Companies Must Integrate Cybersecurity Best Practices into Core Operations

Companies Must Integrate Cybersecurity Best Practices into Core Operations

Huawei urges companies to integrate cybersecurity best practices into core operations, emphasizing standardized processes, independent assessments, and a global assurance system for enhanced security and resilience.

Businesses must embed cybersecurity best practices into their foundational processes, policies, and standards, treating it as a core operational element rather than an afterthought, according to a statement by Huawei Technologies.

The tech giant emphasized the need for cybersecurity to become ingrained in the DNA of organizations, ensuring it influences every aspect of daily operations.

The statement, released in Accra, highlighted that simply establishing processes is not enough. To be effective, companies must be deliberate about implementing a range of measures, including standardized global business processes with identified Global Process Owners (GPOs) and Key Control Points (KCPs).

Huawei itself has adopted this approach through the creation of a Global Process Control Manual and a Segregation of Duties Matrix, both applicable across its subsidiaries and business units.

In addition, Huawei has established a dedicated Board Committee for cybersecurity, chaired by a senior executive, to oversee and enforce the execution of these processes. This committee holds the authority to resolve conflicts or resource issues related to cybersecurity without needing external approvals. Its decisions are binding and can drive significant changes across the company, ensuring swift action when necessary.

To maintain product and service quality, Huawei underscored the importance of implementing globally consistent, repeatable processes that prioritize cybersecurity. Without such commitment, the company warned that product quality and customer experience would vary, leading to potential security risks. Many leading tech companies, the statement noted, partner with management consulting firms to transition into process-based organizations, ensuring a structured approach to cybersecurity.

The statement also stressed the importance of independent assessments and localized efforts to strengthen the integrity of supply chains, especially for customers facing political or commercial pressures. Building customer confidence, it said, requires providing transparency in cybersecurity practices through regular audits and scrutiny by both customers and governments.

Huawei asserted that the implementation of a global, end-to-end cybersecurity assurance system is critical for maintaining stable operations, particularly during crises such as natural disasters.

Leave a Reply

Your email address will not be published. Required fields are marked *