5G-Focused Legislation Aims to Improve Security in Military Telecom Infrastructure – Nextgov

Bipartisan legislation introduced Thursday would direct the Defense Department to pursue calculated moves to refine and secure fifth-generation information and communications technology across its military enterprise.

The DoD 5G Act, crafted by Reps. Rick Larsen, D-Wash., and Mike Gallagher, R-Wisc., calls for the creation of a comprehensive telecommunications security program, spearheaded by the defense secretary, to uncover and diminish vulnerabilities within the department’s systems and infrastructure.

“With the promise of 5G also comes greater risk,” Gallagher said in an announcement unveiling the legislation. “As the Pentagon develops advanced telecommunications capabilities, it should set a clear standard and expectation across the federal government for security and resiliency, from the supply chain on up.”

Outlined in the bill are six specific efforts the agency would be expected to carry out under the secretary’s direction through the security program. They include establishing a means to “clearly and authoritatively” communicate about foreign threats to the agency’s networks and unleashing “independent red-team security analysis” honing in on the department’s multitudes of systems, subsystems, devices and components.

In implementing the program, the secretary and involved officials would also be expected to authenticate the integrity of individuals who support the design fabrication, integration, configuration, documentation and beyond, of noncommercial 5G technology the Pentagon leverages and validate the “efficacy of the physical security measures used” where 5G-focused efforts occur. Under the legislation, Defense’s chief information officer would be mandated to use moderate or high cloud standard baselines, designated by the Federal Risk and Authorization Management Program, or FedRAMP,