Government warns UK telecoms industry over security risks to 5G supply chain
The government has written to the likes of O2, Vodafone and EE to say that phone networks should be careful over which companies they choose as suppliers when building their 5G networks.
The entire supply chain may be disrupted by an ongoing review of the UK's telecoms infrastructure, according to a letter penned by the Department for Digital, Culture, Media and Sport's (DCMS) head of digital policy Matthew Gould, and the National Cyber Security Centre's (NCSC) CEO Ciaran Martin.
The Future Telecoms Infrastructure Review, launched in July, aims to ensure that Britain's "critical national infrastructure remains resilient and secure", according to the letter seen by the Financial Times (FT).
The letter said the "outcome of the review may lead to changes in the current rules" and that the firms "will need to take the review into consideration in any procurement decisions".
Analysts suggest the letter is directed at a handful of Chinese manufacturers, such as Huawei and ZTE, which may be barred from the 5G process altogether over national security concerns.
Just as the government announced its major infrastructure review, an advisory board – partly-led by the NCSC – declared Huawei's hardware may pose a risk to national security.
The Huawei Cyber Security Evaluation Centre (HCSEC), which is owned by Huawei and overseen by the UK's national security agencies, revealed in its annual report that shortcomings in the engineering process have "exposed new risks" to UK networks.
"The Oversight Board can provide only limited assurance that any risks to UK national security from Huawei's involvement in the UK's critical networks have been sufficiently mitigated," the report said.
These concerns are disputed by the companies but were prominent enough for the Australian government to this summer institute a ban of Huawei and ZTE from providing 5G technology in the country.
Despite the government's warning, the telecoms industry is already well underway in the building and testing of 5G infrastructure. For instance late last month Vodafone activated its first 5G trial in Salford, Manchester.
Rival firms have also made serious headway in building their own 5G infrastructure with help from Chinese manufacturers, with Huawei considered integral to the future Three 5G network, and BT's 5G outlay.
Paolo Pescatore, senior vice president of consumer services at MIDiA Research, told IT Pro the government's warning has arguably come too late - as network providers have already announced trials with their partners.
"Yes, this does seem to be directed at Huawei," he said, "but in reality telcos have few options when choosing a network provider due to consolidation.
"5G represents a pivotal point for all countries and it is important to get the right framework for the future.
"Other nations have shown concerns around security so it is something that should be carefully considered. Despite this, Huawei has so far proved to be a credible partner for telcos around the world."
source itpro
Industry: Cyber Security News
Latest Jobs
-
- Infrastructure (Network / Security) Engineer | West London commutable | Permanent
- London
- Apply today
-
Infrastructure (Network / Security) Engineer | West London commutable | Permanent This is an in house opportunity. Looking for someone that has on prem / data center experience MUST be a currently hands on config, Install, upgrade, troubleshooting experience Routing, Switching, Network Security (firewall, IDS etc), Microsoft Active Directory / 365. VMWare Scripting / automation experience wanted. Python, Powershell etc Must be commutable to West London twice a week. Visa sponsorship not available. Apply today for more information Book a call via this link https://calendly.com/d/crqf-t28-7tb
-
- Identity & Access Management Architect
- Edinburgh
- Upto £95000 plus bonus and benefits
-
Location: Edinburgh | Hybrid Working | Permanent Are you an experienced Identity & Access Management professional with a passion for designing and implementing cutting-edge security solutions? We are looking for a Lead Architect, where you’ll play a key role in helping clients enhance their IAM capabilities, protect critical data, and navigate complex security challenges. About the Role As a Lead Architect, you will be responsible for shaping and delivering IAM strategies, designing robust security solutions, and driving long-term digital transformation. You’ll leverage your expertise to provide strategic guidance on areas such as: Identity Governance & Administration (IGA) Privileged Access Management (PAM) Access Management (AM) Entitlement Management Directories & Authentication Solutions You will have the opportunity to work with innovative technologies and frameworks, ensuring that businesses can securely manage access to critical assets while enabling growth. What You’ll Be Doing Providing subject matter expertise in IAM and leading transformation projects for clients Developing IAM roadmaps, operating models, and governance frameworks Driving innovation by integrating IAM capabilities into wider digital transformation strategies Building and maintaining strong relationships with clients and stakeholders Designing and implementing scalable IAM solutions to meet business needs What We’re Looking For Proven experience in IAM strategy, solution architecture, or assurance Strong leadership skills with experience guiding technical teams Ability to work in a client-facing role, delivering clear communication and insights A technology-focused, innovative mindset with strong business acumen Willingness to work from our Edinburgh office 2-3 days per week
-
- Security Architect - Cloud - Consultancy London
- London
- N/A
-
Security Architect with a focus into Cloud (AWS, Azure or Google Cloud Platform) needed. You must have client facing consultancy experience. This mean you must have experience working with clients helping them to meet their security design needs. That could include working with existing internal teams to understand, review and mitigate / uplift existing Cloud Security designs, or perhaps helping clients set out / understand their current needs and deliver their cloud security strategy. (Or anything in between) Technical knowledge is of course essential but working with clients to understand and solve their Cloud Security design challenges is vital. You must obviously have a current history working as a cloud security architect. You will need to be commutable to London. Whilst a hybrid role the expectation is 3 days a week in the office / meeting clients. International relocation or Visa sponsorship isn’t available for this role. Apply on this page and arrange a call here https://calendly.com/d/crpz-m7j-wyx