The provision of telecommunications networks and services, which can support advanced digital technologies, including 5G, is a matter for the relevant undertakings operating in a fully liberalised market regulated by the Commission for Communications Regulation (ComReg), as independent Regulator.
There are statutory provisions to ensure that operators of networks and services in Ireland take appropriate measures to manage risks to the security of their networks and services, and to guarantee their integrity. These requirements are set out in the European Communities (Electronic Communications Networks and Services) (Framework) Regulations 2011 (S.I. No. 333 of 2011). ComReg is responsible for ensuring compliance with these provisions.
The National Cyber Security Centre (NCSC) in my Department has been reviewing the full spectrum of cyber security risks associated with 5G systems since late 2018. This work will feed directly into the new National Cyber Security Strategy.
In March 2019 the EU Commission published C(2019) Recommendation 2335, setting out an EU Process to jointly assess these risks. Member States have been asked to prepare national assessments and to forward these to the European Commission by end June for collation. The NCSC is working on this matter in close collaboration with other EU Members States and Institutions, ComReg, and the telecommunications industry to ensure that the review is comprehensive and evidence based. This report will be completed shortly.