TCCA Issues New Whitepaper on Physical Security for Critical Communication Infrastructure

This new white paper discusses legal and regulatory aspects relating to the physical security of the telecommunications infrastructure used for critical communication services

At telecommunications conferences around the world, there is increasing visibility of and debates around cybersecurity – protecting the networks from digital attacks. Yet there should also be emphasis on the security of the physical infrastructure. A new white paper from TCCA’s Legal and Regulatory Working Group (LRWG) aims to focus the attention of critical communications providers to the importance of the issue – with the goal of catalysing the creation of a global standard for the physical security of infrastructure supporting critical communications.

Why is this important now? Because most of the current critical communication networks using technologies as TETRA, Tetrapol and P25, are owned and operated by the state, and their physical security is assured by the state to the extent deemed necessary. However, the emerging use of commercial mobile operator (MNO) networks to support broadband critical communications, particularly as Radio Access Networks, is changing the operating model.

The physical security of these network elements is of paramount importance, but it is debatable whether the measures that MNOs are currently adopting in this regard are sufficiently robust and fit for purpose.

“There is no universally agreed definition of what ‘good’ looks like with respect to physical security of infrastructure for critical communications,” said Nina Myren, LRWG chair and TCCA Board member representing DSB Norway. “Different countries may have different ambitions and needs, depending on the evolving threat picture and resources, including finances, available. We hope this white paper will stimulate discussions that will ultimately lead to an agreed regulatory baseline that all nations must agree to meet.”

The white paper looks at the measures in place in several countries around the world in the context of their approach to broadband critical communications. In order to create greater cohesion, the paper identifies two potential approaches: impose security obligations through legislation/regulation; or rely on provisions in the contract between the critical communications operator and the MNO/infrastructure provider. The LRWG’s assessment is that while each approach has advantages and disadvantages, a combination of the two would serve the interests of the critical communication services best.

Though new legal/regulatory obligations on physical security may increase the costs and burden of compliances for MNOs/infrastructure providers, it would have a salutary effect due to the improved  security and resilience of the network, which is being increasingly sought by consumers, particularly business customers.

The white paper ‘Legal and Regulatory aspects relating to the physical security of telecommunications infrastructure used for critical communication services’ can be read here