The European Union Agency for Cybersecurity (ENISA) released a report about key security controls in the Third Generation Partnership Project (3GPP). It develops technical specifications for fifth generation of mobile telecommunications (5G) networks. As vendors, system integrators and operators build, deploy and manage 5G networks, the ENISA publication underlines the need for cybersecurity and for the national regulatory authorities in charge of cybersecurity policy development and implementation to have a good understanding of these controls.

This new ENISA report is directly driven by the objectives set in the EU toolbox for 5G security - mainly technical measure ‘TM02’. This technical measure calls on the relevant authorities in EU Member States to ensure and evaluate the implementation of security measures in existing 5G standards (3GPP specifically) by operators and their suppliers.

"Explore the needs and possible modalities for further strengthening of collaboration among relevant actors identified in the Toolbox (relevant authorities, operators, suppliers and critical infrastructure operators) for knowledge building, experience sharing and joint work in the area of implementation of technical security measures from 5G specifications."

The aim of the report is to help national and regulatory authorities to better understand the standardisation environment pertaining to 5G security, 3GPP security specifications and key security controls that operators must implement to secure 5G networks.