Navigating cybersecurity fundamentals and key risks: Insights from Huawei

Pictured: Huawei CSO for Middle East and Central Asia, Aloysius Cheang

Global technology giant Huawei recently took part in GISEC 2024, which is the Middle East’s leading cybersecurity event hosted at the World Trade Centre in Dubai.

And in an interview with Gulf Business, Huawei’s Chief Security Officer for the Middle East and Central Asia, Aloysius Cheang, shed light on some of the key trends and challenges that his company is seeing in the GCC market when it comes to mitigating threats.

At GISEC 2024, Huawei played a leading role as the company showcased its latest cutting-edge solutions designed to address the security challenges its customers face.

These ranged from its HiSec SASE solution for multi-branch enterprises that provides all-round protection at the cloud, network, edge, and endpoint levels to its OceanProtect Backup Storage that delivers three to five times higher backup and recovery performance, along with with the industry’s only six-layer Network and Storage Ransomware Protection capabilities.

The company also showcased its full-stack, cloud-native security system, empowered by AI and built upon the collaboration between a security operations centre (SOC) and seven layers of protection covering physical, identity, network, application, server, data, and O&M layers, that seeks to guarantee service resilience, data security, and regulatory compliance. 

Fundamentals of Cybersecurity

At GISEC, Cheang also presented a talk on the fundamentals of cyber security — and in our interview he explained more. Cheang said that Huawei likened cybersecurity to ensuring the structural integrity of a house amidst a flood.

“We need to identify the threats and the risks. That is, we need to look at everything that can be thrown at you and determine how you could possibly respond. It’s all about  proactive risk mitigation,” says Cheang.

“The aim is to create a cyclical, repeatable process that steadily reduces risk exposure over time,” says Cheang. 

Achieving an effective cybersecurity risk mitigation strategy in this regard involves elements such as technical competence, capacity building, and investment in tools and processes, notes Cheang. By integrating people, processes, and technologies, organisations can address identified risks promptly, akin to issuing timely storm warnings to minimise damage and loss.

Key Cybersecurity Risks in the GCC

In assessing cybersecurity risks specific to the GCC, Cheang highlighted several noteworthy trends.

“Ransomware attacks, while prevalent, are showing a shift towards smaller-scale demands, making payments more feasible for victims. Additionally, reconnaissance attacks are on the rise, fuelled by regional instability and geopolitical tensions,” he says.

Cheang goes further to say that the Middle East has become a target for hacking groups looking to expose entities aligned with perceived adversaries.

“Notably, the digital realm mirrors the physical, with activists leveraging cyber means to disrupt operations and damage reputations. This convergence of challenges in the region and cyber activity underscores the need for heightened vigilance and robust defence mechanisms,” he says.

Moreover, the GCC stands at the forefront of adopting emerging technologies like artificial intelligence (AI), becoming a world leader in many respects.

However, Cheang says that while this is promising, this early adoption can risk exposing organisations to unforeseen cybersecurity challenges.

“Without a clear understanding of emerging threats, organisations risk falling prey to novel cyberattacks,” he stressed.

Huawei’s Cybersecurity Capabilities

While not solely a cybersecurity company, Huawei has embedded cybersecurity within its ICT framework, addressing customer demands for secure digital infrastructure.

“As a company, we have diverse capabilities. We are a telecoms equipment company. At the same, we are also a large IT company that sells network security and even storage solutions. We also specialise in cloud, EVs and much more,” Cheang said. 

Cheang says the company’s expertise in all these areas means that it has become extremely proactive and highly competent from a cyber security perspective, as it has had to protect all aspects of its business.

“We are one of a few large companies that has never experienced a major cyber security incident in the last 30 years. Despite whatever is happening out there from a cybersecurity perspective, you never see Huawei among the list of companies that have been attacked,” he concludes.