New Cyber Security Laws For Telecoms Providers

New UK telecom security regulations, which has been developed with the National Cyber Security Centre (NCSC) and the telecom regulator, Ofcom, is among the strongest in the world, providing tougher protection for the UK from cyber threats, which could cause network failure or the theft of sensitive data. 

The UK government published a public consultation response earlier this month, outlining some of the changes that have been made to the regulations and code of practice. 

The government has been clear in its ambition to make the United Kingdom a world leader in digital connectivity. Over 69% of the country has access to gigabit-capable broadband, and the government’s ambition for the majority of the population to have access to a 5G signal by 2027 has been delivered five years early.. But we know that today the security and resilience of our communications networks and services is more important than ever. From heightened geopolitical threats through to malicious cyber criminals exploiting network vulnerabilities, global events have shown the importance of providing world-leading security for our networks and services,” say the UK government’s Minister introducing the Report.

Although not yet integrated into the actual framework and remain drafted, the UK plans to implement the updates in October. The consultation is about the adoption of the Telecommunications Security Act, which was developed alongside the National Cyber Security Centre in November 2021.

The October framework, however, will impose unprecedented security regulations designed to protect UK telecom networks against cyber attacks targeting the industry. 

The regulations span several different areas of concern, such as data, software and equipment protection, risk assessment, and anomaly detection. Part of the Telecommunications (Security) Act, the new regulations give the government power to set security standards for mobile and broadband networks. This covers both hardware and software at mast sites and in telephone exchanges that handle Internet traffic as well as phone calls.

Telecom providers will also have to fulfill additional legal duties which include:-

  • Identifying and assessing risks to edge equipment.
  • Keeping control of who can make network-wide changes.
  • Protecting against specific malicious signaling.
  • Understanding risks facing their networks.

On the last point the telecoms operator must be able to identify when anomalous activity is taking place and be able to report it, as well as take account of supply chain risks and make changes to the operation of their networks and services to enhance security.

UK.Gov:    UK.Gov:     Oodaloop:    TEISS:      Infosecurity Magazine:    Techmonitor:    TotalTele

You Might Also Read: 

Data Protection Must Be a Part of Every Cyber Security Strategy:

 

« Evil Has New Cyber Weapons
India's Health Systems Are A Top Target »

Infosecurity Europe
CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

DigitalStakeout

DigitalStakeout

DigitalStakeout enables cyber security professionals to reduce cyber risk to their organization with proactive security solutions, providing immediate improvement in security posture and ROI.

XYPRO Technology

XYPRO Technology

XYPRO is the market leader in HPE Non-Stop Security, Risk Management and Compliance.

Authentic8

Authentic8

Authentic8 transforms how organizations secure and control the use of the web with Silo, its patented cloud browser.

Jooble

Jooble

Jooble is a job search aggregator operating in 71 countries worldwide. We simplify the job search process by displaying active job ads from major job boards and career sites across the internet.

NordLayer

NordLayer

NordLayer is an adaptive network access security solution for modern businesses — from the world’s most trusted cybersecurity brand, Nord Security. 

Titania

Titania

Titania provide network security and compliance software. Find your Network Security gaps before hackers do with our security & compliance tools.

Hypori

Hypori

Hypori is a virtual smartphone solution that makes truly secure BYOD a reality for organizations in healthcare, finance, government, and beyond.

Department of Energy - Cybersecurity, Energy Security, and Emergency Response (CESER) - USA

Department of Energy - Cybersecurity, Energy Security, and Emergency Response (CESER) - USA

The Office of Cybersecurity, Energy Security, and Emergency Response (CESER) addresses the emerging threats of tomorrow while protecting the reliable flow of energy to Americans today.

Block Armour

Block Armour

Block Armour is a Mumbai and Singapore based venture focused on harnessing emerging technologies to counter growing Cybersecurity challenges in bold new ways.

Polish Centre for Accreditation (PCA)

Polish Centre for Accreditation (PCA)

PCA is the national accreditation body for Poland. The directory of members provides details of organisations offering certification services for ISO 27001.

WolfSSL

WolfSSL

wolfSSL is an embedded SSL/TLS library providing secure communication for IoT, smart grid, connected home, routers, applications, games, phones, and more.

Lightspin

Lightspin

Lightspin is a contextual cloud security platform that continuously visualizes, detects, prioritized, and prevents any threat to your cloud stack.

SilverSky

SilverSky

SilverSky offers a comprehensive suite of products and services that deliver unprecedented simplicity and expertise for compliance and cybersecurity programs.

RedLegg

RedLegg

RedLegg is a master provider of information security services, a boutique, nimble, old-fashioned customer service company that enjoys the technology battlefield.

HackersEra

HackersEra

HackersEra is a leading offensive cybersecurity service provider. We enable our clients to operate in a more secure environment efficiently and produce more value.

Cyber1

Cyber1

CYBER1 is a leader in cyber security advisory and solutions. We are uniquely placed to help customers achieve cyber resilience and thus, safeguard reputation and value.

National Cybersecurity Alliance

National Cybersecurity Alliance

The National Cybersecurity Alliance is a non-profit organization on a mission to create a more secure, interconnected world.

Port443

Port443

Port443 specialises in providing Security Orchestration, Automation and Remediation (SOAR) "as a service".

Kodem Security

Kodem Security

Our mission is to make AppSec simple. Meet the world’s first dynamic software composition analysis platform. Only Kodem uses runtime intelligence to determine application risk.

Red Helix

Red Helix

Red Helix (formerly Phoenix Datacom) is a market leader in network performance and cyber security.

Winslow Technology Group (WTG)

Winslow Technology Group (WTG)

Winslow Technology Group is a leading provider of IT Solutions, Managed Services, and Cybersecurity Services dedicated to providing exceptional business outcomes for our customers since 2003.