Ofcom is consulting on new guidance for telecoms providers following the introduction of the Telecommunications (Security) Act 2021. Under this new framework, Ofcom has a duty to ensure providers comply with their security duties. This includes the availability, performance or functionality of the network or service and it gives Ofcom the powers to proactively monitor and enforce these duties.
In the consultation Ofcom sets out the procedures that it proposes it will follow when conducting monitoring and enforcement activities. New proposed guidance is also included that describes the security compromises Ofcom will expect providers to report to them.
Ofcom is also consulting on proposals to update its existing guidance on network resilience to reflect the new framework, along with draft regulations and a Code of Practice, which the UK Government is currently consulting on.
Ofcom is requesting responses to the consultation by 17 May 2022 and plans to issue final procedures and guidance in Autumn 2022. CREST would urge its members who are involved in the supply of services to the telecommunications sector to support Ofcom’s efforts to consult on these proposals. You can either respond direct here: https://www.ofcom.org.uk/__data/assets/pdf_file/0028/233578/Consultation-on-Ofcoms-s105A-Z-statement-of-policy-and-guidance.pdf or you can send your comments to [email protected] to be included in CREST’s response.