Espionage suspicions and criminal charges have been buzzing around Huawei Technologies Co. Ltd., which threatens to hamper the Chinese telecom giant's plans to be a worldwide player in 5G wireless technology. 

And so it was noteworthy, and perhaps a bit unsurprising, when Huawei deputy chairman Ken Hu stood before an audience gathered Tuesday in Brussels and made a pitch for transparency and trust by calling on governments, regulators and other stakeholders to collaborate and create common cybersecurity standards.

Hu seems to have said the right things, according to U.S.-based cybersecurity experts. But what he's calling for is a lot like a plea for world peace, said Bruce Schneier, a security technologist and a special adviser to IBM Security.

“So, yeah, of course we should have peace. But what exactly does that mean?” Schneier said. “The devil is in the details.”

Hu spoke during the opening ceremony of Huawei's Cyber Security Transparency Centre, which the company said will be open to customers and independent organizations seeking to test Huawei's products and software “according to industry-recognized cyber security standards and best practices.”

During his speech, Hu applauded the European Union's General Data Protection Regulation, saying he believed “European regulators are on track to lead the international community in terms of cyber security standards and regulatory mechanisms.” He added that transparency and trust should be based on facts that can be verified under common standards.

Huawei stated in a news release that developments in information and communication tech “are posing unprecedented challenges” related to cybersecurity, and the “lack of consensus on cyber security, technical standards, verification systems, and legislative support further exacerbates these challenges.”

Hu told the audience in Brussels that a system of common cybersecurity standards would serve as “an effective model to build trust for the digital era.”

David Katz, a partner at Adams and Reese in Atlanta who specializes in cybersecurity, privacy and data protection, agreed that common standards are needed, otherwise “there's always a risk that there will be disagreement about what is acceptable.”

But he noted that the various stakeholders will likely have different ideas about best practices for security. He also wondered how a unified standards system would keep pace with cybersecurity threats that are constantly changing and evolving.

“In principle, it makes sense,” he said. “But unless there's some sort of centralized authority that can maintain the standard globally, there are going to be challenges in creating some uniformity.”  

|