5G Security News

NIST publishes draft of 5G Cybersecurity Practice Guide

National Cybersecurity Center of Excellence (NCCoE) of the U.S. National Institute of Standards and Technology (NIST) just published the second portion of a preliminary draft practice guide for “5G Cybersecurity” – Special Publication SP 1800-33B 5G Cybersecurity – Volume B: Approach, Architecture, and Security Characteristics. This volume is intended for technology, security, and privacy program managers who are concerned with how to identify, understand, assess, and mitigate risk for 5G networks.

This comes 14 months after NCCoE published the first volume in the series: SP 1800-33A 5G Cybersecurity Volume A: Executive Summary.

SP 1800-33B 5G Cybersecurity – Volume B: Approach, Architecture, and Security Characteristics describes example implementations of cybersecurity practices that organizations may voluntarily adopt.

The publication describes a standalone 5G network that NIST’s National Cybersecurity Center of Excellence (NCCoE) is constructing for the purpose of demonstrating 5G cybersecurity capabilities in different situations. Described solutions contain approaches to secure 5G networks through a combination of 5G security features and third-party security controls. It describes technical security capabilities NCCoE enabled in the first phase of this project, and related threats and vulnerabilities.

In this first phase the focus is on addressing known security challenges that existed in previous-generation networks. There are additional security capabilities on the project team’s roadmap that will be incorporated in future project phases.

The public comment period is open through June 27, 2022

SP 1800-33B is available here: https://csrc.nist.gov/publications/detail/sp/1800-33/draft

Avatar of Marin Ivezic
Marin Ivezic
Website | Other articles

For over 30 years, Marin Ivezic has been protecting critical infrastructure and financial services against cyber, financial crime and regulatory risks posed by complex and emerging technologies.

He held multiple interim CISO and technology leadership roles in Global 2000 companies.

Related Articles

Back to top button
Share via
Copy link
Powered by Social Snap