Workshop 2: Security Assurance and Certification for 5G
Security assurance is a means to ensure that network equipment meets security requirements and is implemented following adherence to secure development and product lifecycle processes by suppliers. This assurance is especially important for mobile systems, as they are classified as critical infrastructure in some jurisdictions. The recently mandated EU Cybersecurity Act establishes an EU framework for cybersecurity certification, potentially boosting the cybersecurity of online services and consumer devices. The Cybersecurity Act also creates a framework for European Cybersecurity Certificates for products, processes and services that will be valid throughout the EU. This is a ground breaking development as it is the first internal market law that takes up the challenge of enhancing the security of connected products, Internet of Things devices as well as critical infrastructure through such certificates. The new rules will help people trust the devices they use every day. The certification framework will be a one-stop shop for cybersecurity certification, resulting in significant cost saving for enterprises, especially SMEs that would have otherwise had to apply for several certificates in several countries. Moreover, companies are incentivised to invest in the cybersecurity of their products and turn this into a competitive advantage. This session will help operators to understand the latest developments in security assurance and how certification is likely to impact and benefit 5G.