No clarity for operators as government publishes Telecoms Supply Chain Review, but defers decision on Huawei’s inclusion in 5G networks, which Chinese firm found encouraging.
Huawei might well be misreading the signals. One of the reasons for putting off the decision is because Jeremy Wright, Digital, Culture, Media and Sport Secretary, has concerns about the company’s long-term future and viability since it has been in the eye of the storm in Europe and the US.
It has become the focal point of the ongoing trade war between the US and China, and Chinese law that obliges its citizens and corporations to spy on its behalf if told to has caused great concern in many countries.
Hence Wright said the UK was “not yet in a position” to take a definitive decision regarding Huawei’s inclusion or otherwise in 5G networks upon publication of the long-awaited Review.
The Review identified three main causes for concern:
• arrangements so far may have achieved good commercial outcomes but have not incentivised cyber security risk management.
• policy and regulation in enforcing telecoms cyber security needs to be significantly strengthened to address these concerns.
• the lack of diversity across the telecoms supply chain creates the possibility of national dependence on single suppliers, which poses a range of risks to the security and resilience of UK telecoms networks.
To improve the management of cybersecurity risk, its policy and enforcement, the Review recommends establishing a new security framework for the UK telecoms sector, which will be “a much stronger, security-based regime than at present”.
New obligations instead
The foundation for the framework will be a new set of Telecoms Security Requirements for telecoms operators, overseen by Ofcom and government.
These new requirements will be underpinned by a robust legislative framework. Wright said, “We will pursue legislation at the earliest opportunity to provide
Ofcom with stronger powers to allow for the effective enforcement of the Telecoms Security Requirements and to establish stronger national security backstop powers for government.”
Until the new legislation is put in place, government and Ofcom will work with all operators to ensure they stick to the new requirements on a voluntary basis.
They will also have to subject vendors to “rigorous oversight through procurement and contract management” including ensuring vendors abide by the new Telecoms Security Requirements.
Huawei’s view
In response to the findings of the Review, Huawei reacted positively, saying in a statement it “gives us confidence that we can continue to work with network operators to rollout 5G across the UK.
The findings are an important step forward for 5G and full fibre broadband networks in the UK and we welcome the Government’s commitment to ‘a diverse telecoms supply chain’ and ‘new legislation to enforce stronger security requirements in the telecoms sector’.
“After 18 years of operating in the UK, we remain committed to supporting BT, EE, Vodafone and other partners build secure, reliable networks.
“The evidence shows excluding Huawei would cost the UK economy £7 billion and result in more expensive 5G networks, raising prices for anyone with a mobile device.”
Wrong focus
John Strand, CEO of Strand Consult, said his company’s analysis shows that the concerns about Chinese made network equipment is not limited to national governments and the military intelligence operations.
He added, “Nor is the concern confined to telecom operators which build and run networks. It is the small, medium, and large enterprises that use networks which fear that their valuable data will be surveilled, sabotaged, or stolen by actors associated with the Chinese government and military.
“Consequently, it is the clients of telecom operators [that] push to restrict Chinese-made equipment from networks.”