Federal government officials warned about the risks and challenges of rolling out 5G wireless networks – particularly in terms of the threat China poses in its global advancement of 5G – and emphasized that use of public-private partnerships in developing America’s vision for 5G networks will be critical for ensuring network security and staying internationally competitive.
Bill Evanina, director of the Office of the Director of National Intelligence’s National Counterintelligence and Security Center, emphasized at the April 16 INSA Spring Symposium that if the United States doesn’t step up the pace in 5G development now, China will own the global apparatus for 5G service in the near future.
“How we drive, build, moderate, and I’ll even say govern 5G, for me, has significant national security implications that if we don’t deal with this now, 10 years from now it’s going to be too late,” Evanina said. “Three years from now, it’s going to be too late.”
John Costello, director of the Cybersecurity and Infrastructure Security Agency’s National Counterintelligence and Security Center, detailed several categories of national security risk that the U.S. faces on the 5G front, particularly in terms of 5G in relation to internet of things (IoT) devices. These were the risks of disruption, espionage or compromise, and ecosystem.
“Going forward, you see the sheer number of devices,” Costello said. “Yeah, they’re going to be there, and … there’s both the enterprise risk of protecting your IoT devices and the manufacturer risk of, you know, vulnerability compromise. … We have to make sure that that ecosystem is ready and prepared.”
But going forward, Evanina said it’s feasible for America to prevent China’s 5G domination by creating a “perfect public-private partnership” to define what 5G will be in the United States and to drive “hard telecommunication processes of which everything will prosper.”
Costello added that a key component will be in ensuring the government has a specified set of risk criteria for assessing potential vendor partners.
“We want to make sure that we have a proper set of risk criteria by which we identify a high-risk vendor, and we have a slate of options by which we would mitigate risk, whether … tactical level when they’re working in private industry or whether it is their presence in certain sections of this critical infrastructure” Costello said. “We don’t want to continue playing the tactical game. … We want to play the long game where we have a more productive conversation … about high-risk vendors in our supply chain.”