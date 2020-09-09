Sign In Register
5G
The Edge
Open RAN
Private Networks
Cloud Native/NFV
Security
AI/Automation
Cable/Video
DOCSIS CCAP Cable Business Services 10G The Bauminator
IoT
OSS/BSS
SD-WAN
Optical/IP
FTTX DCI Routing Any Haul/X-Haul
Test & Measurement
Services
4G/3G/WiFi
6G
Regions
Asia Africa Europe India Middle East
Industry Show News
Mobile World Congress Big 5G Event
Events
Big 5G EventCable Next-Gen Digital SymposiumGlobal Telecoms Awards
Events Archives
Cable Next Gen-Technologies & StrategiesLeading Lights AwardsAfricaCom 2020
Webinars
Upcoming Webinars Archived Webinars 5G Webinars Live Learning Webinars
White Papers
Tech Centers
Future Vision Tech Center
Market Leader Programs
Internet for the Future
Communities
The 5G Exchange LR Asia Broadband World News Connecting Africa Telecoms.com Women In Comms
Light Reading Video
Telecom Innovators Showcase
Light Reading Audio
Light Reading Podcast Executive Spotlight Q&A
News & Views Events Leading Lights Awards About Us Advertise With Us Newsletter Signup
x
Newsletter Signup Sign In Register
Security

5G security suffering from too many cooks in the kitchen

DanoVision Mike Dano, Editorial Director, 5G & Mobile Strategies 9/9/2020
Comment (0)

The US Department of Homeland Security's (DHS) Cybersecurity and Infrastructure Security Agency (CISA) recently awarded itself a starring role in the industry's shift to 5G: The agency said it would analyze 5G components for security risks.

And how exactly will a two-year-old agency with a $3 billion budget go about completing that daunting task? No one knows, and the agency hasn't provided any details.

CISA's promise to secure the entire US 5G industry is listed on page 14 of its 24-page report on 5G security: "Procurement of 5G components from untrusted vendors poses many economic and security risks. Often, these technologies are cheaper than trusted alternatives, but these low, up-front costs have the potential to accumulate into more long-term expenditures to address security flaws or interoperability issues," the agency wrote. "To prevent the United States and its allies from purchasing untrusted equipment, CISA will analyze components from 5G vendors and report on any long-term risks that affect the ability to securely communicate and share information."

The proclamation could have a significant impact on a wide range of companies ranging from antenna providers to silicon vendors, which potentially may need to receive CISA approval before selling their wares in the US. Several 5G component suppliers contacted by Light Reading, including San Diego-based Qualcomm and Sweden's Ericsson, declined to discuss the issue. However, according to a source familiar with the topic who asked not to be named, CISA's new job in the wireless industry represents another step by the Trump administration toward developing a cohesive plan to secure 5G, rather than a fully formed security program.

Previously, the administration considered taking a country-of-origin approach to component security but has since moved away from that notion. Now, via the CISA, it's leaning toward an approach that would certify individual suppliers and their components.

CISA's new job in 5G stems from the Trump administration's moves against Huawei and ZTE, Chinese vendors deemed a security threat by US officials. While Huawei and ZTE have now largely been blocked from the US market, the situation raises an important question: If those vendors cannot be trusted, which vendors can be trusted?

That's a much more difficult question to answer, apparently – and it's one that's attracting interest from a wide variety of players.

CISA isn't the only entity that wants to be the bouncer for Trump's 5G party. The Alliance for Telecommunications Industry Solutions (ATIS) and the Telecommunications Industry Association (TIA) each have their own proposals on how to secure 5G networks. Other entities and agencies working on the topic range from the National Institute of Standards and Technology's (NIST) Cybersecurity Framework to DHS' Information and Communications Technology Supply Chain Risk Management Task Force (ICT SCRM Task Force) to the National Telecommunications and Information Administration's (NTIA) Communications Supply Chain Risk Information Partnership (C–SCRIP) to the FCC's secure supply chain effort.

Most such efforts stem from the Secure and Trusted Communications Networks Act passed by Congress in 2019.

Not surprisingly, some in the 5G industry are beginning to worry that there are too many cooks in the network-security kitchen. "To avoid fragmentation and reach relevant stakeholders, the federal government must promote a unified regime for supply chain security," wrote the CTIA, a lobbying group for the nation's biggest wireless network operators, in a recent FCC filing. "This will help government and industry protect US networks and create opportunities for strong, alternative supply chains to develop."

For its part, the CTIA wants DHS to lead things.

"CTIA urges the [FCC] commission to fit its supply chain activities into a whole-of-government approach, led by DHS and supported by Commerce [Department]," CTIA wrote. "DHS is the sector-specific agency for communications and information technology and has significant experience with national security and supply chain issues. DHS is suited to lead, especially where the implications extend beyond US telecommunications carriers. Commerce has authority to address national security threats."

Regardless of which US agency or entity ultimately ends up with the undoubtedly lucrative contract to secure America's 5G, the effort will be tainted by the Trump administration's backwards approach to the issue. Instead of implementing security protocols to cull bad actors, the administration first identified the bad actors and now has to find security protocols that align with its decisions.

No wonder there are too many cooks in the kitchen; after all, the cart was put before the horse.

Mike Dano, Editorial Director, 5G & Mobile Strategies, Light Reading | @mikeddano

Related Stories
COMMENTS
Newest First | Oldest First | Threaded View
Add Comment
Be the first to post a comment regarding this story.
EDUCATIONAL RESOURCES
More Blogs from DanoVision
What Loving, Texas, tells us about the future of 5G

Midband spectrum licenses in the middle of nowhere, Texas, sold for an astounding $141 per MHz/POP. And that has significant implications for private networks, IoT and 5G.

Will the US cable industry supercharge open RAN?

Comcast, Charter and Cox collectively spent more than $1 billion on wireless spectrum. Will they choose the safe buildout path, or will they risk an open RAN strategy?

Open RAN might actually be working

Dish Network's work with smaller vendors and Rakuten's turn away from Cisco and Nokia are early indicators that Open RAN may well be having an effect on the market.

What the Trump?! President calls for a 'national' 5G network

President Trump's mention of a 'national' 5G network raises questions around Newt Gingrich and Rivada Networks, but lacks information, substance, detail and logic.

More
FEATURED VIDEO
UPCOMING LIVE EVENTS
Big 5G Event
September 22-24, 2020, Virtual Event
Cable Next-Gen Digital Symposium
October 6-10, 2020, Two Day Digital Symposium
Global Telecoms Awards
November 19, 2020, London, UK
All Upcoming Live Events
UPCOMING WEBINARS
September 10, 2020 Private Wireless Networks: Unlocking the Value for Enterprise Business
September 10, 2020 Leveraging the Cloud in the New 5G Edge
September 15, 2020 Architecture for High-Performance Cloud-Native CDN
September 15, 2020 Automating Software Defined IP Transport Networks
September 16, 2020 Comprehensive Security Assurance Is Essential in the 5G Era
September 16, 2020 From Monetization to Engagement: What’s Missing from Your 5G Stack?
September 17, 2020 Digitalized and Automated FTTx: Key to successful deployment
September 17, 2020 SCTE•ISBE Live Learning Webinar Series: Getting Ready for DOCSIS 4.0
September 29, 2020 Turning Disparate Data Into a Market Growth Opportunity
September 30, 2020 Rewriting the FTTx playbook with Open and Disaggregated approach
September 30, 2020 IoT Solutions for the Society Against COVID-19
October 22, 2020 SCTE•ISBE Live Learning Webinar Series: Virtualizing the Cable Access Network
November 19, 2020 SCTE•ISBE Live Learning Webinar Series: Testing the Next-Gen Cable Network
December 10, 2020 SCTE•ISBE Live Learning Webinar Series: Dreaming of Streaming Video
Webinar Archive
PARTNER PERSPECTIVES - content from our sponsors
The Global Mobile Industry Is Embracing Open RAN to Drive Innovation By NEC
3GPP R18 Launches 5G Smart Grid Research, Unifies Global Standards, and Leads Industry Development By Huawei
NetEngine 8000 Helps Open Up the 400GE Intelligent IP Era By Huawei
DC 2025: Ultra-Fast, Scalable, Green By Huawei
AUTIN AI Practices Delivers Cost Reduction, Quality Improvement and Transformation for Operation and Maintenance By Jet Xu, Director, ICT Operation Marketing & Solution Sales Dept, Huawei
All Partner Perspectives
GUEST PERSPECTIVES - curated contributions
Is the COVID-19 pandemic a catalyst for the fourth industrial revolution? By Javier Ger, Telecom Argentina & Claudio Saes, Bell Labs Consulting
All Guest Perspectives
HOME
Sign In
SEARCH
CLOSE
MORE
CLOSE