The European Commission published on 29 January 2020 the 5G risk management toolbox, which lists measures to mitigate the security threats associated with 5G networks.
Member states are not required to implement all the measures recommended in the toolbox. Depending on national circumstances and the security requirements already in place, each member state will itself decide on the suitability of the measures to be adopted.
The European Commission calls on member states to complete the implementation of the measures recommended in the toolbox by 2Q 2021.
Cullen International’s new benchmark provides an overview of national initiatives addressing 5G cybersecurity in EU member states, the UK, Norway and Switzerland. These initiatives include new security requirements for 5G technologies, as well as specific actions taken by European countries to transpose the key security measures recommended in the 5G toolbox. The benchmark also looks at whether the studied countries have established criteria to define high risk vendors (HRVs).
The research finds that nearly all European countries have adopted or are in the process of adopting security measures addressing 5G networks. However, the measures taken to secure 5G networks differ significantly among the countries observed.
Most European countries have established criteria to define HRVs. Common criteria include:
- equipment suppliers being subject to interference by a non-EU country or state-backed actors;
- transparency of the supplier’s ownership and governance structure; and
- the supplier’s overall cybersecurity practices as well as compliance with EU privacy regulations.
Sweden and the UK remain the only countries to impose explicit bans on the use of 5G equipment supplied by Chinese vendors Huawei and ZTE.
For more information or a demo of the benchmark, please click on “Request Access” or on “Access the full content” in case you are subscribed to our European Digital Economy service.
24 November 21
Update on national 5G security initiatives Europe
Cullen International’s latest report provides an update of national developments on 5G security in Europe since July 2021. Major developments have been observed in Italy, Lithuania, Norway, and the United Kingdom.
22 November 21
Data centres: what regulation?
A new Global Trends report by Cullen International outlines the newest trends regarding the data centre industry.
22 November 21
Fines against big tech companies for data protection infringements in Europe
Cullen International’s new benchmark shows that data protection authorities in half of the surveyed European countries imposed fines on big tech companies for either General Data Protection Regulation (GDPR) or e‑Privacy Directive (ePD) infringements since the entry into application of the GDPR in May 2018.