Following the Telecommunications (Security) Act 2021, UK government now aims to take the lead in telecoms security provisions, and telecoms providers are invited to respond by the deadline of May 10.
Nick Lowe, VP EMEA at Tufin, Cybersecurity Automation Specialists comments on what this will mean in practical terms for the industry:
"Connectivity is integrated into nearly every element of life, and as critical national infrastructure (CNI) grows increasingly reliant on telecoms networks and services, UK government is consulting on proposals for new regulations and a code of practice that addresses security risks to such networks and services.
"Telecoms businesses will be on the hook, more than ever, to adhere to these new regulations. However, so many organisations typically have no documented security policy for network and cloud access and rely on manual processes, which are risky and non-compliant with corporate policies or industry regulations. These organisations face an increased probability of security breaches, exposing sensitive data and resulting in loss of reputation and costly fines.
"Policy-driven automation of network security policies is a critical solution to maintaining business agility, continuous compliance with industry and internal regulations, and a robust security posture. Businesses that leverage policy-driven automation are able to reduce the likelihood and impact of a successful breach, while passing audits and adhering to internal and external compliance mandates.
"Implementing this technology will be especially critical as the UK government rolls out tighter regulations for companies in the telecoms industry."