"CISA's NRMC Fighting Unique 5G Security Risks"
The Cybersecurity and Infrastructure Security Agency's (CISA) National Risk Management Center (NRMC) is working to assess and identify security risks for 5G wireless services. Dan Dagher, supply chain risk management initiative lead at NRMC, recently talked about the new security risks 5G poses and what his team is doing to address them. Dagher highlighted the development of policy and standards as a unique security issue presented by 5G. According to Dagher, as 5G technology grows in complexity, there will be harmful influences and standards development that impact the design and architecture of 5G technologies in a way that benefits companies. 5G technologies also present a security risk in the realm of supply chain security. Dagher pointed out that the production of 5G equipment by untrusted parties is expected to lead to the introduction of malicious or negligent vulnerabilities. Even if Information and Communications Technologies (ICT) components are purchased from trusted companies, those companies may have production facilities in overseas areas that could introduce a second or third-tier supply chain risk. 5G systems architecture is intended to improve security, but the growth in the variety of ICT components and use of mission-specific devices like Internet of Things (IoT) devices will increase system architecture complexity, thus leading to the emergence of new vulnerabilities. Dagher said that new tools might not be developed to mitigate these 5G security risks. However, current tools will be modified for 5G technologies. This article continues to discuss the 5G security risks that CISA's NRMC is trying to combat.
MeriTalk reports "CISA's NRMC Fighting Unique 5G Security Risks"