Chinese authorities are saying these softwares shouldn’t be used due to national security concerns.
On January 14th, Reuters reported that Beijing has told domestic Chinese companies to stop using cybersecurity software made by approximately 12 different US and Israeli firms, citing national security concerns.
Multiple US cybersecurity softwares are part of the ban, including Broadcom’s VMware, Palo Alto networks, Fortinet, Mandiant, Wiz, CrowdStrike, SentinelOne, Recorded Future, McAfee, Claroty, and Rapid7. Mandiant, in particular, is frequently used for forensic investigations, helping companies understand who may have breached their networks.
Multiple cybersecurity companies responded to the claims. Recorded Future said they do not currently operate in China, while McAfee said they are a consumer-focused company that is not generally used for government or businesses. CrowdsStrike, SentinelOne, and Claroty, all said they would not be impacted, as their business in China is either negligible or nonexistent. Conversely, Fortinet currently has three offices in China and one in Hong Kong. Check Point, Broadcom, and Palo Alto also have a physical presence in the country.
One of the banned Israeli companies, Orca Security, stated that China was taking a step in the wrong direction by no longer engaging with their cybersecurity services.
The ban has had a small impact on the companies, with Broadcom’s, Fortinet, and Rapid7 facing small declines in shares. Allegedly, Chinese companies only received the notice within the last week, meaning these organizations may still be implementing the change and the full effect on US companies is not yet clear. It’s also unknown how many Chinese businesses received the notice, and if there was a company-size threshold to meet before being impacted.
Chinese authorities expressed concerns that the above-mentioned software may collect and transmit confidential information to the US or Israel, but no further details were given. In contrast, several of the US companies have suggested that China has attempted to infiltrate their systems, but China has denied these claims.
The incident unfolds as tensions grow between the US and China, which are currently in a trade truce. President Trump will be visiting Beijing in April.
This is not the first time China has expressed concerns about US tools; recently, Chinese officials warned that Western equipment could be hacked by other foreign powers. As a result, many companies are being pushed to replace computer equipment and word processing software.
As the ban unfolds, every organization should carefully pay attention to any notices or guidances on what software (particularly in the cybersecurity sector) is deemed secure.
Politics, like Chinese-US tensions, can inadvertently impact an organization’s business decisions. For instance, it’s possible the US may respond by banning certain Chinese-operated softwares, which could ultimately require organizations to change the software they use.
Yes. Paubox is not related to this ban and remains an excellent choice for healthcare, insurance, and education companies for data protection.