Page 131 - SAMENA Trends - February 2020
P. 131
REGULATORY & POLICY UPDATES SAMENA TRENDS
EC Continues 5G Security Push
The European Commission (EC) published a slate of network security commenced in March 2019, which provides best
recommendations designed to ensure security of 5G infrastructure practice information for countries, but does not impose legally-
in member states, while placing the onus on individual countries binding rules. However, in a statement, the EC said all member
to assess the role of the vendors involved in supplying core states had agreed to take steps as outlined in the toolbox by 30
network equipment. In its EU Toolbox for 5G Security, the EC calls April, with status reports on each country’s progress due by 30
on regulators to ensure they have powers in place to impose June. Under EU rules national security matters fall under the remit
tight rules on mobile operators in relation to the make-up of their of individual countries, but the EC is pushing for a coordinated
supply chains. Specifically, it wants national authorities to assess approach for 5G.
the risk profiles of vendors, impose restrictions for those deemed
high risk and exclude specific companies from supplying “key
assets” to networks. It recommends individual operators limit
dependency on any one supplier with a multi-vendor strategy in
place, similar to policies outlined by the UK. The EC document
also provides detailed guidelines for mitigating specific risks
in 5G and provides an overview of key strategic and technical
measures for use by member states. European Commissioner
Margaritis Schinas said: “A genuine security union is one which
protects Europe’s citizens, companies and critical infrastructure.
5G will be a ground-breaking technology, but it cannot come at
the expense of the security of our internal market.” “The toolbox is
an important step in what must be a continuous effort in the EU’s
collective work to better protect our critical infrastructures.” Its
latest document was compiled as part of a wider plan to ensure 5G
UK Imposes New IoT Rules Designed to Improve Safety
The UK Government has unveiled new 1. Devices must have unique passwords flooding onto the market in recent months,
rules for the growing consumer connected and no ‘factory reset’ option the security credentials of some are
objects segment, forcing the ecosystem 2. Reporting functions for vulnerabilities questionable. There are likely to be many
to take a more rigorous and conscious must be created by all manufacturers reasons for this, though the pursuit of
approach to security. The new law has 3. Consumers must be made aware of profitability is likely to be sitting at the top
been drafted by the Department for Digital, the minimum length of time security of the list. Security is a growing concern for
Culture, Media and Sport (DCMS), focusing updates will be received for the products the general public in an increasingly digital
on three requirements for the manufacture at the point of sale society, though the risks are still greatly
and sale of connected objects in the UK: Although connected devices have been undervalued. It would be safe to assume
only a small number of consumers would
genuinely veto a purchase due to digital
security concerns, and in the absence of
consumer pressure for greater security,
the Government is seemingly forcing the
hand of the IoT ecosystem. “We want to
make the UK the safest place to be online
with pro-innovation regulation that breeds
confidence in modern technology,” said
Digital Minister Matt Warman. “Our new law
will hold firms manufacturing and selling
internet-connected devices to account and
stop hackers threatening people’s privacy
and safety. It will mean robust security
standards are built in from the design stage
and not bolted on as an afterthought.” The
industry on the whole has been gradually
131 FEBRUARY 2020
