Security Experts:

Connect with us

Hi, what are you looking for?


Management & Strategy

CISA Details Strategy for Secure 5G Deployment

The U.S. Department of Homeland Security’s (DHS) Cybersecurity and Infrastructure Security Agency (CISA) has published details on its strategy for the secure deployment of 5G networks within the country.

The U.S. Department of Homeland Security’s (DHS) Cybersecurity and Infrastructure Security Agency (CISA) has published details on its strategy for the secure deployment of 5G networks within the country.

The fifth-generation (5G) of wireless technology is expected to bring numerous benefits, including higher data rates, low latency, and high network capacity, thus allowing for advancements in fields such as smart cities, autonomous vehicles, and much more.

Initially, 5G will operate on a non-standalone (NSA) network, but should transition to standalone (SA) 5G within several years, allowing users to take full advantage of the benefits the technology brings along.

“5G networks and future communications technologies (e.g., SDN, network slicing, edge computing) will transform the way we communicate, introducing a vast array of new connections, capabilities, and services. However, these developments introduce significant risks that threaten national security, economic security, and impact other national and global interests,” CISA says.

Last year, over 30 countries developed The Prague Proposals, a document that identifies recommendations on 5G roll-out, which the US used to develop the National Strategy to Secure 5G, a document that details the manner in which the U.S. will secure 5G infrastructure domestically and abroad.

CISA’s own 5G strategy aligns with this document, providing information on five strategic initiatives aimed at ensuring that secure and resilient 5G infrastructure is being deployed.

“Each of the strategic initiatives address critical risks to secure 5G deployment, such as physical security concerns, attempts by threat actors to influence the design and architecture of the network, vulnerabilities within the 5G supply chain, and an increased attack surface for malicious actors to exploit weaknesses,” the agency explains.

The five strategies are centered around the development of 5G policy and standards, increasing awareness on 5G supply chain risks and promoting security measures, securing existing infrastructure to pave the way for future 5G deployments, encouraging innovation to foster trusted 5G vendors, and analyzing use cases and detailing risk management strategies.

Each with its own set of objectives, these strategies are meant to ensure that threat actors won’t be able to influence 5G networks at an architectural level, that vulnerabilities at the supply chain level are prevented or addressed, that 5G deployments are secure, that there are enough vendors in the 5G marketplace to ensure competition, and that any security issues introduced by 5G are understood.

“With increased capabilities like faster download speeds and ultra-reliable connectivity, 5G networks will spark an industrial revolution that will enable the development of many new and enhanced services like autonomous vehicles, smart cities, augmented reality, and remote surgery. Given the potential for various applications and reliance of the network for future infrastructure, the stakes for safeguarding the network against these vulnerabilities could not be higher,” CISA concludes.

The agency, which says it will focus on ensuring that established critical infrastructure sector partnerships will be used for 5G deployments, also published an infographic to help easily understand the benefits and risks associated with 5G.

Related: GTP Vulnerabilities Expose 4G/5G Networks to High-Impact Attacks

Related: Compromised by Connection: 5G Will Unite Cities and Also Put Them at Risk

Related: Securing a Connected Future: 5G and IoT Security

Written By

Ionut Arghire is an international correspondent for SecurityWeek.

Click to comment

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Join this webinar to learn best practices that organizations can use to improve both their resilience to new threats and their response times to incidents.


Join this live webinar as we explore the potential security threats that can arise when third parties are granted access to a sensitive data or systems.


Expert Insights

Related Content

Application Security

Cycode, a startup that provides solutions for protecting software source code, emerged from stealth mode on Tuesday with $4.6 million in seed funding.

Management & Strategy

SecurityWeek examines how a layoff-induced influx of experienced professionals into the job seeker market is affecting or might affect, the skills gap and recruitment...

Risk Management

The supply chain threat is directly linked to attack surface management, but the supply chain must be known and understood before it can be...


Twenty-one cybersecurity-related M&A deals were announced in December 2022.

Management & Strategy

Industry professionals comment on the recent disruption of the Hive ransomware operation and its hacking by law enforcement.

CISO Strategy

Cybersecurity-related risk is a top concern, so boards need to know they have the proper oversight in place. Even as first-timers, successful CISOs make...

CISO Strategy

SecurityWeek spoke with more than 300 cybersecurity experts to see what is bubbling beneath the surface, and examine how those evolving threats will present...

Mobile & Wireless

Infonetics Research has shared excerpts from its Mobile Device Security Client Software market size and forecasts report, which tracks enterprise and consumer security client...