5G Security News

NSA and CISA Release Part III of Guidance on Securing 5G Cloud Infrastructures

Photo of Marin Ivezic Marin IvezicDecember 2, 2021
1 minute read
NSA CISA Securing 5G

The US National Security Agency (NSA) and the Cybersecurity and Infrastructure Security Agency (CISA) recently released the first of a four part series titled Security Guidance for 5G Cloud Infrastructures. This series of four action-oriented documents is intended to provide guidance on how to move toward zero trust in support of securing 5G. It’s been created as a joint industry and government effort with the support of several large contributors through the NSA’s Enduring Security Framework (ESF).

This third release in the series is titled Security Guidance for 5G Cloud Infrastructures – Part III: Data Protection [PDF] with the focus on ensuring that network and customer data is secured during all phases of the data lifecycle (at–rest, in transit, while being processed, upon destruction).

The guidance covers:

  • The Platform must support confidentiality and integrity of data at–rest, in–transit, as
    well as related metadata.
  • The Platform must support confidentiality and integrity of processes and restrict
    information sharing with only authorized parties (e.g., tenant).
  • The Platform must support confidentiality and integrity of process–related metadata
    and restrict information sharing with only authorized parties (e.g., tenant)
  • The Platform must support confidentiality and integrity of workload resource
    utilization (RAM, CPU, Storage, Network I/O, cache, hardware offload) and restrict
    information sharing with only authorized parties.
  • The Platform must not allow memory inspection by any actor other than the
    authorized actors for the Entity to which Memory is assigned (e.g., tenants owning the
    workload), for Lawful Inspection, and by secure monitoring services

For more information see the release on the CISA website: https://www.cisa.gov/uscert/ncas/current-activity/2021/12/02/nsa-and-cisa-release-part-iii-guidance-securing-5g-cloud

The guidance is available here [PDF]: Security Guidance for 5G Cloud Infrastructures – Part III: Data Protection

All the guidance papers and other useful information will be available at the CISA’s 5G Security and Resilience page or at the NSA’s Enduring Security Framework (ESF) page.

Avatar of Marin Ivezic
Marin Ivezic
Website | Other articles

For over 30 years, Marin Ivezic has been protecting critical infrastructure and financial services against cyber, financial crime and regulatory risks posed by complex and emerging technologies.

He held multiple interim CISO and technology leadership roles in Global 2000 companies.

Photo of Marin Ivezic Marin IvezicDecember 2, 2021
1 minute read

Related Articles

Germany 5G Security

Germany Will Define Its Own Security Standards for 5G Security

March 12, 2019
Vodafone Portugal 5G

Vodafone’s 5G network in Portugal hit by cyber-attack

February 8, 2022
NSA CISA Securing 5G

NSA and CISA Release Part I of Guidance on Securing 5G Cloud Infrastructures

October 28, 2021
European Parliament

European Parliament adopted the report on the security and defence implications of China’s influence on critical infrastructure in the European Union

January 18, 2024
© Copyright 2024, All Rights Reserved Marin Ivezic
Back to top button
Share via
Facebook
X (Twitter)
LinkedIn
Mix
Pinterest
Tumblr
Skype
Buffer
Pocket
VKontakte
Parler
Xing
Reddit
Line
Flipboard
MySpace
Delicious
Amazon
Digg
Evernote
Blogger
LiveJournal
Baidu
MeWe
NewsVine
Yummly
Yahoo
WhatsApp
Viber
SMS
Telegram
Facebook Messenger
Like
Email
Print
Copy Link
Powered by Social Snap
Copy link
CopyCopied
Powered by Social Snap