Intelligent CIO Europe Issue 56 | Page 45

FEATURE : MOBILE SECURITY
• Assessing the risk profile of Open RAN providers , external service providers related to Open RAN , cloud service / infrastructure providers and system integrators , and extending the controls and restrictions on MSPs ( Managed Service Providers ) to those providers .
• Addressing deficiencies in the development of technical specifications : the process should satisfy the World Trade Organisation ( WTO )/ Technical Barriers to Trade ( TBT ) founding principles for the development of international standards and security deficiencies should be addressed .
• Including Open RAN components into the future 5G cybersecurity certification scheme , currently under development , at the earliest possible stage .
• As regards preserving and consolidating EU capacities in this market , a technology-neutral regulation to foster competition should be maintained . In this framework , EU and national funding for 5G and 6G research and innovation could be used to support opportunities for EU players to compete on a level playing field . Beyond the RAN , it is also important to address potential dependencies or lack of diversity across the whole communication value chain for the diversification of supply .
Overall , the report recommends a cautious approach to moving towards this new architecture . Any transition from and coexistence with existing , reliable technologies should be done by allowing sufficient time and resources to assess risks in advance ,
The timely deployment of secure 5G networks is a high priority for the European Union . To contribute to this objective , EU Member States , with the support of the European Commission and ENISA , have developed a concerted approach to the cybersecurity of 5G networks . Through this concerted approach , EU Member States jointly assessed the main risks related to 5G networks and defined a comprehensive and risk-based approach in the form of the EU 5G Toolbox adopted in January 2020 . The EU 5G Toolbox recommends a set of common risk mitigating measures .
The EU 5G Toolbox includes strategic and technical measures and corresponding actions to reinforce their effectiveness . Key measures of the EU 5G Toolbox include strengthening security requirements , assessing the risk profiles of suppliers , applying relevant restrictions for suppliers considered to be highrisk including necessary exclusions for key assets considered as critical and sensitive ( such as the core network functions ) and having strategies in place to promote the diversification of suppliers and avoid dependencies .
implement appropriate mitigations and clearly define responsibilities in case of failure or incident . p
www . intelligentcio . com INTELLIGENTCIO EUROPE 45