5th Senate Security Forum: Secure 5G and Cyber Security
February 2020
Washington DC
Senator James Inhofe Chair of SASC:
Senator Roger Wicker Chair of SCC:
Senator John Boozman
Senator Mike Rounds Chair of Cybersecurity
Congressman Jim Banks
Congressman Robert Aderholt
Congressman Lance Godeen
Congressman Randy Hultgreen
Congressman Bob McWeen
General Jim Jones Former NATO Allied Comander and 22nd National Security Advisor:
Chairman Emeritus of Atlantic Council
State Department
Robert Morgan
Joshua A. Lewis
Fatmir Mediu Former Defense Minister Albania(Organizer with support of Sen Inhofe and his staff)
Participants
1– Vladimir Marinkovic Deputy Speaker of Serbia
2- Ramush Haradinaj Prime Ministers of KOSOVA
3- Antonio Miloshovski Chairman of Foreign Relation Committe and Former Minister of FA of N Macedonia
4- Zoran Jolevski Former Defense Minister of N Macedonia
5- Artan Grubi Chairman of EUROPEAN Committe of N Macedonia Parliament
6- Aloiz Peterle Former Prime Minister of Slovenia
7- Ante Kotromanovic Former Defense Minister of Croatia
8- Ivan Brajovic Speaker of Montenegro Parliament
9- Pandeli Majko Former PM and Former Minister of Defense. Seating Minister
10- Tsvetan Tsvetanov Former Minister of Interior of Bulgaria
11- Bisera Turkovic Minister of FA of Bosnia& Herzegovina
12- Dalibor Milos Bosnians Herzegovina
13- Vjekoslav Vukovic Presdient of Foreign Trade B&H
14- Tatjana Telic B&H Republic of Serbska
15- Cristian Tehres EU member of parliament for Rumanian
16- Albert Weiler Member of German Bundenstag
17- Paul Sausman EU Commission
18- Joseph Hoechtl F/Member of Parliament Austria
19- Cathy Wagndall Memeber of parliament of CANADA
20- Rachael Harder MP Canada
21- Frank Heinrich MP Bundestag Germany
22- George Tsereteli President of OSCE PA
23- Roberto Montella Sec General of OSCE PA
24- Branimir Gvozdenovic Deputy Speaker of Montenegro Parliament
25- Halim KOSOVA Fromer MP Albania
26- Armend Zemaj MP Kosovo
27- Besian Mustafa MP Kosovo
28- Slobodan Petrovic MP Kosovo
29- Obrad Kesic DC
30- Bob McEwen F/Member of Congress Director of CNP
31- Ardian Shtuni DC
32- Andy Braner Asistant of Cong Jeff Fortenberry
33- Uran Ismajli MP Kosovo
34- Vilhelm Junnila MP Finland
35- Áron GIRÓ-SZÁSZ, Prime Ministerial Commissioner (State Secretary in the Prime Ministry)
36- Aleksander Damjanovic MP Montengro
37- Zoran Lazarov Asistant of Interior Minister Serbia
38- Carlton Deal Belgium
39- Fatmir Mediu F/Defense Minister(ALBANIA)
Countries Represented:
1-USA:2Canada:3Germany:4Danimark:5Georgia): 6Finland: 7Hungary:8Rumania:9Belgium: 10Slovenia: 11Croatia: 12BULGARIA: 13Serbia: 14Bosnia&Herzegovina:15Kosovo:16Albania:17 North Macedonia:18-UAI:19-Montenegro:
Policy Paper
1. Secure 5G
Taking into account that secure fifth-generation networks (5G) will be vital to both future prosperity and national security, and considering that decisions made about fourth generation wireless communications networks (4G) will have serious implications for future 5G deployments, our countries declare our desire to strengthen our cooperation on 4G and 5G. 5G will enable a vast array of new applications, including the provision of critical services to the public, which will benefit our citizens and our economies. Increased amounts and pervasiveness of data on 5G networks will further interconnect the economies of the world, including the United States, Canada, EU and Balkan countries, and facilitate cross-border services and commerce. As NATO allies, and aspiring ones, we do understand that using 5G networks developed by untrusted vendors could jeopardize military interoperability and intelligence-sharing opportunities. Protecting these next-generation communications networks from disruption or manipulation and ensuring the security, privacy, and individual liberties of the citizens of our countries are vital to ensuring our people can take advantage of the tremendous economic opportunities that 5G will enable.
Therefore, we do recognize the statement from the Chair of the Prague 5G Security Conference – the “Prague Proposals” – as an important step toward developing a common approach to 5G network security and ensuring a secure, resilient, and trustworthy 5G ecosystem. The Prague Proposals emphasize the need to develop, deploy, and commercialize 5G networks based on the foundation of free and fair competition, transparency, and the rule of law.
Our countries emphasize the importance of encouraging the participation of reliable and trustworthy suppliers and service suppliers in 4G and 5G markets and promoting frameworks that encourage maximum efforts to protect 4G and 5G networks from unauthorized or malign access or interference.
We further recognize that 4G and 5G suppliers should provide products and services that enable innovation and promote efficiency. These products and services should also enable fair competition and encourage downstream development by the maximum number of market participants.
We do believe governments have a shared responsibility to undertake a careful, balanced evaluation of 4G and 5G component and software suppliers and the 4G and 5G technology supply chain in an effort to promote a secure and resilient 5G architecture. A rigorous evaluation of suppliers should include the following elements:
1) Whether suppliers are subject, without independent judicial review, to control by a foreign government;
2) Whether network suppliers and service providers are financed openly and transparently using standard best practices in procurement, investment, and contracting;
3) Whether network service suppliers have transparent ownership, partnerships, and corporate governance structures;
4) Whether suppliers exemplify a commitment to innovation and respect for rule of law and intellectual property rights; and
5) Security and risk assessments of suppliers and network technologies should take into account the rule of law; the security environment; vendor ethics malfeasance; vendor independence from government influence; and compliance with secure standards and industry best practices to promote a vibrant and robust supply of products and services.
We are convinced that it is critical for countries to avoid untrusted information and communications technology in existing networks and transition to trusted ones. Such efforts will not only improve national security, but also provide opportunities for private sector innovators to succeed under free and fair competition and benefit our respective digital future.
2. Cybersecurity
This century’s challenges require cross-sector cooperation and solutions to protect each country’s critical infrastructure – energy, public administration, defense, telecommunications, health, banking and finance, transportation, retail, and others – this is absolutely essential.
As an example in the Energy Sector, the rate of cyber incidents for “operational technology” and the “industrial internet of things” is rapidly rising and represents serious risks. Unlike Information Technology cybersecurity – which centers around protecting confidentiality, data, and privacy – cybersecurity for Operational Technology is focused on protecting people, processes, operations and highly valuable strategic assets. In the Public Administration sector, cybercriminals are holding city governments hostage. For example, in just one US state, multiple ransomware attacks were reported during 2019, and four city governments agreed to pay the ransom demanded in order to regain access to their data and systems.
It is hard to over-estimate the risks ahead in cyber security. Cyber security is not just firewalls, passwords, and network protection. It begins with sound government legislation, followed by thorough policies, robust and continuous training for cyber operations and critical incident responders, assessment and remediation of existing systems, easily understood guidance and expectation-setting from government and industry leadership, collaboration across sectors, and above all, a personal commitment to cyber awareness and protection from everyone. The best firewalls and network protection in the world can be easily defeated by a “cyber mistake” by a single individual.
3. Foreign Investment Security Risk (CFIUS)
We all believe firmly in the benefits of an open investment policy and FDI, but our countries must ensure that we also have the legislative tools in place to protect our national security as well. The steps taken by the United States to modernize the Committee for Foreign Investment in the U.S. through the Foreign Investment Risk Review Modernization Act of 2018 are commendable. When it comes to foreign investment, establishing a formal investment review mechanism similar to CFIUS with whole of government input is vital to protect our countries’ critical infrastructure, critical technology, and sensitive personal data from malign influence arising from certain foreign investments and real estate transactions.
Leave a Reply