National Cybersecurity Center of Excellence (NCCoE) of the U.S. National Institute of Standards and Technology (NIST) just published the second portion of a preliminary draft practice guide for “5G Cybersecurity” – Special Publication SP 1800-33B 5G Cybersecurity – Volume B: Approach, Architecture, and Security Characteristics. This volume is intended for technology, security, and privacy program managers who are concerned with how to identify, understand, assess, and mitigate risk for 5G networks.

This comes 14 months after NCCoE published the first volume in the series: SP 1800-33A 5G Cybersecurity Volume A: Executive Summary.

SP 1800-33B 5G Cybersecurity – Volume B: Approach, Architecture, and Security Characteristics describes example implementations of cybersecurity practices that organizations may voluntarily adopt.

The publication describes a standalone 5G network that NIST’s National Cybersecurity Center of Excellence (NCCoE) is constructing for the purpose of demonstrating 5G cybersecurity capabilities in different situations. Described solutions contain approaches to secure 5G networks through a combination of 5G security features and third-party security controls. It describes technical security capabilities NCCoE enabled in the first phase of this project, and related threats and vulnerabilities.

In this first phase the focus is on addressing known security challenges that existed in previous-generation networks. There are additional security capabilities on the project team’s roadmap that will be incorporated in future project phases.

The public comment period is open through June 27, 2022

SP 1800-33B is available here: https://csrc.nist.gov/publications/detail/sp/1800-33/draft

marin@5g.security | Website | Other articles

Marin Ivezic is a Cybersecurity & Privacy Partner in PwC Canada focused on risks of emerging technologies.