Huawei cyber security chief John Suffolk: It’s not our culture to be aggressive

John Suffolk, global cyber security and privacy officer at China-based telecoms equipment supplier Huawei, tells Huawei Analyst Summit growth is the best answer to US criticism

John Suffolk, global cyber security and privacy officer at China-based telecoms equipment supplier Huawei, told attendees at the company’s analyst summit in Shenzhen that the company has a “keep calm and carry on” attitude in the face of criticism from US and UK government circles.

The company was criticised in the most recent UK NCSC annual Oversight Board report for having too much buggy code in its products. Suffolk said the supplier is investing $2bn in a programme to declutter its code, reducing the vulnerabilities it has in its own, as well as open source and third party code it deploys in its telecoms products.

“We stand naked every year before the UK government security people who snigger at what we are doing, and make recommendations in a report. They said this time we needed to improve the software engineering in some of our old products, and put our design thinking into our new ones. And we are spending $2bn on that, and presenting or high level plan to the government in June.”

Meanwhile, the US government is on the warpath against the company for allegedly being too close to the Chinese government.

Does Suffolk – formerly the UK government’s CIO – feel a perceived lack of good governance over Huawei’s code is being weaponised against the company because it’s Chinese, with the vulnerabilities in its code base used as cover for a political attack?

“That’s not our starting point,” he said. “Our founder is Chinese. That’s not his fault, that’s nature. We’re proud to be a Chinese company, but in some quarters, that means the spotlight will always be on us.

“You can shroud wave and wring your hands, but that doesn’t help. Our starting point is ‘what is right for the customer?’ If you believe cleaning up the code is right for the customer, then the customer will buy more products from you,” said Suffolk, adding that Huawei’s growth was the best answer to US government, and others’, criticism. “People say ‘why aren’t you more aggressive?’ It’s not our culture.”

Pressure from the US

Asked what he thinks the UK government should do in the face of US pressure to exclude or restrict the use of Huawei equipment by the state or British-based telecoms companies like BT and Vodafone, he said: “My personal belief is the UK should team up with its European partners to come up with a standard, whether the UK is in the EU [European Union] or not.

“They should treat all suppliers the same so that, in essence, it benefits from the best technology in a risk-managed way. That’s what I’d advise the government. Get your policies right. Think what is in the best interest of UK citizens and enterprises overall, and maximise innovation. Then, maybe, we can avoid future WannaCry [virus attacks], and reduce identity theft and fraud in the country.”

Peter Zhou, chief marketing officer of wireless at Huawei, struck a similar note of defiance when speaking to a group of UK journalists on the eve of its analyst event in Shenzhen.

Zhou, a PhD alumnus of the University of Edinburgh, said UK universities would do well to focus on the opportunities represented by 5G rather than fret too much about using Huawei technology, adding that the UK, Germany, Korea and China are better positioned to prosper in a 5G world than is the United States.

Zhou expected collaboration between Huawei and UK universities to intensify, with or without Brexit. The University of Cambridge, Southampton University, Surrey, Reading and Queens University Belfast are among institutions that have close, collaborative relations with the firm.

There has been no discussion in senior management circles at Huawei to shifting the weight of engagement from UK universities to other European countries, such as Germany or the Netherlands.

Nor does he see 5G technology so different in security terms from 3G or 4G: “It is important to neither demonise 5G nor mystify it,” he said.

Shifting engagement

As for US policy makers, Zhou said there is a certain ignorance of technology trends that makes talking to them akin to “talking to children”.

“Blocking Huawei will not make the US a leader in 5G,” he said, adding that as for the UK: “The open-mindedness and open outlook of the British will be more and more important as it starts to leave the European Union – that was its strength in the past”.

Read more about the Huawei affair

April 2019:

March 2019:

February 2019:

January 2019:

December 2018:

Read more on Mobile networking

Data Center
Data Management