The US National Security Agency (NSA) and the Cybersecurity and Infrastructure Security Agency (CISA) recently released the first of a four part series titled Security Guidance for 5G Cloud Infrastructures. This series of four action-oriented documents is intended to provide guidance on how to move toward zero trust in support of securing 5G. It’s been created as a joint industry and government effort with the support of several large contributors through the NSA’s Enduring Security Framework (ESF).

This final release in the series is titled Security Guidance for 5G Cloud Infrastructures – Part IV: Ensure integrity of Cloud Infrastructure [PDF] with the focus on ensuring that 5G cloud resources (e.g.,container images, templates, configuration) are not modified without authorization.

For more information see the release on the CISA website: https://www.cisa.gov/uscert/ncas/current-activity/2021/12/16/nsa-and-cisa-release-final-part-iv-guidance-securing-5g-cloud

The guidance is available here [PDF]: Security Guidance for 5G Cloud Infrastructures – Part IV: Ensure integrity of Cloud Infrastructure

All the guidance papers and other useful information will be available at the CISA’s 5G Security and Resilience page or at the NSA’s Enduring Security Framework (ESF) page.