Huawei calls on America to refocus its cybersecurity efforts
Written by Finbarr Toesland Tue 3 Aug 2021
In a blog post in response to President Biden’s May 2021 Executive Order on Improving the Nation’s Cybersecurity, the Chief Security Officer for Huawei Technologies USA, Andy Purdy, says the US and other countries need to work together more closely and share information more openly than they do now.
Purdy pointed to the continuing threat of cyber attacks, like the Colonial Pipeline ransomware attack, that has the ability to significantly damage the infrastructure of vital American resources as a sign the US needs to change its approach towards cyber.
The May 2021 Executive Order requires that major cybersecurity attacks must be examined by a Cybersecurity Safety Review Board, which will create an incident report. Also inside the Executive Order is the need for businesses that sell to federal agencies to report security threats in a timely manner.
But, as the former White House Adviser on Cyber Security explains, only a limited number of US companies will need to meet these new requirements.
“Those requirements apply only to federal agencies and companies that do business with them. For companies that don’t do business with the government, they’re simply guidelines. Unless they are incorporated into procurement or other contractual requirements, they’re unenforceable,” says Purdy.
Purdy does believe the Executive Order is a positive step forward to take cybersecurity issues more seriously, especially when it comes to boosting public-private collaboration and setting new standards. But much more still needs to be done in his opinion.
“Developing more secure and resilient networks and systems, and a more trustworthy software supply chain will take time. This is an opportunity for the U.S. to work collaboratively – not only with its G7 and the G20 partners, but with China and Russia and other countries – to build a more rules-based order for cyberspace that has requirements steeped in standards and best practices, transparency and conformance mechanisms, and meaningful accountability,” he adds.