UK broadband and mobile providers are to be required to ensure they comply more tougher security rules to protect telecoms networks from cyber attacks.
New legislation is now in effect that gives the UK Government greater powers to boost the security standards of the UK’s mobile and broadband networks, including the electronic equipment and software at phone mast sites and in telephone exchanges which handle internet traffic and telephone calls. Previously, telecoms providers have been able to set their own security standards, but a government review into the sector found best practices were not always implemented.
The new regulations and code of practice, developed with the National Cyber Security Centre and Ofcom, set out specific actions for UK public telecoms providers to meet security rules. They will improve the UK’s cyber resilience by embedding good security practices in providers’ long term investment decisions and the day-to-day running of their networks and services. New regulations will ensure telecoms providers:
- protect data processed by their networks and services, and secure the critical functions which allow them to be operated and managed
- protect software and equipment which monitor and analyse their networks and services
- have a deep understanding of their security risks and the ability to identify when anomalous activity is taking place with regular reporting to internal boards
- take account of supply chain risks, and understand and control who has the ability to access and make changes to the operation of their networks and services to enhance security
Digital Infrastructure Minister Matt Warman said:
“We know how damaging cyber attacks on critical infrastructure can be, and our broadband and mobile networks are central to our way of life.
“We are ramping up protections for these vital networks by introducing one of the world’s toughest telecoms security regimes which secure our communications against current and future threats.”
NCSC Technical Director Dr Ian Levy said:
“We increasingly rely on our telecoms networks for our daily lives, our economy and the essential services we all use.
“These new regulations will ensure that the security and resilience of those networks, and the equipment that underpins them, is appropriate for the future.”
Secondary legislation to define the regulations is to be introduced to Parliament in the coming weeks after the Telecommunications (Security) Act became law in November 2021, which gave Ofcom new powers to oversee and enforce new rules from October.
Education Secretary praises Trafford and Stockport College Group students’ results 
CDL welcomes new Head of Professional Services 
Bee Network adds Apple Pay Express Mode for more seamless contactless travel