CybersecuritySecurity NewswireCybersecurity News

Secure 5G and Beyond Act of 2020 Signed Into Law

SEC0819-5G-Feat-slide_900px
April 6, 2020

On March 23, 2020, President Donald Trump signed into law the "Secure 5G and Beyond Act of 2020,” which requires the President to develop a strategy to ensure the security of next generation mobile telecommunications systems and infrastructure in the US; and assist allies and strategic partners in maximizing the security of next generation mobile telecommunications systems and infrastructure. 

He also signed into law the “Broadband Deployment Accuracy and Technological Availability Act or the Broadband DATA Act,” which requires the Federal Communications Commission to issue rules relating to the collection of data with respect to the availability of broadband services.

In addition, the White House release a six-page document called the National Strategy to Secure 5G, a blueprint mandated by the Secure 5G and Beyond Act of 2020. The blueprint's goal is to articulate a vision "for America to lead  the development, deployment, and management of secure and reliable 5G communications infrastructure worldwide, arm-in-arm with our closest partners and allies, including:

  • Facilitating domestic 5G rollout;
  • Assessing the risks and identifying core security principles for 5G infrastructure;
  • Managing the risks to our economic and national security from the use of 5G infrastructure;
  • Promoting responsible global development and deployment of 5G infrastructure. 

These efforts include:

Effort 1: Facilitating Domestic 5G Rollout

The Administration is facilitating the private sector-led domestic rollout of 5G, primarily coordinated by the National Economic Council. The Federal Communication Commission’s (FCC) strategy to Facilitate America’s Superiority in 5G Technology (the 5G FAST Plan): (1) makes more spectrum available for commercial use; (2) streamlines government processes for approving 5G infrastructure deployment; and (3) modernizes regulations to promote deployment of 5G backhaul.

In addition, the October 25, 2018 Presidential Memorandum on Developing a Sustainable Spectrum Strategy for America’s Future directed the Secretary of Commerce to issue a National Spectrum Strategy, which will lay out a long-term plan for spectrum management for 5G and future generations of advanced wireless networks, to include both space and terrestrial systems. The Administration will also continue to work aggressively with the private sector, as well as like-minded partners and allies to foster and promote the research, development, testing, and evaluation of new technologies and architectures that advance the state-of-the-art technology for 5G and beyond. 

Effort 2: Assess Risks to & Identify Core Security Principles of 5G Infrastructure

The goal of this effort is to promote secure and reliable 5G infrastructure by regularly assessing the economic and national security and other risks to this infrastructure, including defining and maintaining the relevant core security principles for this infrastructure.

Assess the Risks Posed by Cyber Threats to and Vulnerabilities in 5G Infrastructure

The US, says the White House, in partnership with State, local, and tribal governments as well as private sector partners, will seek to continuously identify and characterize economic, national security, and other risks posed by cyber threats to and vulnerabilities in 5G infrastructure. This effort will include maintaining an understanding of the global 5G market and 5G capabilities and infrastructure, including both space and terrestrial components. This activity will be done with appropriate intergovernmental, interagency, and private-sector engagement.

Develop Security Principles for 5G Infrastructure in the United States

The White House notes that the US will work with the private sector to identify, develop, and apply core security principles - best practices in cybersecurity, supply chain risk management, and public safety - to US 5G infrastructure. The principles will be synchronized with other security principles endorsed by the US, such as the “Prague Proposals” from the Prague 5G Security Conference in May 2019. 

 

Effort 3: Address Risks to United States Economic and National Security During Development and Deployment of 5G Infrastructure Worldwide

The goal of this effort it to address the risks presented by the use of 5G to its economic and national security by analyzing the risks of 5G infrastructure and ensuring national critical functions and national essential functions are structured in such a way that they are resilient to these risks.

Manage the Supply Chain Risks in United States Government Infrastructure, Including 5G

The Federal Acquisition Supply Chain Security Act of 2018 creates a unified, whole-of-government approach to protecting Federal systems from supply chain risks in covered articles, including but not limited to telecommunications equipment and services. Through the Federal Acquisition Security Council created by the Act, the government will identify or develop supply chain risk management standards, guidelines, and practices for executive agencies to use when assessing and mitigating supply chain risks. The Act includes a structure for preventing the use and procurement of sources or covered articles, which may include 5G equipment, in executive agency information systems.

Address the Risk of ‘High-Risk’ Vendors in United States 5G Infrastructure

The US, says the document, will ensure that 5G and future generations of information and communications technology and services will be deployed in a manner that protects the national security interests of the US. Executive Order (E.O.) 13873, issued on May 15, 2019, on “Securing the Information and Communications Technology and Services Supply Chain” establishes the authorities to prohibit certain transactions that involve information and communications technology or services designed, developed, manufactured, or supplied by persons owned by, controlled by, or subject to the jurisdiction or direction of a foreign adversary that pose an undue or unacceptable risk to the national security of the US.

The implementation of E.O. 13873 is designed to integrate and synchronize with activities by the Committee on Foreign Investment in the US, the Federal – 5 – Acquisition Security Council, and government reviews of certain Federal Communication Commission licenses involving foreign ownership. The government will leverage these robust activities to address the risk of high-risk vendors in the 5G infrastructure. 

 

Effort 4: Promote Responsible Global Development and Deployment of 5G

The goal of this effort is to ensure the US will work with like-minded countries to lead the responsible international development and deployment of 5G technology and will work to promote the availability of secure and reliable equipment and services in the market.

Develop and Promote Implementation of International 5G Security Principles

The US will participate in the development of international 5G security principles through frameworks, such as the Prague 5G Security Conference. The government will work bilaterally and multilaterally with foreign partners and allies to promote implementation of the 5G security principles within the “Prague Proposals” document that came out of this conference in May 2019.

Promote United States Leadership in International Standards Development and Adoption

The government will work to preserve and enhance US leadership on 5G in relevant organizations that set standards in concert with the private sector, including but not limited to commercial, academic, and like-minded international partners. This will include efforts such as expanding Federal interagency coordination, participation, and influence in standards-setting organizations. The US will emphasize the need for open and transparent processes to develop timely, technically robust, and appropriate standards; and will promote and support increased participation by the private sector and ensure that such participation is informed by appropriate public-private coordination.

Incentivize Market Competitiveness and Diversity of Secure 5G Infrastructure Options

The government will work with the private sector, academia, and international government partners to adopt policies, standards, guidelines, and procurement strategies that reinforce 5G vendor diversity to foster market competition. The US will join private sector and international partners in designing market-base incentives, accountability mechanisms, and evaluation schemas to assess diversity, component transparency, fair financing, and competition across the – 7 – 5G technology landscape as a means to better secure the global network and protect American values of openness, security, and interoperability. 

KEYWORDS: 5G critical infrastructure cyber security cybersecurity telecommunications

Looking for a reprint of this article?
From high-res PDFs to custom plaques, order your copy today!

close

1 COMPLIMENTARY ARTICLE(S) LEFT

Loader

Already Registered? Sign in now.

Related Articles

Related Products

See More ProductsSee More Products

Events

View AllSubmit An Event
  • June 20, 2024

    Turning Threats into Solutions in Today's Cyber Landscape

    ON DEMAND: This webinar will also explore lessons learned and the evolving threat landscape of cybersecurity within local governments and how these key challenges and tactics can develop an effective security strategy.
View AllSubmit An Event

Sign-up to receive top management & result-driven techniques in the industry.

Join over 20,000+ industry leaders who receive our premium content.

SIGN UP TODAY!