Tough new security rules broadband and mobile companies will have to follow to better protect UK networks from potential cyberattacks are due to be brought into force by the government.
The new telecoms security regulations will be among the strongest in the world and will provide much tougher protections for the UK from cyberthreats which could cause network failure or the theft of sensitive data.
The Telecommunications (Security) Act, which became law in November, gives the government powers to boost the security standards of the UK’s mobile and broadband networks, including the electronic equipment and software at phone mast sites and in telephone exchanges which handle Internet traffic and telephone calls.
Currently, telecoms providers are responsible for setting their own security standards in their networks. However, the government’s Telecoms Supply Chain Review found providers often have little incentive to adopt the best security practices.
The new regulations and code of practice, developed with the National Cyber Security Centre and Ofcom, set out specific actions for UK public telecoms providers to fulfil their legal duties in the Act. They will improve the UK’s cyber-resilience by embedding good security practices in providers’ long-term investment decisions and the day-to-day running of their networks and services.
Dan Middleton, VP UK & Ireland at Veeam Software, commented on the announcement: “The telecoms industry holds hugely sensitive data and is responsible for the, often critical, communication of our economy. This is why it’s a welcome move for the DCMS to announce new cybersecurity regulations for the sector, especially as research recently found that 76% UKI businesses suffered at least one ransomware attack in the past year. While previously, telcos were responsible for their own security standards, these new regulations draw attention to the need for more investment into cybersecurity by telco companies and gives Ofcom the right to fine those that fail to comply.”