The telecommunications (security) bill is being submitted to parliament, proposing to give the government more powers to remove “risky” suppliers, such as Shenzhen-based Huawei, from UK telecommunications infrastructure.
In July, the government announced that – despite the fact that Huawei previously had a limited role in providing equipment for the non-core parts of the UK 5G network – it would be completely banned from the networks, along with other vendors who as are considered ‘high quality’. risk. ”Mobile operators have until 2027 to remove all Huawei equipment from their 5G infrastructure.
The government’s decision to formally exclude Huawei will be enshrined in law in the new bill.
The bill proposes creating new national security powers to impose controls on when a telecommunications company can use equipment provided by high-risk suppliers. Companies that fail to comply with these rules can be fined 10 percent of sales or £ 100,000 per day.
Ofcom will be responsible for monitoring and reviewing operator security protocols. The supervisor will conduct technical tests, personnel interviews and site visits to review equipment and documents.
“We are investing billions to roll out 5G and gigabit broadband nationwide, but the benefits can only be realized if we have complete confidence in the security and resilience of our networks,” said Oliver Dowden, Digital Secretary. “This groundbreaking law will give the UK one of the toughest telecom security regimes in the world and allow us to take the necessary steps to protect our networks.”
According to the government’s Telecoms Supply Chain Review, self-regulation has not resulted in operators adhering to best security practices. The new bill sets minimum standards that operators must meet and establishes new codes of practice to help them meet their legal obligations regarding high-risk suppliers.
A government statement said the requirements would likely include the following: the safe design, construction and maintenance of sensitive nuclear equipment; reducing the risk that third-party equipment is unreliable or vulnerable to attack; controlling access to on-site core network equipment and to software used to manage networks; conducting security audits to understand the ongoing risks to their networks; and protecting customer data when it is sent to different parts of the network. These requirements will be published once the bill is approved.
“The rollout of 5G and gigabit broadband offers great opportunities for the UK, but as we take advantage of it, we need to improve the security of our national networks and operators need to know what is expected of them,” said Dr. Ian Levy, technical director at the National Cyber Security Center. “We are committed to pushing standards and this bill imposes new telecommunications security requirements that help operators make better risk management decisions.”
Victor Zhang, Vice President of Huawei, said: “It is disappointing that the government wants to exclude Huawei from the rollout of 5G. This decision is politically motivated and not based on a fair assessment of the risks. It does not serve anyone in the best interest as it would put Britain in the digital slow lane and put the government at risk in leveling the agenda. “