Search

CISA Proposes Five-Step Process to Become 5G Operational

June 14, 2022

Takeaway: Federal agencies will need to consider the five-step assessment process to get authorization from CISA before operating with 5G technology.

As the adoption of 5G technology by many private and public organizations approaches, assessments are being put in place to evaluate whether federal agencies can operate with 5G technology. Regulation agencies in cybersecurity teamed up to create a security assessment that grants authorization to agencies in order to use 5G technology.

Specifically, CISA – with the Department of Homeland Security’s Science and Technology Directorate and the Department of Defense’s Office of the Under Secretary Defense for Research and Engineering (OUSD R&E) – proposed a five-step assessment process.  This process was derived from scientific research and security analyses.

So, what are the five steps of assessment an agency must meet to acquire authorization?

Step 1: Define the Federal 5G Use Case – this step involves describing what the intended use for the 5G technology is and whether there is a federal use component as well as providing details about the proposed 5G model.

Step 2: Identify the Assessment Boundary – this step involves defining the boundary to identify the security requirements that will be implemented to protect networks.

Step 3: Identify Security Requirements – this is a multi-step that includes conducting a high-level threat analysis of each 5G subsystem and identifying cybersecurity requirements.

Step 4: Map Security Requirements to Federal Guidance – this step involves the creation of a catalog of federal security guidance that corresponds to the technologies included in the assessment boundary and implied security capabilities from Step 3.

Step 5: Assess Security Guidance Gaps & Alternatives – this is an evaluation step that tests the effectiveness of implementation.

The purpose of this five-step assessment is to provide federal agencies with a standardized and comprehensive process to evaluate and address security assessment gaps.  CISA views this assessment process as essential for new federal 5G implementations.  In accordance with this process, the networks of federal agencies reliant on 5G technology will be protected from cybersecurity attacks.

To read CISA’s 5G Security Evaluation Process Investigation in full, visit: https://www.cisa.gov/sites/default/files/publications/5G_Security_Evaluation_Process_Investigation_508c.pdf

News & Events

Related News

Pietragallo Welcomes Back Anthony Sarafino “Fino” Caliguire
April 7, 2025
We are pleased to announce Fino Caliguire has rejoined Pietragallo’s Pittsburgh Office! Fino brings with him a wealth of civil litigation experience, with a primary focus on commercial litigation matters, including breach of government contracts, vendor disputes, internal LLC member disagreements, defending employee class actions, handling insurance bad faith claims, and enforcing restrictive covenants. Read More
Marc S. Raspanti to Co-Host Roundtable for American Bar Association Criminal Justice Section Qui Tam Subcommittee
April 4, 2025
On April 10, in Miami, FL, partner Marc S. Raspanti will be co-hosting “False Claims Act Enforcement Roundtable” for the American Bar Association Criminal Justice Section Qui Tam Subcommittee. Read More
View More News & Events