The 5G race is on, and China holds an ominous advantage5G is going to touch every company and person in the next year or two, as service providers drive new high-bandwidth offerings. \u00a0But currently, as discussed in a Beltway conference a few weeks ago \u2013 raising the anxiety of the audience \u2013 China is the only country that manufactures the full stack of 5G solutions, from chips and handsets to core infrastructure. This is a troubling situation, as in particular there are many security concerns around Chinese technology providers.\u00a0 For example, tech heavyweight Huawei, the world\u2019s largest telecom supplier and second largest phone supplier, has long been suspected of providing products that compromise customer security and privacy. These issues could impact the adoption of 5G in the U.S. and internationally, while also creating a new set of vulnerabilities that affect our corporate and national security.\u00a0Huawei has a very close relationship with the Chinese government, which has raised red flags in the security world. As recently summarized by the Recorded Future team, Huawei's wide range of technologies and products and its enormous global customer base has put it in a position to access vast quantities of information on organizations, governments, and people worldwide. Huawei's obligations to the Chinese government under various national security statutes puts that data at risk of interception and compromise.In addition, \u00a0the company\u2019s CFO, and also daughter of the founder,\u00a0Meng Wanzhou,\u00a0was arrested in Canada last year after the US government alleged that she was helping the Company circumvent US sanctions on Iran.To protect U.S. interests, a ban has been put in place that prevents the U.S. 5G network providers and government agencies from buying products from Chinese companies, and U.S. technology providers like Google from supplying Chinese providers like Huawei with technology. In the Google case, Huawei will need to develop its own operating system since the company will no longer have access to the full Android system.If the world wants to be operating on 5G quickly and cost-effectively, there will be a dependency on China and vendors like Huawei. That could result in getting devices and infrastructure that are already compromised with backdoors for eavesdropping. The U.S. might prevent business with Huawei, but that doesn\u2019t mean all of our allies will, and as confidential US data \u2013 government or corporate - flows through their networks, this could have a devastating impact on our national security and IP protection.Singapore data theftAnother China related security story that hasn\u2019t quite made the headlines like Huawei has also involves data theft. Chinese hackers broke into Singapore\u2019s government health database and stole more than a million records. This happened last summer, but the story has spilled over into this year, as the hacking group responsible has been uncovered. According to The New York Times, a second hack involved medical records for thousands of HIV positive Singapore residents, which were disclosed online. While I\u2019m not certain what the motivation of an attack like this was, it does demonstrate the ease of breaking into supposedly secure medical data. And just think of the consequences had the goal been to actually cause physical harm - or even death \u2013 by changing the records instead of just disclosing them.\u00a0\u00a0 \u00a0Facial recognition bansBiometrics are supposed to add an extra layer of security, but we are starting to see some pushback about privacy concerns surrounding the use of some biometrics. Large cities like San Francisco and Oakland in California \u2013 as well as smaller communities like Somerville, Massachusetts \u2013 have banned the use of facial recognition software by police and other local government agencies. On Capital Hill, a bill was introduced to ban the use of commercial facial recognition that would allow businesses to track customers without their consent. Those who support the ban worry about privacy of citizens but also of racial profiling, with concerns that the technology is too new and lacks ethical guidelines for its use. Opponents of the ban worry that it could hamper investigations. Expect the tension between each side to only strengthen, as biometrics become more ubiquitous in our everyday lives. Facial recognition in theory is going to keep people safer, but of course it\u2019s going to breach privacy. How and by when will we find a balance?Google\u2019s data privacy problemsGoogle and its Android mobile operating system being kicked off Huawei devices may be the least of its problems right now. For being such a large, superpower tech company, it has struggled lately with basic security and data privacy protections. The problems began at the end of 2018, when Google admitted a bug in the Google+ API exposed more than 50 million accounts, resulting in Google shutting down the application. In May, it was revealed that the passwords of millions of G Suite users were stored in plaintext. You\u2019d think a company as tech-savvy as Google would be better at security. It was likely an accident, of course, rather than malicious intent, but Google\u2019s problems show that maintaining good security practices is hard for even the most tech-savvy companies.EternalBlue attacksA breaking security story as we move into the mid-year is the EternalBlue cyberattack, which exploits a software vulnerability in Windows. EternalBlue isn\u2019t new; it\u2019s been around for a couple of years, developed by the NSA. The code was stolen and used in the WannaCry and NotPetya ransomware attacks. In May, EternalBlue resurfaced, this time in a ransomware attack on Baltimore\u2019s city government. The problem is that many computers continue to use outdated Windows operating systems \u2013 estimates are over 1 million -- and hackers are taking advantage. Baltimore\u2019s ransomware is a high-profile case, with city business all but halted and officials refusing to pay the ransom. But it is just one in an escalating number of EternalBlue attacks, all because organizations haven\u2019t updated their operating systems or applied patches that were made available.These security concerns focus on some very specific situations and incidents, but they represent the larger security landscape as a whole. Hackers continue to use both new sophisticated forms of attacks or take advantage of old attacks, organizations continue to have sloppy security habits, and society continues to struggle with the balance of new technologies and privacy. We\u2019ll see in December how these particular issues and the overall trends play out over the rest of 2019.