Digital Transformation Hub

Jul 22 5 mins

Cybersecurity along Digital Silk Road

The Challenges in Engaging with the China’s Belt Road Initiative


Digital Silk Road
Digital Silk Road. Image by Gerd Altmann from Pixabay


One of the most significant developments coming out of COVID-19 has been the proliferation of digital solutions to overcome barriers to conducting ongoing business. In a sense, it is creating a new normal for business as reliance on human interventions is reduced. These developments, whether in logistics or manufacture, integrate digital applications to allow AI and IoT to lead to greater automation and machine learning. These are forming the basis for operationalising smart cities, ports, business finance and supply chains.

With the Belt Road Initiative (BRI) representing a significant shift in global trade, it has laid the foundations for a paradigm shift in supply chain and logistics management. Not only is the BRI the vehicle by which China is restoring its place found in the ancient Silk Road, it is being achieved through the integration of maritime and land-based transportation and logistics routes. Transportation networks converge on key port infrastructure through a strategic pairing of maritime / port / land transport routes.

These new port / rail pairings signalled the start of new trade hubs with supporting ecosystems. China has created these ecosystems that includes special trade zones, services and access to inland dry ports and hubs. Initially conceived as disparate entities, it has become increasingly evident that there is a need for substantial information and data integration. The desired outcome is the optimisation of productive output along these connected and paired hubs.

China recognised this in 2015, and introduced the Digital Silk Road (DSR), and that it is much more than applying and developing Smart Port technology. Leading the development of 5G, China has pursued the vision of connecting ports to the global supply chain. These initiatives aim to optimise operations through enabling just in time operations as well as acting as information centres that enables optimised transport mode choices that connect with the port.

Initially the digital revolution to improve supply chain visibility and transparency through IoT and data generation. Running parallel to these smart port developments has been the progression to “smart shipping” and ‘smart cities”. These developments highlighted that independent data silos were being created when the real need was for these independent platforms to communicate with each other. In the shipping sector, the need for digital integration created bodies such as the Smart Maritime Council.  It is now shaping the discussion around interoperability, standardisation and harmonisation of the digital space within the maritime sector.

digital logistics belt road initiative
Digital logistics. Image by Gerd Altmann from Pixabay


COVID-19 has escalated the charge to a more complete digital solution to activities constrained by shutdowns and social distancing. These have been applied to managing COVID-19 through contact tracing, cashless payments, and online ordering – with Huawei’s 5G being championed as part of the solution.

However, the pandemic has had an unintended consequence, namely the loss of international trust in China as a responsible global citizen. Partly driven by Xenophobia, China’s increasingly assertive foreign relations stance, has seen many pro-China voices questioning their support of Xi Jinping’s China. This discussion becomes more important when looking at cyberspace and the digitalised world, as it is increasingly recognised that all global activity takes place within an ecosystem.

As with all ecosystems, there needs to be a level cooperation and collaboration for all entities to survive. In the case of smart ports / cities / shipping, this level of collaboration is required around digitalisation. The first iteration of the DSR understood this and included a broad set of Chinese public policies, ICT infrastructure investments that supports the BRI strategy. The DSR has extended beyond simply rolling out fibre optic cable and now includes network equipment, technology and facilitating software in the form of 5G networks. The DSR plan was reformulated in November 2019, with the focus on building smart ports that incorporate integrated smart management and operations technologies. However, during this period China established its own technological standards and principles of cyber-sovereignty. When the narrative in 2019 changed to China’s Spatial Information Corridor, the USA began really focussing its attention.

Essentially the DSR incorporates telecoms, media, and technology to develop the BRI across Asia, the Middle East, Europe, Africa, and Latin America. The three drivers are: Chinese telecoms equipment makers, Data Centre and Storage Infrastructure along the economic corridors, finally Chinese companies using this to export interpretation of smart city sensors and data platforms.  Technology is an area that China feels it can compete head on with the USA and have leveraged this to create its own digital highway with its own standards.

Unlike the earlier geo-political conflicts, the new frontier is digitally based and built on access to data and information rather than knowledge based. The new dictum has changed from “knowledge is power” to that of data being the new frontier. I see this as the New Digital Arms Race. The new world economic order appears to be splitting trade into two competing market systems.  Whilst both have a liberal economic approach, there are significant socio-political differences in application. What is true to say, is that the two emerging platforms appear to be creating two trade worlds, and the lack of digital integration / interoperability will create a new set of problems for global trade.

Exacerbating this division is the China Cybersecurity laws that came into effect on the 1st June. Essentially, all digital applications are subject to review by the relevant authority, with the important caveat, that all interface data must align with China’s national interest. The cybersecurity review process could include theft, breach or damage of critical data, compliance with local laws, and potential for disruption or interference in national infrastructure. It is to be led by the Cyberspace Administration of China (CAC).

cybersecurity digital silk road
Digital Silk Road Cybersecurity challenge. Image by Pete Linforth from Pixabay


Whilst it is claimed that the new regulation is not designed to discriminate against foreign entities, it does raise significant security issues. The key issue is what happens to the data collected by China’s Ministry of Public Security, such as your company’s data? The Ministry is permitted to copy and remove virtually any information or data it finds on the servers it inspects. Article 5 of the Regulation on Internet Security Supervision and Inspection by Public Security Organs addresses issues of “confidentiality” by stating  : “The personal information, privacy, trade secrets and state secrets that the public security organs and their staff members are aware of in the fulfillment of the duties of Internet security supervision and inspection shall be strictly kept confidential and shall not be disclosed, sold or illegally provided for others.” However, this provision must be read carefully as all data etc. are subject to the 2017 security law that subjugates all to national security concerns.

Whilst it may be the case that businesses that engage global trade and supply chains, may have to invest in two parallel ICT universes to trade along the Digital Silk Road. Previously working through solutions that would allow an integrated and seamless technology base that will allow movement of product and services that allowed secure interface between the two systems, the new cybersecurity laws have changed the context.

Concern over Huawei’s 5G are well founded, particularly when accounting for the wider geo-political tensions.  This will create a conundrum for any company that wants to trade along the BRI that cannot be avoided. Simply put, these companies need to consider whether they make data available to China’s Ministry of Public Security, required by law or do they keep data from them as required by the laws of their home country? This could seriously undermine operations in China, particularly where free trade in areas of technology end up being severely curtailed.


Recent Posts