The European Commission has invited government agencies, companies, and other enterprises to submit proposals for cybersecurity solutions for 5G network infrastructure.
The EC noted that investing 176.5 million euros ($181.2 million) worth of grants would improve the infrastructure and tools between the member states and the Commission for cybersecurity cooperation.
“The calls aim to strengthen the cybersecurity of the 5G network infrastructure by supporting secure services and by improving the testing and certification capabilities of tech solutions and services. The respective grants will also support the implementation of the new rules on cybersecurity of network and information systems (NIS2 Directive) into national legislation, as well as the capacity of Security Operations Centers across the EU to collect and share information on cyber incidents” the Commission said.
The aim of this initiative is to “protect, detect, defend and deter cyber-attacks” and “strengthen the cybersecurity resilience and capacity of the EU.” The call for proposals opens on February 15, 2023. Chinese vendors are mentioned as a potential concern in member countries’ decisions to move away from “high-risk vendors.” Politico reported that the European Union intends to reduce the risk posed by Chinese telecom equipment in the 5G networks.
“We are urging member states who have not yet imposed restrictions on high-risk suppliers to do that without delay, as a matter of urgency,” said Margrethe Vestager, executive vice president of the Commission in charge of digital issues, in a press conference.
In 2020, European Commission announced that EU member states had agreed on a set of mitigating measures to address security concerns raised by the deployment of 5G technology. The member states will proceed in a cooperative manner based on an objective assessment of the identified risks and effective measures.
The toolbox addressed all risks identified in the EU coordinated assessment, including the non-technical risks, such as interference from non-EU states or state-backed actors in the 5G supply chain.
Member states agreed to strengthen the security requirements, assess suppliers’ risk profiles, and apply restrictions for high-risk suppliers, including exclusions for the critical and sensitive assets (e.g. core network functions) and strategies for ensuring vendor diversification, in the toolbox conclusions.
“The countries who have put the toolbox in use have done that differently, reflecting that there is a different legacy in different countries, which is exactly as we would expect,” said Vestager. “A number of countries have passed legislation but have not put it into effect. Passing legislation is good – making it work is even better.”