Following a period of public debate, the UK government has decided on new security requirements for telecom providers. It now intends to introduce the Electronic Communications (Security) Measures Regulations 2022 and an accompanying Telecommunications Security Code of Practice to Parliament before the regulations take effect.
The new rules seek to better secure UK telecoms networks from cyberattacks. Once in effect, telecoms businesses will be expected to follow tight standards around network failure or the theft of sensitive data, with the regulatory agency Ofcom receiving additional powers to verify providers are adopting suitable and proportional security measures.
The government declared that the new telecommunications security legislation, designed in collaboration with the National Cyber Security Centre (NCSC), will be among the toughest in the world and will provide the UK with much stronger measures. They will strengthen the UK’s cyber resilience by incorporating strong security practices into providers’ long-term investment choices as well as the day-to-day operation of their networks and services.
The approved laws will guarantee that telecom companies:
- Safeguard the data handled by their networks and services, as well as the vital processes that enable them to be operated and managed.
- Safeguard software and hardware that monitors and analyzes their networks and services.
- Have a thorough grasp of their security threats and the capacity to detect unusual behavior, with frequent reporting to internal boards.
- Consider supply chain hazards, as well as who can access and modify the functioning of their networks and services to improve security.
Digital Infrastructure Minister Matt Warman said: “We know how damaging cyber-attacks on critical infrastructure can be, and our broadband and mobile networks are central to our way of life. We are ramping up protections for these vital networks by introducing one of the world’s toughest telecoms security regimes which secure our communications against current and future threats.”
