Can Supply Chain Security be a Real Thing?

Cyber Initiator

Cybersecurity firm Finite State issued a recent report concluding that telecommunications equipment made by Chinese firm Huawei present a higher percentage of security vulnerabilities than equipment produced by other firms.

A story in The Wall Street Journal citied numerous sources inside the Administration who pointed to the report as further evidence that the company’s firmware can’t be trusted.   

Finite State says it analyzed more than one and a half million files that were embedded in close to 10,000 firmware images that support hundreds of Huawei products and found that more than half of the images contained at least one security vulnerability.

In a statement posted to their website, Huawei said the Finite State report doesn’t tell the whole story. 

The Cipher Brief spoke with Finite State CEO and co-founder Matt Wyckhouse about the report and why he thinks supply chain security when it comes to 5G is within reach.  The conversation has been slightly edited for length and clarity.

This is Cipher Brief Level I Member Only content. It can be accessed via login or by signing up to become a Cipher Brief Member.  Joining this high-level, security-focused community is only $10/month (for an annual $120/yr membership). What a great and inexpensive way to Feed Your Need to Know….



Cyber Initiator

Related Articles