CISA Publishes 5G Security Evaluation Process Plan

The Cybersecurity and Infrastructure Security Agency (CISA) has published a new five-step 5G Security Evaluation Process to help companies improve their security posture before deploying new 5G applications.

More specifically, the new guidelines include information on relevant threat frameworks, 5G system security standards, industry security specifications, federal security guidance documents and methodologies to conduct cybersecurity assessments of 5G systems.

“5G networks are designed to be more secure than 4G,” read the report. “However, the complexity of 5G networks – with new features, services and an anticipated massive increase in the number and types of devices they will serve […] expands the threat surface and can make defining the system boundary challenging. ”

Additionally, the report highlights how federal enterprises planning to implement 5G-enabled systems may not be aware of how the inclusion of 5G technologies impacts the system risk assessment / authorization to operate (ATO) process.

This is particularly true, CISA wrote, considering that the level of effort and resources required by enterprises to fully assess a 5G network and accompanying system elements varies based on several factors.

“This document presents examples of common 5G subsystems and components to highlight the efficiencies gained during each of the five steps of the proposed 5G Security Evaluation Process.”

The report also presents a set of potential 5G ‘starter’ projects “beyond the commercial mobile broadband offerings currently offered by national and regional MNOs for federal agencies.”

CISA called upon agencies and organizations to review the new report before June 27 2022, saying the feedback will be utilized to assess the need for further security recommendations and guidance publications for federal agency adoptions of 5G technologies.

The report is the result of a collaboration between CISA, the Department of Homeland Security’s Science and Technology Directorate and the Department of Defense’s (DoD) Office of the Under Secretary of Defense for Research and Engineering (OUSD R&E).

For additional information about the cybersecurity risks associated with 5G deployments, head over to this explainer article by technology expert Tim Hardwick.

Source

The Cybersecurity and Infrastructure Security Agency (CISA) has published a new five-step 5G Security Evaluation Process to help companies improve their security posture before deploying new 5G applications.

More specifically, the new guidelines include information on relevant threat frameworks, 5G system security standards, industry security specifications, federal security guidance documents and methodologies to conduct cybersecurity assessments of 5G systems.

“5G networks are designed to be more secure than 4G,” read the report. “However, the complexity of 5G networks – with new features, services and an anticipated massive increase in the number and types of devices they will serve […] expands the threat surface and can make defining the system boundary challenging. ”

Additionally, the report highlights how federal enterprises planning to implement 5G-enabled systems may not be aware of how the inclusion of 5G technologies impacts the system risk assessment / authorization to operate (ATO) process.

This is particularly true, CISA wrote, considering that the level of effort and resources required by enterprises to fully assess a 5G network and accompanying system elements varies based on several factors.

“This document presents examples of common 5G subsystems and components to highlight the efficiencies gained during each of the five steps of the proposed 5G Security Evaluation Process.”

The report also presents a set of potential 5G ‘starter’ projects “beyond the commercial mobile broadband offerings currently offered by national and regional MNOs for federal agencies.”

CISA called upon agencies and organizations to review the new report before June 27 2022, saying the feedback will be utilized to assess the need for further security recommendations and guidance publications for federal agency adoptions of 5G technologies.

The report is the result of a collaboration between CISA, the Department of Homeland Security’s Science and Technology Directorate and the Department of Defense’s (DoD) Office of the Under Secretary of Defense for Research and Engineering (OUSD R&E).

For additional information about the cybersecurity risks associated with 5G deployments, head over to this explainer article by technology expert Tim Hardwick.

Source

More from author

LEAVE A REPLY

Please enter your comment!
Please enter your name here

Related posts

Advertismentspot_img

Latest posts

Threat Intelligence Services Are Universally Valued by IT Staff

Almost all IT professionals believe that threat intelligence services and feeds will help their company get ready for and repulse malware attacks. Only...

Black Basta may be an all-star ransomware gang made up of former Conti and REvil members

The group has targeted 50 businesses from English speaking countries since April 2022. ...

APAC companies are failing to build successful digital models: Forrester

Approximately 61% of APAC organizations have failed to build robust and successful digital business business models, primarily due to unsound practices of enterprise architecture...

Want to stay up to date with the latest news?

We would love to hear from you! Please fill in your details and we will stay in touch. It's that simple!