EU Continues Efforts to Enhance 5G Network Security: A Look at Progress Report

The European Commission, in collaboration with EU Member States and ENISA, releases an update on the advancement of the EU Toolbox implementation on 5G cybersecurity. The report details the adoption of legislative measures by member states, the risks posed by specific 5G suppliers, and the importance of swift implementation to ensure robust cybersecurity
EU Continues Efforts to Enhance 5G Network Security: A Look at Progress Report

The European Union, along with its Member States and ENISA, the EU Agency for Cybersecurity, have presented the second progress report concerning the ongoing implementation of the EU Toolbox on 5G cybersecurity. This report not only reflects the efforts made since the inception of the project but also encompasses several recommendations outlined in the Special Report by the European Court of Auditors issued in January 2022. In parallel to the progress report, the Commission has also endorsed a Communication, serving as a complement to the report, which elaborates on the application of the toolbox by the Member States and within the EU’s internal communication and funding activities.


The progress report emphasizes strategic measures that have been initiated, particularly focusing on the enforcement of restrictions on high-risk suppliers. Currently, 24 Member States are either in the process of or have already adopted legislative measures that provide national authorities with the power to assess and issue restrictions on suppliers. Out of these, ten have already implemented such restrictions, and three are engaged in facilitating the enactment of the relevant national legislation. Given the importance of the connectivity infrastructure for the digital economy and the dependence of many critical services on 5G networks, it is essential that the Member States expedite the complete implementation of the Toolbox without delay.

The Commission’s Communication brings to light, strong concerns about the risks posed by specific mobile network communication equipment suppliers to the security of the Union. The Commission considers that decisions adopted by Member States to restrict or exclude Huawei and ZTE from 5G networks are justified and compliant with the 5G Toolbox. The Communication indicates that, based on a broad spectrum of available information, the Commission considers that Huawei and ZTE represent materially higher risks than other 5G suppliers.

The Commission underscores that the security of 5G networks is a top priority, serving as an essential component of its Security Union Strategy. As those networks are central to infrastructure, they provide the bedrock for a wide range of services essential for the functioning of the internal market, as well as the maintenance and operation of vital societal and economic functions. The issue of 5G network security is pivotal to the Union’s sovereignty, strategic autonomy, and resilience.

The Commission also appeals to Member States that have yet to adopt the Toolbox, urging them to enact relevant measures as recommended in the EU Toolbox, to effectively and promptly address the risks posed by the identified suppliers.

As part of its corporate cybersecurity policy, the Commission will implement measures to avoid exposure of its corporate communications to mobile networks that use Huawei and ZTE as suppliers. Moreover, it will take relevant security measures to avoid procuring new connectivity services that rely on equipment from those suppliers and will work with Member States and telecom operators to ensure these suppliers are gradually phased out from existing connectivity services at Commission sites.

The second progress report reflects that a vast majority of Member States have reinforced or are in the process of bolstering security requirements for 5G networks based on the EU Toolbox. However, despite the progress made, the report acknowledges that this situation creates a clear risk of persisting dependency on high-risk suppliers in the internal market, potentially leading to serious negative impacts on security for users and companies across the EU and the EU’s critical infrastructure.

The EU Toolbox on 5G cybersecurity, published in January 2020 by Member States’ authorities with the support of the Commission and ENISA, aims to mitigate risks related to the cybersecurity of 5G networks. The first report on Member States’ progress was published in July 2020. Many Member States had already adopted or were well advanced in the preparation of more advanced security measures for 5G cybersecurity.


Recent Content

COAI has endorsed MeitY’s move to address spam and scam communication from OTT apps. While telecom operators follow strict UCC rules, OTT platforms remain loosely regulated. COAI is advocating for uniform cybersecurity standards and clear regulatory roles to ensure user safety, particularly with emerging threats like steganography.
The Open Compute Project (OCP) has launched a centralized AI portal offering infrastructure tools, white papers, deployment blueprints, and open hardware standards. Designed to support scalable AI data centers, the portal features contributions from Meta, NVIDIA, and more, driving open innovation in AI cluster deployments.
In 2025, data centers are at the forefront of AI innovation, balancing the explosive growth of AI workloads with urgent sustainability goals. This article explores how brownfield and greenfield developments help operators manage demand, support low-latency AI services, and drive toward net-zero carbon targets.
A focus on efficiency and cost-cutting, often driven by “bean counters” and “time and motion” experts, stifles innovation and leads to job losses, mirroring the current AI discourse. Overemphasis on efficiency, like the race to the bottom, can ultimately harms everyone except the initial beneficiaries. For example, distributed energy where building new infrastructure and expanding into new sectors, like solar, generates jobs in manufacturing, installation, and new industries. Instead of solely fearing job displacement, we should prioritize investment in innovation, education, entrepreneurship, and just transition policies to create a future where progress benefits all through job creation. I advocate for strategic investment to build the future, instead of just shrinking the present.
Legacy broadband networks are struggling to meet today’s demands. Open architectures — modular, interoperable, and standards-based — are revolutionizing broadband by promoting flexibility, cost-efficiency, and faster innovation. Learn how service providers can leverage open broadband strategies to scale, improve customer experiences, and build resilient, future-proof infrastructures ready for the digital economy.
Batelco by Beyon and Nokia are partnering to launch Bahrain’s first private 5G network at Aluminum Bahrain (Alba). The network will drive smart manufacturing through real-time monitoring, automation, and AI-driven analytics—paving the way for Alba’s digital transformation and advancing Bahrain’s Industry 4.0 strategy.
Whitepaper
As VoLTE becomes the standard for voice communication, its rapid deployment exposes telecom networks to new security risks, especially in roaming scenarios. SecurityGen’s research uncovers key vulnerabilities like unauthorized access to IMS, SIP protocol threats, and lack of encryption. Learn how to strengthen VoLTE security with proactive measures such as...
Whitepaper
Dive into the comprehensive analysis of GTPu within 5G networks in our whitepaper, offering insights into its operational mechanics, strategic importance, and adaptation to the evolving landscape of cellular technologies....

It seems we can't find what you're looking for.

Download Magazine

With Subscription

Subscribe To Our Newsletter

Scroll to Top