Addressing risk in cyberspace in a 5G world is a shared responsibility among telecom owners and operators, suppliers, partners, standard bodies, and governments. Collaboration is essential to better assess and manage risk and promote resilience. There need to be consensus-based standards and best practice requirements, independent conformance, and testing protocols, with adequate visibility/transparency.
- Governments have great concerns over 5G security, and it requires joint efforts to build trust in the supply chain
- Security responsibilities are shared by different parties in the entire 5G network process, from equipment to network deployment, and O&M
- Apply the zero-trust principle to supply chain management, enabling carriers to better manage network risks
- Industry best practices should be followed in the E2E process from development to delivery
- Carriers formulate security baselines for network devices and applications and periodically perform security evaluation and hardening
- Supplier information security management systems should comply with industry best practices
- Carriers should have strict account management, access control regulations and processes, and continuously record network behavior for audit and analysis
- Suppliers should provide security and trustworthiness statements for products and services, and carriers should cooperate with multiple parties to supervise the implementation
- Using Zero Trust Concept, Carriers Can Better Manage Telecom Network Risks