5G networks and the EU network security toolkit
On one hand, the transition from 4G and LTE networks to 5G opens up completely new opportunities for users, related to the increasing digitalization and automation of various areas of daily life. On the other hand, it is also a space where new problems and security risks emerge on a large scale.
It is the awareness of these risks that has led the European Union to put a 5G cybersecurity toolkit in place for member countries to implement.
Cyber security in 5G networks – a change in the threat structure
Cyber security is by no means a new topic, although interest in it has increased significantly in recent times due to the ongoing digital transformation when more and more people are accessing the Internet on a daily basis via a variety of devices (including computers, tablets, and smartphones). In turn, this leads to a change in the existing map of cyber threats, bringing new challenges to be dealt with at the operator, state, or Euroregional level.
The growing number of cybercrimes poses a serious threat to the stability of telecommunications networks and information systems. On one hand, the digital transformation within the Industry 4.0 revolution and the transition to the 5G standard is a huge opportunity for development and reaching the previously unavailable capabilities. 5G is a shift to protocols, APIs, and cloud mechanisms, which will give unprecedented scalability, extremely wide coverage, performance, and flexibility of operations.
However, the aforementioned protocols and the open, distributed nature of 5G networks also bring new threats, related to the risk of data loss and various hacking attacks. And this, in turn, can lead not only to individual problems but also to business, economic, and social destabilization within a country or the entire European Community. As a result, cyber security has become one of the most strongly developed economic sectors in recent months.
EU security toolkit – key elements
According to the EU regulation, it is the responsibility of network operators and the local authorities of individual member states appointed for this purpose to ensure safe implementation and operation of the network. However, it is equally important to ensure the creation of common tools and patterns of operation that will enable integration and improve operating rules at the community level as well, which is important for carriers operating in cross-border markets.
This is how the EU’s 5G Cyber Security Toolkit was created, which aims to determine a coordinated approach based on common measures to even more effectively identify the most important cyber threats present in 5G networks.
Individual member states are therefore tasked with:
• rigorous control of communications network operators,
• assessment of the risk profiles of individual suppliers,
• ensurance of supplier diversity to avoid heavy dependence on only one supplier.
The solution is designed to allow better detection of potential risks, which includes using reports from the EU’s coordinated risk assessment, whose guidelines are being refined on an ongoing basis to better meet the rapidly changing markets.
In order to achieve the highest standards of network security, national markets need to implement the objectives of the NIS2 Directive and the Directive of December 14, 2022 on measures for a high common level of security in the territory of the Union (mainly bringing new cyber security obligations for companies in the energy, transport, financial, medical, and digital providers sectors). Work is also underway on the Cyber Resilience Act, which is expected to set out key guidelines for various hardware and software products connected to the network to comply with the highest cyber security standards.
Meanwhile, in Poland, another version of the amendment to the Law on the National Cyber Security System has been included in the list of legislative and programmatic work of the Council of Ministers for the coming months. As a result, it is expected to allow better identification of potential threats, as well as the exclusion of high-risk service providers.
Cyber development and cyber security – a comprehensive vision of the future
The distinct structure of the 5G network compared to its predecessors brings a wide range of opportunities that will enable even more complete digital transformation in the near future and fulfill its potential in most key areas. It is an opportunity to improve the quality of life for European citizens. However, at the same time, it brings a number of threats. It is up to the identification of such risks and the use of the right cyber-security tools (legal, structural and, of course, software) to protect the core value of our time – ubiquitous data.