Page 105 - SAMENA Trends - February 2020
P. 105

ARTICLE  SAMENA TRENDS

        and    communications  infrastructure  concerns that the agency identifies for 5G.   equipment with known or suspected
        moving forward, as  well as  all vendors.   The agency highlighted that the use of 5G   vulnerabilities
        The following security  requirements are   components  manufactured by  untrusted   •  Development  of  trusted  5G
        planned  for the telecommunications   companies  could  expose  US  entities to   technologies, services, and products
        networks:                            risks  especially since  the technology   2.4 Summary of the measures taken
          •  Systems to  only be sourced from   will  use more components  than previous   There are several overlapping  objectives
             trustworthy suppliers  who comply   generations of wireless networks.  and procedures  that  have  been  observed
             with national security  regulations                                 in the steps taken by the three countries.
             and provisions for the secrecy of   The report suggested several measures the   Each  have  clearly  highlighted  the
             telecommunications and data     US  Government could  take to reduce  the   underlying  concerns  and objectives of
          •  Network  traffic  to  be  monitored   risks of deploying a 5G network including:  the new requirement including  consumer
             regularly for any  abnormality and   •  Use  of 5G  network components   protection,  business protection  and/or
             appropriate  protection  measures to   manufactured by trusted companies   national security.  Moreover, the areas of
             be taken in case of a concern       since the proliferation of the   focus within these requirements  include
          •  Only   certified   security-related   technology’s  infrastructure  may  codes of conduct, monitoring obligations,
             network and system components to    provide malicious actors more attack   choice  of vendor/supplier, standards
             be used                             vectors                         of equipment,  staff  and stakeholder
          •  Only  trained professionals to  be   •  Promoting  open,  transparent and   measures and notification requirements.
             employed in security-related  areas   consensus–driven  international
             and   professionally  competent,    standards and processes  that  do   The   figure   below   highlights   the
             reliable and trustworthy contractors   not place trusted companies  at  a   commonalities  in the approach taken by
             to be selected  for system-related   disadvantage                   Australia, USA and Germany to address 5G
             process outsourcing               •  Limiting  the  adoption  of  5G  cybersecurity concerns.
          •  Adequate redundancy to be available
             for critical, security-related network
             and system components

        2.3 United States of America







        In  July  2019,  the  US’  Cybersecurity  &
        Infrastructure Security Agency  (CISA)
        released  a  Critical  Infrastructure Security
        and Resilience Note pinpointing the security   Figure 3: Measures taken by the three countries for 5G cybersecurity

































                                                                                                    105  FEBRUARY 2020
   100   101   102   103   104   105   106   107   108   109   110