Top Banner

UK telecoms security law in motion for enhanced cyber threat protection

Digital Secretary Oliver Dowden said, “this groundbreaking bill will give the UK one of the toughest telecoms security regimes in the world and allow us to take the action necessary to protect our networks.”

The Bill will be strengthening the security framework for 5G and full-fibre technology networks. These include the electronic equipment and software at phone mast sites and in telephone exchanges which handle internet traffic and telephone calls.

By and large, this will be a significant step to protect the UK from hostile cyber activity by state actors or criminals. The Bill will also provide the Government with new national security powers to issue directions to public telecoms providers in order to manage the risk of high-risk vendors.

Ofcom, the UK's communications regulator, will be given the duty of monitoring and assessing the security of telecoms providers. Currently, UK telecom providers are responsible by law for setting their own security standards in their networks. Yet, they still need to work on adopting the best security practices.

Thus, the Bill will allow the government to issue specific security requirements that providers will need to follow. These requirements will be set out in secondary legislation, but are likely to involve companies to (1) securely design, build and maintain sensitive equipment in the core of providers’ networks which controls how they are managed; (2) reduce the risks that equipment supplied by third parties in the telecoms supply chain is unreliable or could be used to facilitate cyber threats; (3) make sure they are able to carry out security audits and put governance in place to understand the risks facing their public networks and services; and (4) keep networks running for customers and free from interference.