New Cyber Security Laws For Telecoms Providers

New UK telecom security regulations, which has been developed with the National Cyber Security Centre (NCSC) and the telecom regulator, Ofcom, is among the strongest in the world, providing tougher protection for the UK from cyber threats, which could cause network failure or the theft of sensitive data. 

The UK government published a public consultation response earlier this month, outlining some of the changes that have been made to the regulations and code of practice. 

The government has been clear in its ambition to make the United Kingdom a world leader in digital connectivity. Over 69% of the country has access to gigabit-capable broadband, and the government’s ambition for the majority of the population to have access to a 5G signal by 2027 has been delivered five years early.. But we know that today the security and resilience of our communications networks and services is more important than ever. From heightened geopolitical threats through to malicious cyber criminals exploiting network vulnerabilities, global events have shown the importance of providing world-leading security for our networks and services,” say the UK government’s Minister introducing the Report.

Although not yet integrated into the actual framework and remain drafted, the UK plans to implement the updates in October. The consultation is about the adoption of the Telecommunications Security Act, which was developed alongside the National Cyber Security Centre in November 2021.

The October framework, however, will impose unprecedented security regulations designed to protect UK telecom networks against cyber attacks targeting the industry. 

The regulations span several different areas of concern, such as data, software and equipment protection, risk assessment, and anomaly detection. Part of the Telecommunications (Security) Act, the new regulations give the government power to set security standards for mobile and broadband networks. This covers both hardware and software at mast sites and in telephone exchanges that handle Internet traffic as well as phone calls.

Telecom providers will also have to fulfill additional legal duties which include:-

  • Identifying and assessing risks to edge equipment.
  • Keeping control of who can make network-wide changes.
  • Protecting against specific malicious signaling.
  • Understanding risks facing their networks.

On the last point the telecoms operator must be able to identify when anomalous activity is taking place and be able to report it, as well as take account of supply chain risks and make changes to the operation of their networks and services to enhance security.

UK.Gov:    UK.Gov:     Oodaloop:    TEISS:      Infosecurity Magazine:    Techmonitor:    TotalTele

You Might Also Read: 

Data Protection Must Be a Part of Every Cyber Security Strategy:

 

« Evil Has New Cyber Weapons
India's Health Systems Are A Top Target »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

Jooble

Jooble

Jooble is a job search aggregator operating in 71 countries worldwide. We simplify the job search process by displaying active job ads from major job boards and career sites across the internet.

ManageEngine

ManageEngine

As the IT management division of Zoho Corporation, ManageEngine prioritizes flexible solutions that work for all businesses, regardless of size or budget.

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

XYPRO Technology

XYPRO Technology

XYPRO is the market leader in HPE Non-Stop Security, Risk Management and Compliance.

Resecurity, Inc.

Resecurity, Inc.

Resecurity is a cybersecurity company that delivers a unified platform for endpoint protection, risk management, and cyber threat intelligence.

Outpost24

Outpost24

Outpost24 provides easy to deploy and intuitive solutions to continuously identify, remediate and mitigate vulnerabilities in your network.

SOTI

SOTI

SOTI is an industry leader in Enterprise Mobility Management (EMM).

Claroty

Claroty

Claroty was conceived to secure and optimize OT networks that run the world’s most critical infrastructures.

Centro de Gestion de Incidentes Informaticos (CGII)

Centro de Gestion de Incidentes Informaticos (CGII)

CGII is the Computer Incident Management Center of the State of Bolivia.

Pentera Security

Pentera Security

Pentera (formerly Pcysys) is focused on the inside threat. Our automated penetration-testing platform mimics the hacker's attack - automating the discovery of vulnerabilities.

Intercast Global

Intercast Global

Intercast's mission is to be a strategic resource to our clients in Risk Reduction. We are a global leader in cyber security staffing and consulting to the enterprise.

HackControl

HackControl

HackControl services include penetration tests, security audits, block chain audits and brand and anti-phishing protection.

Humming Heads

Humming Heads

Humming Heads offers a complete solution to fight the advanced threats that target a company's endpoints and servers.

OWN

OWN

OWN (formerly SEKOIA) is a major French player in cybersecurity providing tailor-made, informed and adapted cyber support thanks to its DNA of passionate and committed experts.

Venkon

Venkon

Venkon provides effective and unique solutions to cyber-security threats and IT compliance requirements of your organization.

Gravitee

Gravitee

Gravitee helps organizations manage and secure their entire API lifecycle with solutions for API design, management, security, productization, real-time observability, and more.

Blackpanda

Blackpanda

Blackpanda is Asia’s premier cyber security incident response group, hyper-focused on digital forensics and cyber crisis response.

BluSapphire

BluSapphire

BluSapphire is an industry-first, purpose-built, cloud-native, Hybrid XDR platform powered by AI and big data analytics.

Galvanick

Galvanick

Galvanick enables your operations and IT teams to protect your industrial systems and networks against digital threats.

Siometrix

Siometrix

Siometrix addresses digital identity fraud. It steals your attacker's time and prevents many prevalent attack vectors.

Windstream

Windstream

Windstream is a leading provider of advanced network communications and technology solutions for consumers, small businesses, enterprise organizations and carrier partners across the US.