency: Protect it!
MT50 Data is the new currency: Protect it!
 
Software security, secure software development in the age of IoT, smart thing...
Software security, secure software development in the age of IoT, smart thing...Software security, secure software development in the age of IoT, smart thing...
Software security, secure software development in the age of IoT, smart thing...
 
Microsoft Office 365 Security and Compliance
Microsoft Office 365 Security and ComplianceMicrosoft Office 365 Security and Compliance
Microsoft Office 365 Security and Compliance
 
DevOps for Highly Regulated Environments
DevOps for Highly Regulated EnvironmentsDevOps for Highly Regulated Environments
DevOps for Highly Regulated Environments
 

Recently uploaded

Amazon TQM (2) Amazon TQM (2)Amazon TQM (2).pptx
Amazon TQM (2) Amazon TQM (2)Amazon TQM (2).pptxAmazon TQM (2) Amazon TQM (2)Amazon TQM (2).pptx
Amazon TQM (2) Amazon TQM (2)Amazon TQM (2).pptxAbdelrhman abooda
 
Industrialised data - the key to AI success.pdf
Industrialised data - the key to AI success.pdfIndustrialised data - the key to AI success.pdf
Industrialised data - the key to AI success.pdfLars Albertsson
 
Indian Call Girls in Abu Dhabi O5286O24O8 Call Girls in Abu Dhabi By Independ...
Indian Call Girls in Abu Dhabi O5286O24O8 Call Girls in Abu Dhabi By Independ...Indian Call Girls in Abu Dhabi O5286O24O8 Call Girls in Abu Dhabi By Independ...
Indian Call Girls in Abu Dhabi O5286O24O8 Call Girls in Abu Dhabi By Independ...dajasot375
 
From idea to production in a day – Leveraging Azure ML and Streamlit to build...
From idea to production in a day – Leveraging Azure ML and Streamlit to build...From idea to production in a day – Leveraging Azure ML and Streamlit to build...
From idea to production in a day – Leveraging Azure ML and Streamlit to build...Florian Roscheck
 
Brighton SEO | April 2024 | Data Storytelling
Brighton SEO | April 2024 | Data StorytellingBrighton SEO | April 2024 | Data Storytelling
Brighton SEO | April 2024 | Data StorytellingNeil Barnes
 
GA4 Without Cookies [Measure Camp AMS]
GA4 Without Cookies [Measure Camp AMS]GA4 Without Cookies [Measure Camp AMS]
GA4 Without Cookies [Measure Camp AMS]📊 Markus Baersch
 
Call Girls in Defence Colony Delhi 💯Call Us 🔝8264348440🔝
Call Girls in Defence Colony Delhi 💯Call Us 🔝8264348440🔝Call Girls in Defence Colony Delhi 💯Call Us 🔝8264348440🔝
Call Girls in Defence Colony Delhi 💯Call Us 🔝8264348440🔝soniya singh
 
dokumen.tips_chapter-4-transient-heat-conduction-mehmet-kanoglu.ppt
dokumen.tips_chapter-4-transient-heat-conduction-mehmet-kanoglu.pptdokumen.tips_chapter-4-transient-heat-conduction-mehmet-kanoglu.ppt
dokumen.tips_chapter-4-transient-heat-conduction-mehmet-kanoglu.pptSonatrach
 
RadioAdProWritingCinderellabyButleri.pdf
RadioAdProWritingCinderellabyButleri.pdfRadioAdProWritingCinderellabyButleri.pdf
RadioAdProWritingCinderellabyButleri.pdfgstagge
 
Kantar AI Summit- Under Embargo till Wednesday, 24th April 2024, 4 PM, IST.pdf
Kantar AI Summit- Under Embargo till Wednesday, 24th April 2024, 4 PM, IST.pdfKantar AI Summit- Under Embargo till Wednesday, 24th April 2024, 4 PM, IST.pdf
Kantar AI Summit- Under Embargo till Wednesday, 24th April 2024, 4 PM, IST.pdfSocial Samosa
 
ASML's Taxonomy Adventure by Daniel Canter
ASML's Taxonomy Adventure by Daniel CanterASML's Taxonomy Adventure by Daniel Canter
ASML's Taxonomy Adventure by Daniel Cantervoginip
 
Consent & Privacy Signals on Google *Pixels* - MeasureCamp Amsterdam 2024
Consent & Privacy Signals on Google *Pixels* - MeasureCamp Amsterdam 2024Consent & Privacy Signals on Google *Pixels* - MeasureCamp Amsterdam 2024
Consent & Privacy Signals on Google *Pixels* - MeasureCamp Amsterdam 2024thyngster
 
Saket, (-DELHI )+91-9654467111-(=)CHEAP Call Girls in Escorts Service Saket C...
Saket, (-DELHI )+91-9654467111-(=)CHEAP Call Girls in Escorts Service Saket C...Saket, (-DELHI )+91-9654467111-(=)CHEAP Call Girls in Escorts Service Saket C...
Saket, (-DELHI )+91-9654467111-(=)CHEAP Call Girls in Escorts Service Saket C...Sapana Sha
 
Building on a FAIRly Strong Foundation to Connect Academic Research to Transl...
Building on a FAIRly Strong Foundation to Connect Academic Research to Transl...Building on a FAIRly Strong Foundation to Connect Academic Research to Transl...
Building on a FAIRly Strong Foundation to Connect Academic Research to Transl...Jack DiGiovanna
 
04242024_CCC TUG_Joins and Relationships
04242024_CCC TUG_Joins and Relationships04242024_CCC TUG_Joins and Relationships
04242024_CCC TUG_Joins and Relationshipsccctableauusergroup
 
办理(Vancouver毕业证书)加拿大温哥华岛大学毕业证成绩单原版一比一
办理(Vancouver毕业证书)加拿大温哥华岛大学毕业证成绩单原版一比一办理(Vancouver毕业证书)加拿大温哥华岛大学毕业证成绩单原版一比一
办理(Vancouver毕业证书)加拿大温哥华岛大学毕业证成绩单原版一比一F La
 
High Class Call Girls Noida Sector 39 Aarushi 🔝8264348440🔝 Independent Escort...
High Class Call Girls Noida Sector 39 Aarushi 🔝8264348440🔝 Independent Escort...High Class Call Girls Noida Sector 39 Aarushi 🔝8264348440🔝 Independent Escort...
High Class Call Girls Noida Sector 39 Aarushi 🔝8264348440🔝 Independent Escort...soniya singh
 
꧁❤ Greater Noida Call Girls Delhi ❤꧂ 9711199171 ☎️ Hard And Sexy Vip Call
꧁❤ Greater Noida Call Girls Delhi ❤꧂ 9711199171 ☎️ Hard And Sexy Vip Call꧁❤ Greater Noida Call Girls Delhi ❤꧂ 9711199171 ☎️ Hard And Sexy Vip Call
꧁❤ Greater Noida Call Girls Delhi ❤꧂ 9711199171 ☎️ Hard And Sexy Vip Callshivangimorya083
 
vip Sarai Rohilla Call Girls 9999965857 Call or WhatsApp Now Book
vip Sarai Rohilla Call Girls 9999965857 Call or WhatsApp Now Bookvip Sarai Rohilla Call Girls 9999965857 Call or WhatsApp Now Book
vip Sarai Rohilla Call Girls 9999965857 Call or WhatsApp Now Bookmanojkuma9823
 
How we prevented account sharing with MFA
How we prevented account sharing with MFAHow we prevented account sharing with MFA
How we prevented account sharing with MFAAndrei Kaleshka
 

Recently uploaded (20)

Amazon TQM (2) Amazon TQM (2)Amazon TQM (2).pptx
Amazon TQM (2) Amazon TQM (2)Amazon TQM (2).pptxAmazon TQM (2) Amazon TQM (2)Amazon TQM (2).pptx
Amazon TQM (2) Amazon TQM (2)Amazon TQM (2).pptx
 
Industrialised data - the key to AI success.pdf
Industrialised data - the key to AI success.pdfIndustrialised data - the key to AI success.pdf
Industrialised data - the key to AI success.pdf
 
Indian Call Girls in Abu Dhabi O5286O24O8 Call Girls in Abu Dhabi By Independ...
Indian Call Girls in Abu Dhabi O5286O24O8 Call Girls in Abu Dhabi By Independ...Indian Call Girls in Abu Dhabi O5286O24O8 Call Girls in Abu Dhabi By Independ...
Indian Call Girls in Abu Dhabi O5286O24O8 Call Girls in Abu Dhabi By Independ...
 
From idea to production in a day – Leveraging Azure ML and Streamlit to build...
From idea to production in a day – Leveraging Azure ML and Streamlit to build...From idea to production in a day – Leveraging Azure ML and Streamlit to build...
From idea to production in a day – Leveraging Azure ML and Streamlit to build...
 
Brighton SEO | April 2024 | Data Storytelling
Brighton SEO | April 2024 | Data StorytellingBrighton SEO | April 2024 | Data Storytelling
Brighton SEO | April 2024 | Data Storytelling
 
GA4 Without Cookies [Measure Camp AMS]
GA4 Without Cookies [Measure Camp AMS]GA4 Without Cookies [Measure Camp AMS]
GA4 Without Cookies [Measure Camp AMS]
 
Call Girls in Defence Colony Delhi 💯Call Us 🔝8264348440🔝
Call Girls in Defence Colony Delhi 💯Call Us 🔝8264348440🔝Call Girls in Defence Colony Delhi 💯Call Us 🔝8264348440🔝
Call Girls in Defence Colony Delhi 💯Call Us 🔝8264348440🔝
 
dokumen.tips_chapter-4-transient-heat-conduction-mehmet-kanoglu.ppt
dokumen.tips_chapter-4-transient-heat-conduction-mehmet-kanoglu.pptdokumen.tips_chapter-4-transient-heat-conduction-mehmet-kanoglu.ppt
dokumen.tips_chapter-4-transient-heat-conduction-mehmet-kanoglu.ppt
 
RadioAdProWritingCinderellabyButleri.pdf
RadioAdProWritingCinderellabyButleri.pdfRadioAdProWritingCinderellabyButleri.pdf
RadioAdProWritingCinderellabyButleri.pdf
 
Kantar AI Summit- Under Embargo till Wednesday, 24th April 2024, 4 PM, IST.pdf
Kantar AI Summit- Under Embargo till Wednesday, 24th April 2024, 4 PM, IST.pdfKantar AI Summit- Under Embargo till Wednesday, 24th April 2024, 4 PM, IST.pdf
Kantar AI Summit- Under Embargo till Wednesday, 24th April 2024, 4 PM, IST.pdf
 
ASML's Taxonomy Adventure by Daniel Canter
ASML's Taxonomy Adventure by Daniel CanterASML's Taxonomy Adventure by Daniel Canter
ASML's Taxonomy Adventure by Daniel Canter
 
Consent & Privacy Signals on Google *Pixels* - MeasureCamp Amsterdam 2024
Consent & Privacy Signals on Google *Pixels* - MeasureCamp Amsterdam 2024Consent & Privacy Signals on Google *Pixels* - MeasureCamp Amsterdam 2024
Consent & Privacy Signals on Google *Pixels* - MeasureCamp Amsterdam 2024
 
Saket, (-DELHI )+91-9654467111-(=)CHEAP Call Girls in Escorts Service Saket C...
Saket, (-DELHI )+91-9654467111-(=)CHEAP Call Girls in Escorts Service Saket C...Saket, (-DELHI )+91-9654467111-(=)CHEAP Call Girls in Escorts Service Saket C...
Saket, (-DELHI )+91-9654467111-(=)CHEAP Call Girls in Escorts Service Saket C...
 
Building on a FAIRly Strong Foundation to Connect Academic Research to Transl...
Building on a FAIRly Strong Foundation to Connect Academic Research to Transl...Building on a FAIRly Strong Foundation to Connect Academic Research to Transl...
Building on a FAIRly Strong Foundation to Connect Academic Research to Transl...
 
04242024_CCC TUG_Joins and Relationships
04242024_CCC TUG_Joins and Relationships04242024_CCC TUG_Joins and Relationships
04242024_CCC TUG_Joins and Relationships
 
办理(Vancouver毕业证书)加拿大温哥华岛大学毕业证成绩单原版一比一
办理(Vancouver毕业证书)加拿大温哥华岛大学毕业证成绩单原版一比一办理(Vancouver毕业证书)加拿大温哥华岛大学毕业证成绩单原版一比一
办理(Vancouver毕业证书)加拿大温哥华岛大学毕业证成绩单原版一比一
 
High Class Call Girls Noida Sector 39 Aarushi 🔝8264348440🔝 Independent Escort...
High Class Call Girls Noida Sector 39 Aarushi 🔝8264348440🔝 Independent Escort...High Class Call Girls Noida Sector 39 Aarushi 🔝8264348440🔝 Independent Escort...
High Class Call Girls Noida Sector 39 Aarushi 🔝8264348440🔝 Independent Escort...
 
꧁❤ Greater Noida Call Girls Delhi ❤꧂ 9711199171 ☎️ Hard And Sexy Vip Call
꧁❤ Greater Noida Call Girls Delhi ❤꧂ 9711199171 ☎️ Hard And Sexy Vip Call꧁❤ Greater Noida Call Girls Delhi ❤꧂ 9711199171 ☎️ Hard And Sexy Vip Call
꧁❤ Greater Noida Call Girls Delhi ❤꧂ 9711199171 ☎️ Hard And Sexy Vip Call
 
vip Sarai Rohilla Call Girls 9999965857 Call or WhatsApp Now Book
vip Sarai Rohilla Call Girls 9999965857 Call or WhatsApp Now Bookvip Sarai Rohilla Call Girls 9999965857 Call or WhatsApp Now Book
vip Sarai Rohilla Call Girls 9999965857 Call or WhatsApp Now Book
 
How we prevented account sharing with MFA
How we prevented account sharing with MFAHow we prevented account sharing with MFA
How we prevented account sharing with MFA
 

Huwei Cyber Security Presentation

  • 1. Huawei Cyber Security, Mitigating Security Risks in Digital Transformation
  • 2. New Technologies Inject Vitality into the Digital Economy, But Also Present New Challenges for Cyber Security and Privacy Protection New technologies New opportunities New challenges Mobile networks and sensors enable high-density interconnection. Cloudification enables resource sharing and closed service platforms are opened up. AI and big data power the in-depth mining of information. The boundaries for protection become increasingly blurred. Data processing is more complex and the risk of data leaks is increasing. The attack surface is larger and vulnerabilities more numerous. Cloud service SDN/NFV AI 5G IoT
  • 3. Cyber Security Is Huawei's Top Priority Over the past 30 years, Huawei has served more than 3 billion people around the world and supported the stable operation of more than 1500 carrier networks in over 170 countries and regions. We have maintained a solid track record in cyber security, and our practices in cyber security have earned us the full trust of customers. "Huawei views building and fully implementing an end-to-end global cyber security assurance system as a key corporate strategy. Based on compliance with the applicable laws, regulations, standards of relevant countries and regions, and by referring to the industry best practices, we work with governments, customers, and industry partners to jointly tackle the challenges of cyber security in an open and transparent manner and fully meet customers' cyber security needs. In addition, Huawei guarantees that our commitment to cyber and service security will never be outweighed by our commercial interests." Statement on Establishing a Global Cyber Security Assurance System "Huawei has elevated cyber security and privacy protection to our top priorities. We are committed to building trust and high quality into every ICT infrastructure product and solution we develop." An open letter to all Huawei employees
  • 4. End-to-End Cyber Security Assurance System Covers Each Part and Person of Huawei Strategy, governance, and control Standards and processes Laws/Regulations HR R&D Verification Audit Traceability Issue and vulnerability remediation Security delivery services Manufacturing and logistics Third-party suppliers Huawei's top priority GSPC Adopt the best standards Embedded Legal compliance 800+ legal experts 100% employees signed BCG Accountability system Critical position management Trustworthiness US$750 million investment Invest US$2 billion in software engineering capability improvement Assume nothing, believe no one, and check everything Many hands and many eyes Reaching security agreements with 3855 suppliers Supplier qualification Incoming material test ISO 28000, C-TPAT, TAPA, etc. Automatic testing equipment (ATE) Digital signature Three approvals Secure remote access platform Security work certificate Product Security Incident Response Team (PSIRT) Responsible disclosure Software: 1h Hardware: 4h Internal audit Third-party audit Audit by customers Personnel, processes, and technologies
  • 5. Organization and position management Personnel capability improvement Culture and climate building 100% employees have signed the Business Conduct Guidelines Security KPIs set in 20+ business organizations Identification and management of 10+ types of high-risk positions 500+ employees have obtained security certifications such as IAPP and CISSP. Integration of cyber security requirements into competency & qualification (C&Q) Training and practice of the cyber security task force Over 99% of all employees have received cyber security awareness training Various cyber security publicity activities Incentives and accountability measures Incorporate cyber security into HR policies/processes/IT systems Every Huawei employee, both managers and new employees, participates in cyber security practices through daily work. Personnel: Improve Employees' Awareness and Capabilities to Avoid Risks to the Company Caused by Personal Misconduct
  • 6. TR1 TR2 TR3 TR4 TR4A TR5 TR6 GA Concept Plan Development Verification Release Lifecycle Security requirement Security design Security development Security test Security delivery and maintenance Security architecture design Privacy impact assessment Security competitiveness analysis Security test design Security compliance management Code security review Secure compilation Static analysis Compliance test Fuzzification Dynamic analysis Digital signatures of versions Virus scanning Vulnerability management Security requirement collection Independent verification ICSL Vulnerability test ICSL Compliance test UK CSEC Independent test Customer and third-party test Huawei's Cyber Security Transparency center Industry certification • We follow the principle of "Assume Nothing, Believe No One, Check Everything". • We have established a "many hands and many eyes" cyber security verification system to ensure openness and transparency. • Customers perform independent security tests and verification through our open platform. • Ensures "No shortcut" test methods to protect customers' investment and services. Internal and external verification Incorporate security activities into the IPD process Full process, multi-level, and multi-organization ensures trustworthiness and security implementation Process: Full-Process, Multi-Level, and Multi-Organization Ensure Trustworthiness and Security Implementation
  • 7. Introduction to ICSL: Corporate-Level Trustworthiness and Security Evaluation Center Verifies product compliance with security baselines and requirements Tests products for potential security vulnerabilities 1. Ensures that products comply with various security compliance requirements (such as EU GDPR). 2. Ensures sensitive data protection and minimum authorization. 3. Tests web system, management and O&M security. 4. Verifies transmission of internal communication data is encrypted to prevent interception and tampering. 1. Performs code-level white-box tests on products to ensure they have no vulnerabilities. 2. Performs tests against external attacks such as spoofing, tampering, and information leakage. 3. Checks whether service logic vulnerabilities and existing CVE vulnerabilities are resolved. CLI As an independent evaluator, the Internal Cyber Security Lab (ICSL) has developed strict security redline standards and painstakingly evaluates the security of each Huawei product to be sold to customers before official release. Products that fail to pass the test cannot be released.
  • 8. Basic Security and Trustworthiness Capabilities Underpin Stable Operation of Tens of Millions of Datacom Devices Worldwide V1 V5 V8 Multi-process and multi-core V3 Distributed Single-process and single-core Centralized 1994 2022 Software platform core devices 12 million+ years of R&D accumulation 27+ 11,000+ R&D personnel CloudEngine S8700 NetEngine AR 6700 CloudEngine 16800 HiSecEngine USG12000-F security gateway CloudEngine 8800 NetEngine 8000 F1A NetEngine 8000 F8 CloudEngine 6860 CloudCampus network Huawei hyper-converged DCN Cloud WAN Cyber security HiSecEngine USG6000F NetEngine 8000 M8 series
  • 9. 20 Years of In-depth Security Development: Huawei Builds Full-Stack, Independent, and Controllable AI + Cyber Security Capabilities AI-based precise detection Full-stack independence and controllability Global talent distribution w b J(18,19.5)=175 J(14,7)=1 J(17,18)=90 • Online and offline federated learning ensures the threat detection accuracy of 97%. • The threat detection rate is 12% higher than that of competitor A outside China. • The model optimization time is shortened from 60 days to 6 days, greatly improving the threat information production efficiency. 85% Competitor A 97% Huawei Threat detection rate Federated learning Industry's only high performance secure SoC processor Server management and control series chips Basic chips System software/platforms Devices YunShan platform EulerOS Big data platform Big data security APT products AI firewalls IPS/Anti-DDoS products Security R&D team employees: 2500+ Investment in 2020: CNY10 billion+ Additional investment in trustworthiness in the next five years: CNY12 billion Perlis Lab • Automatic evaluation tool • Research on core technologies of network protection • Static analysis of malware • Big data-based security algorithm • Security services and emergency response • Intelligent analysis and detection algorithm • Dynamic analysis of malware Germany Lab Canada Lab Beijing Lab
  • 10. Innovative Anti-ransomware Solution Provides Network + Storage Full Protection Network Interception Extranet E E E Sandbox Situational awareness Terminal Firewall Switch Production Environment Backup Environment Production network SAN/NAS Production storage Detection Isolation zone storage Anti-tamper Anti-tamper Backup storage Anti-tamper Anti-tamper Detection Backup network AIR GAP AIR GAP Production hosts 1. Firewall Intrusion detection to filter known ransomware 2. Sandbox for in-depth analysis to identify unknown ransomware 3. Combined with the situational awareness platform to block horizontal ransomware spread Protection layer 2: production protection Backup storage Isolation zone Isolation zone Protection layer 3: backup protection Network product implementation Protection layer 1: network detection
  • 11. Core Components, Independent and Controllable Key Technologies Build a Complete and Resilient Supply Chain Forwarding Software Computing Optical module RF module  HiSilicon series chips are applied to multiple products including routers, switches, and security gateways.  Provides open programmability.  HiSilicon CPU provides high- performance computing capabilities for network devices.  HiSilicon interface chip.  Full series of optical modules from GE and 10GE to 100GE, 200GE, and 400GE.  HiSilicon series chip, which provides high- speed and stable wireless air interface connections.  Powered by 5G technologies.  Datacom YunShan OS.  EulerOS, and GaussDB.  Huawei-developed controller and analyzer. 100% of core components are self-developed and supplied
  • 12. Nearly 100 Million Huawei Datacom Products Have Been Running Stably, Securely, and Reliably in 100+ Countries 1120+ 1180+ 2200+ 320+ 380+ Finance Education ISP Energy Transportation 17 100+ of top 10 banks of QS top 100 universities Highway/Railway (km) of top 20 oil and gas fields Countries 32 230,000 6 new global enterprise customers in 2021, serving 267 Fortune Global 500 companies 1100+ 1160+ Government National government broadband network 60+
  • 13. Copyright©2022 Huawei Technologies Co., Ltd. All Rights Reserved. The information in this document may contain predictive statements including, without limitation, statements regarding the future financial and operating results, future product portfolio, new technology, etc. There are a number of factors that could cause actual results and developments to differ materially from those expressed or implied in the predictive statements. Therefore, such information is provided for reference purpose only and constitutes neither an offer nor an acceptance. Huawei may change the information at any time without notice. 把数字世界带入每个人、每个家庭、 每个组织,构建万物互联的智能世界。 Bring digital to every person, home, and organization for a fully connected, intelligent world. Thank you.