The National Cyber Security Centre has stated that it can provide only limited assurance that the long-term security risks can be managed in Huawei equipment.

Huawei is subject to detailed and formal oversight, led by the NCSC, in part because of NCSC’s questioning of the standard of cyber security the company can provide. There is no suggestion, however, that the actions are deliberate.

In its March report NCSC’s Huawei Cyber Security Evaluation Centre (HCSEC) Oversight Board states that “Further significant technical issues have been identified in Huawei’s engineering processes, leading to new risks in UK telecommunications networks,” and this has led to conclusion that there is only a limited assurance of the company’s ability to manage long-term security risks.

Given the widespread use of Huawei equipment and its significant partners, NCSC is warning that there are risks to UK national security from Huawei’s involvement in the UK’s critical networks.

Huawei has previously been singled out by the US as a potential security risk, and last year BT pulled its equipment from key parts of its current 4G and coming 5G network infrastructure.

Ciaran Martin, CEO of the NCSC and chair of the HCSEC Oversight Board, said “Last July, our annual Oversight Board downgraded the assurance we could provide to the UK government on mitigating the risks associated with Huawei because of serious problems with their security and engineering processes.”

Share Story: