MWC Shanghai 2024: Showcasing cybersecurity standards, best practices

The rapid advancement of technologies such as 5G, IoT, and AI has opened up new opportunities for innovation and growth, but it has also added new challenges to network cyber security and cyber crimes.

The interconnected nature of modern networks means that a single vulnerability can have far-reaching consequences, potentially impacting millions of users and causing significant economic damage.

Therefore, the industry must collaborate and establish robust cybersecurity frameworks that keep pace with the evolving threat landscape.

One critical challenge in addressing cybersecurity risks is the fragmentation of guidelines across different regions and industry players.

The GSMA’s Network Equipment Security Assurance Scheme (NESAS) and Mobile Cybersecurity Knowledge Base (MCKB) initiatives aim to bridge this gap by providing a common framework for assessing network equipment security and sharing knowledge on cybersecurity risks and mitigation measures.

By promoting the adoption of unified standards, the GSMA seeks to foster a more secure and trustworthy digital ecosystem that benefits all stakeholders.

Recently, MENA and Central Asian telecoms stakeholders came together at a roundtable during MWC Shanghai 2024, the leading connectivity event in the Asia Pacific region.

GSMA moderated session at MWC Shanghai 2024

The session, ‘Middle East and Central Asia ICT Policy and Governance Forum’, was moderated by the GSMA, bringing together regulators and operators from the Middle East, North Africa, and Central Asia.

The stakeholders included senior officials from the China Academy of Information and Communications Technology and Huawei to discuss industry policies, successful practices, and valuable insights on key industry trends.

The forum sought to promote the adoption of NESAS and MCKB standards, which aim to address the growing cybersecurity challenges the telecommunications industry faces. As digital services become increasingly critical to our daily lives and businesses, ensuring the security and resilience of networks has become a top priority for policymakers, regulators, and industry stakeholders.

Multi-stakeholder approach to cybersecurity

During the forum, industry experts emphasised the importance of a multi-stakeholder approach to cybersecurity, involving close collaboration between governments, regulators, operators, vendors, and other key players. This approach recognises that no single entity can address the complex challenges of cybersecurity alone and that a collective effort is required to build a resilient and secure digital infrastructure.

Standardised cybersecurity assessment mechanism jointly defined by GSMA and 3GPP, the telecom industry’s leading standards-setting organisations) and GSMA 5G Cybersecurity Knowledge Base to provide useful guidance on 5G security risks and mitigation measures. Huawei has been proactively involved in the telecom cyber security standardisation activities led by GSMA ITU-T, 3GPP, and IETF, etc., and has joined security organisations such as OIC-CERT, FIRST, and partnered with mainstream security companies to ensure the cyber security of its customers and promote the healthy development of industries.

Jawad Abassi, head of MENA at GSMA, who moderated the roundtable discussion, said, “The GSMA regularly explores a range of security considerations including secure by design, 5G deployment models and security activities.  Good security practices and policies by industry suppliers are essential.  The mobile ecosystem should empower advancing positive policy and spectrum outcomes, driving digital innovation to reduce inequalities in our world and tackling today’s biggest societal challenges.”

Jeff Wang, president of the Public Affairs and Communications Department, Huawei, said, “To fully reap digital dividends, we need to pay more attention to enhancing connectivity, embracing digital application, and empowering digital talent.”

Cybersecurity and privacy protection are key pillars in the digital economy

Cybersecurity and privacy protection are inherent requirements in a digital world and should be built from the ground up while ensuring resilience in cyberspace. This is vital to protecting and safeguarding businesses and societies alike. Governments worldwide are paying greater attention to cybersecurity and privacy protection and have adopted laws and regulations to strengthen cyberspace governance and protect personal data. With the rising role and importance of data in all parts of our lives, data protection and compliant data use are becoming a basic requirement.

The Cybersecurity Session focused on building a telecom-information security management system (T-ISMS) to manage current cybersecurity issues facing telcos globally. The session covered key topics such as the roles and responsibilities of telecom cybersecurity for various stakeholders, implementing holistic telecom cybersecurity with collaboration between stakeholders and how regulatory authorities can promote telecom cybersecurity.

Joining the session, Lin Yanqing, principal consultant, Industry Policy Public & Government Affairs, Huawei Technologies, and Aloysius Cheang, chief security officer, Huawei Middle East and Central Asia, reiterated that Huawei has taken a proactive approach to telecom cybersecurity standardisation.

Cheang said, “As we chart our journey into the digital future, cybersecurity must safeguard the trust and resiliency of the network, the cyberspace, and the metaverse where data is the new oil as organisations’ assets are increasingly digitalised or virtualised. We must ensure that we continue to embrace the culture of openness, transparency, and collaboration. Cybersecurity is a team sport, and together with GSMA, we can leverage their good work, such as NESAS and MCKB, that will lay the foundation to secure broadband, 5G, 5G-A, and beyond.”

How Huawei enhances the security of its customers

The company works with the GSMA, the ITU, the 3GPP, and others, as well as through partnerships with security organisations and companies, to ensure the security of its customers and promote the healthy development of the mobile ecosystem, the executives explained.

Huawei has passed NESAS/SCAS 2.0 evaluations for its 5G base station and NESAS audits for its RAN and core network, demonstrating the company’s commitment to cybersecurity.

The OIC-CERT 5G Security Framework is also an advanced control agreement that establishes the global norms for the safe and secure operation of the next-generation network. This framework includes international cooperation, risk assessment and management, cybersecurity maturity, authentication and identity management, privacy protection and compliance with international laws.

With the emergence of the 5G, members felt the need to prioritise the security aspect of this upcoming technology; thus, the OIC-CERT 5G Security WG was formed.

As the digital landscape evolves, cybersecurity will remain a top priority for the telecommunications industry.

The GSMA’s efforts to promote industry standards and best practices, coupled with the commitment of key players such as Huawei to adopt and develop these standards, are crucial steps towards building a more secure and resilient digital ecosystem.

By fostering collaboration, innovation, and trust, the industry can unlock the full potential of emerging technologies while safeguarding the interests of businesses and consumers alike.