Telecommunications Networks: Addressing Potential Security Risks of Foreign-Manufactured Equipment

Goldstein, Mark L; Halliwell, Heather; Collins, Derrick; Deo, Swati; Dore, Anne; Japikse, Bert; Moessbauer, Sara A; Ormond, Josh; Rosewarne, Amy; Tran, Hai

Telecommunications Networks: Addressing Potential Security Risks of Foreign-Manufactured Equipment

Active / Technical Report | Accesssion Number: AD1178911 |

Open PDF

Abstract:

The network providers and equipment manufacturers GAO spoke with reported taking steps in their security plans and procurement processes to ensure the integrity of parts and equipment obtained from foreign sources. Although these companies do not consider foreign-manufactured equipment to be their most pressing security threat, their brand image and profitability depend on providing secure, reliable service. In the absence of industry or government standards on the use of this equipment, companies have adopted a range of voluntary risk management practices. These practices span the life cycle of equipment and cover areas such as selecting vendors, establishing vendor security requirements, and testing and monitoring equipment. Equipment that is considered critical to the functioning of the network is likely to be subject to more stringent security requirements, according to these companies. In addition to these efforts, companies are collaborating on the development of industry security standards and best practices and participating in information-sharing efforts within industry and with the federal government.

Author(s):

Goldstein, Mark L ; Halliwell, Heather ; Collins, Derrick ; Deo, Swati ; Dore, Anne ; Japikse, Bert ; Moessbauer, Sara A ; Ormond, Josh ; Rosewarne, Amy ; Tran, Hai

Author Organization(s):

United States Government Accountability Office

Funding Organization(s):

United States Government Accountability Office , Washington , DC

Document Type:

Technical Report/Congressional Testimony

Publication Date:

2013 May 21

Pagination:

52

Security Markings

DOCUMENT & CONTEXTUAL SUMMARY

Distribution Code:

A - Approved For Public Release

Distribution Statement: Public Release

RECORD

Collection: TRECMS

Subject Terms

Modernization Areas:

Cyber

Communities of Interest:

Cyber

Descriptor(s):

national security, information systems, trade associations, united states government, 4g wireless networks, commerce, department of homeland security, social media, supply chain integrity, communication networks, computer network security, computers, cyberattacks, cybersecurity, electronic mail, homeland security, law

Subject Categories:

Communications; Mathematical and Computer Sciences

Creation Date:

2022 Aug 31

Update Date:

2022 Nov 07