The new generation of 5G is inevitable, following the 4G. 5G is a new generation of technology supporting the Internet of Things (IoT), Smart Cities, and Intelligent Vehicles. It also brings a layer of innovation to this evolving trend. This opens up a multitude of business opportunities and capabilities.
The 5G will have a significant impact on society and our economy. It is one of the most significant innovations in telecommunications. It is important that the 5G capabilities can offer better quality and reliability for an entire population. This, together with the promise of low latency, and high speed associated with reliability, promises to change society’s communication and provide ubiquitous connectivity drastically.
As is the case, new technologies often bring both digital and business revolutions and many unknown threat vectors. New cyber threat agents will be able to affect sensitive assets, especially in 5G.
A detailed assessment of this technology was done as part of the evolving threat environment. Core network, access management, and SDN threats were identified. This culminated in a series of controls that are specifically designed to mitigate them.
The EU created a toolbox to support 5G security. It includes technical measures, scoped strategic measures, and supporting actions. Given their importance to modern society and their impact on digital communications and other critical infrastructures like energy and banking, the goal is to ensure 5G networks’ resilience.
What is the EU’s position on 5G cybersecurity?
ENISA will be asked to support and contribute to developing a cybersecurity certificate scheme for 5G as part of this joint effort. This is in line with the Cybersecurity Act. The European Cybersecurity Certification Group, NIS Cooperation Group, and the 5G Standardization Group will be directly involved in this activity. This will allow 5G experts from private and public companies and organizations to work together towards a common goal.
In the Cybersecurity of 5G Networks EU Toolbox, the NIS Cooperation Group developed a common understanding of the threat and created a risk management strategy. The NIS Cooperation Group drafted these measures to support the goal of standardizing 5G cybersecurity.
It is well-known that one of the core measures is the supplier risk profile assessment. This includes the application of restrictions to suppliers deemed to be high-risk. Exclusions are included to mitigate risk for key assets. However, it should be noted that the definition of high-risk suppliers has not been established yet. This creates a common base for risk assessment for all vendors. It was also noted that the framework used to evaluate suppliers’ risk profiles wasn’t typical. This was a fundamental improvement. It involved creating and implementing a common framework for assessment that is transparent and uniform across the EU.
Two types of actions can be taken to protect 5G technology suppliers (which might or might not fall under the high-risk vendor category) and MNOs that use this technology. Mobile operators will need to improve their security and monitoring. They will also have to assess the supplier risk profile and use a risk-based approach to maintaining cyber hygiene on core, access network, and network management functions. To ensure adequate balance at the national level, ecosystem strategies like multi-vendor strategies to avoid or manage supplier dependence will need to be implemented.
Major equipment suppliers to telecom companies support the EU in raising a unified 5G certification and security evaluation standard. This will strengthen the EU’s role as well as national authorities with transparent and open supervision. Operators should have the right to choose 5G suppliers. Governments shouldn’t be able to restrict this decision. They can rely on the standardization of a transparent, open framework.
To create a trustful and fair environment, suppliers must be objective in their assessment.
The world will only benefit from the best technology if there is fairness and transparency in the 5G supplier ecosystem.
A standardized approach to assessment will establish a baseline based on real threats, measurable mitigation controls, and where major telecom providers should all be able to play by the same rules. This will demonstrate commitment to cybersecurity standards and best practice and create trust among nations.
Hope you liked this article on What Are 5G Cybersecurity Risks and How To Manage It?
Are you interested in kickstarting your career in Cybersecurity no matter your educational background or experience? Click Here to find out how.