After months of deliberation and consideration, the European Commission has published a report which comes to some fairly obvious conclusions on 5G security.

Jamie Davies

October 10, 2019

2 Min Read
Europe map with network points

After months of deliberation and consideration, the European Commission has published a report which comes to some fairly obvious conclusions on 5G security.

Although few would have expected something substantial from the bureaucrats, the published report seems to offer little to no insight or additional information. Once again, the Brussels brigade is showing how painfully slow progress can actually be.

“Today, Member States, with the support of the Commission and the European Agency for Cybersecurity published a report on the EU coordinated risk assessment on cybersecurity in Fifth Generation (5G) networks,” a statement reads.

“This major step is part of the implementation of the European Commission Recommendation adopted in March 2019 to ensure a high level of cybersecurity of 5G networks across the EU.”

In short, the report comes to a few conclusions:

  • Poor software development process could be a danger

  • Certain pieces of network equipment or functions are becoming more sensitive, base stations for example

  • State-backed threats are the highest concern

  • Telcos are too dependent on a small number of suppliers, some of whom could be considered a security right

  • Threats to communications infrastructure should be considered a security risk

Amazingly, the European Commission has managed to create a 33-page report, which says nothing significant or particularly useful. Everything which has been stated is already known by those paying attention, though we suspect there would be a few politicians who would benefit from reading the report.

So, what does the report actually mean? Nothing for the moment. If anyone was expecting any action will be wildly disappointed, though the European Commission is suggesting member states create action plans to compensate for the increased risk. As you can imagine, there is little rush to complete these action plans, as the European Commission has given a deadline of October 1, 2020.

Every now and then the European Commission reminds us how painful bloc-wide bureaucracy can be, and this report has proven to be an excellent example. At some point in the future, the bureaucrats might create official security guidelines and regulation for member states to follow, though this is unlikely to be done in a timely manner.

You May Also Like