EU citizens and companies using advanced and innovative applications enabled by 5G and future generations of mobile communication networks should benefit from the highest security standard. As follow-up of last year’s EU recommendation on the cybersecurity of 5G networks,the EU Toolbox adopted in January 2020 sets out a comprehensive and objective risk-based approach to 5G cybersecurity .
As a result of its review of the Recommendation, the Commission found that most Member States are well on track to implement a significant part of the measures recommended in the Toolbox in the near future.
Going forward, the Commission calls on Member States to complete the implementation of these measures by the second quarter of 2021 and to ensure that identified risks have been mitigated adequately and in a coordinated way, in particular with a view to minimise the exposure to high risk suppliers and of avoiding dependency on these suppliers.
Indeed, in October, the European Council called on Member States ‘to make full use of the 5G cybersecurity toolbox adopted on 29 January 2020, and in particular to apply the relevant restrictions on high-risk suppliers for key assets defined as critical and sensitive in the EU coordinated risk assessments, based on common objective criteria”.
As regards next steps, the EU Cybersecurity Strategy details the way forward and proposes a set of concrete actions, categorised by key objectives, to continue the coordinated work at EU-level. These objectives consist of ensuring further convergence in risk mitigation approaches across the EU, supporting continuous exchange of knowledge and capacity building, and promoting supply chain resilience and other EU strategic security objectives.
- Commission Recommendation of 26 March 2019 on the Cybersecurity of 5G networks
- EU toolbox of mitigating measures and its progress report of July 2020
- The new cybersecurity strategy