5G industry news Security

Proposal for new telecoms security regulations and code of practice

  • 3 minute read
  • Published by Crispin Moller on 13 Apr 2022
  • Last modified 19 Apr 2022
The government is consulting on proposals for new regulations and a code of practice to improve the security and resilience of public telecoms networks and services.

This consultation closes at
11:45pm on 10 May 2022

Consultation description
The Telecommunications (Security) Act 2021 provided the government with new powers to make security regulations and issue codes of practice. The government is now proposing to use those powers to help secure the UK’s public telecoms networks and services.

The UK is becoming ever more dependent on such networks and services. The increased reliance of the economy, society and critical national infrastructure (CNI) on public telecoms networks and services means it is important to have confidence in their security. As the value of our connectivity increases, it becomes a more attractive target to cyber attackers. It is important to make sure that our networks and services are secured in this evolving threat landscape.

The government is therefore consulting on proposals for new regulations and a code of practice that are intended to address security risks to public telecoms networks and services. This process meets the statutory requirement for the government to consult with affected parties before issuing a code of practice, under section 105F of the Communications Act 2003 (inserted by the Telecommunications (Security) Act 2021). This consultation seeks informed views from Ofcom, providers of public networks and services, as well as those who may have experience in these matters on the proposals within the draft code of practice, which has been published alongside this document. As the regulations will be the first to be issued under the new telecoms security framework, the government has also decided to consult on the draft regulations. The closing date for responses to the consultation is 11:45pm on 10 May 2022.

Please send responses to the questions contained in the consultation to security.framework.consultation@dcms.gov.uk

The impact assessment accompanying this consultation will be updated for the findings of a cost survey and published alongside the final regulations and code of practice. Details of the cost survey are included in the consultation document, and a plain copy of the full survey is listed below.

The National Cyber Security Centre has recently published its Vendor Security Assessment, which is referenced in the draft code of practice.

Telecoms security: proposal for new regulations and code of practice html

Draft Telecommunications Security Code of Practice PDF

The Electronic Communications (Security Measures) Regulations 2022 PDF

Draft Electronic Communications (Security Measures) Regulations: impact assessment PDF

Telecommunications (Security) Act: business impact survey PDF

This file may not be suitable for users of assistive technology.  Request an accessible format