At a glance.
- The US Department of Defense issues new cybersecurity requirements for contractors.
- The UK approach to Huawei and 5G gets decidedly mixed reviews.
- BT will use Huawei gear in its 4G first-responder network.
The US Defense Department's new cybersecurity requirements for contractors.
The long-anticipated cybersecurity rules the Defense Department wants the Defense Industrial Base have reached their final form: CMMC Model v1.0 will be phased in over the summer of 2020, incorporated into Requests for Proposals and Requests for Information beginning in the third quarter of the present fiscal year. The Defense Department is open to receiving comments on the rules, as Nextgov reports, but in outline the new guidelines establish a five-level system that grows more stringent with the sensitivity of the work a company performs. Previously contractors had been required to attest that they adhered to practices recommended by NIST. The new rules do away with self-assessment, and will require certification by paid, accredited, third-party assessors.
UK decision on Huawei continues to receive mixed reviews.
The China Daily hails the British decision to allow Huawei limited participation in 5G infrastructure, so long as that participation is in non-core, less sensitive peripheral areas, and provided that the company's role is capped at 35%. It's a heartening sign, the outlet says, that Europe won't blindly do the bidding of the Americans. (We note in passing that this week Britain really doesn't count as Europe any more, not in a legal sense, anyway.) The journal Foreign Policy is coldly direct in its assessment: the UK knows it's selling out to China, and its rationale for doing so is incoherent. Foreign Policy thinks the European Union's toolkit for dealing with high-risk suppliers represents a more promising approach than the one pursued by Her Majesty's Government.
BT: 4G's not 5G, so Huawei's just fine here.
How the UK's decision to allow Huawei a restricted role in 5G infrastructure will play out in practice might be foreshadowed by BT's decision to use the Chinese company's hardware to deliver Britain's long-awaited and often-delayed £9 billion Emergency Services Network (ESN). ESN, which is intended to provide communications for first responders, is not, BT points out, a 5G system. The Telegraph quotes a company representative as explaining, "The legislation being proposed, which includes the 35pc cap, relates to 5G and fibre to the premises networks, rather than specific contracts based on our 4G network. As a result, we do not believe there will be any significant impact on our ESN network plans.” Telcos attracted to Huawei prices seem likely to construe the coming legislation as narrowly as possible.