cyber-security 22 June 2023

EU Member States making progress with 5G rule implementation

The EU has published its second progress report on the implementation of the EU Toolbox on 5G cybersecurity, the objectives of which are to ‘identify a possible common set of measures which are able to mitigate the main cybersecurity risks of 5G networks, and to provide guidance for the selection of measures which should be prioritised in mitigation plans at national and at Union level.’

Top-level findings of the report are that while further progress has been made ‘in the implementation of the key strategic measures of the EU Toolbox…there are still differences in the state of implementation among the various measures and among Member States.’

It notes that, as regard Strategic Measure 1 (SM01) of the ‘toolbox’ – which refers to strengthening the role and powers of national authorities, ‘Measures…are either already implemented or in progress in twenty-four Member States. This points to a substantial increase since the first Progress Report of July 2020, when only six Member States considered this measure as implemented, and fourteen in progress, suggesting that most of the Member States which then reported ongoing or planned implementation have completed it in the meantime.’

As regards SM02, ‘Performing audits on operators and requiring information,’ it says 18 Member States are reported as having implemented the measure, ‘while eight Member States reported the implementation to be in progress or planned.’

It says that in most cases, ‘Member States implement SM02 through the transposition of the EECC [European Electronic Communications Code]. In January 2023, twenty-five Member States have notified the Commission about complete transposition of the EECC.’

https://ec.europa.eu/commission/presscorner/detail/en/ip_23_3309