Skip to navigation Skip to main content Skip to footer

Preparing for the Telecommunications (Security) Act

Define and prioritise your compliance and cyber resilience objectives

Don’t miss your compliance deadline

The finalised Telecommunications security Code of Practice (COP) has been published and you may be aware of the changes that you need to make to comply to the Act; but you’re concerned about the time, expertise and resources needed. Or you may be starting from scratch.

Whatever your situation, NCC Group is here to help.

We’ve been working closely with our telecommunications clients, the regulator (Ofcom) and the wider telecommunications ecosystem to help prepare all parties for the roll out of this once in a lifetime shift in cyber security compliance.

Our helpful reference materials break down what the new laws mean in reality for Tier 1, 2 and 3 operators as well as those who are in the wider telecommunications supply chain.

We help simplify the TSA for you and explain not only what’s required but how achieving compliance proactively can be your competitive differentiator, act as an impetus for modernisation and create efficiencies across your operations.

Timeline and impact tiers outlined by Ofcom

  • Tier 1 providers (those with annual revenue over £1bn) must implement the first batch of requirements by March 31, 2024.
  • Tier 2 providers (with annual revenue over £50m) have another year, until March 31, 2025, except if they supply any part of their network or service to a Tier 1 provider, and for that part of their network and service, they need to work to the requirement deadlines of the Tier 1 provider.
  • Tier 3 providers, including small businesses and micro enterprises, are not expected to follow the measures in the Code, except for networks or services they supply to higher tier providers. However, they may choose to adopt the measures included within the Code of Practice where these are appropriate and proportionate to their operation.

Important! These requirements and deadlines affect not only the providers but their suppliers, too. That means if you supply equipment or services to Tier 1 and Tier 2 providers, the clock is ticking for you, as providers will need to address measures related to their supply chain. 

Download your compliance roadmap

This is the first step you can take to meet your compliance deadline on time. It’ll help you:

  • Understand how the regulation will affect you and what penalties are involved
  • Learn about the key challenges operators are currently dealing with
  • Adopt a proactive approach to TSA compliance and embrace the new opportunities it may create for your business
a mocked-up version of NCC Group's digital Telecoms Security Act guidebook

 

 

Webinar: Securing UK Telecommunications & TSA Key Learnings 

Now that the finalised Telecommunications Security Code of Practice has been published, our latest webinar highlights the key takeaways we've observed under the TSA so far and what’s on the regulatory roadmap ahead.  

You’ll hear how we’re supporting organisations across all three tiers (and suppliers) achieve improved compliance and ultimately realise greater levels of cyber resilience.

We also discuss the current cyber threat landscape for the sector and how to implement Identity Access Management (IDAM) & Privileged Access Management strategies.  

Further reading

How we’re helping the Telecommunications sector

NCC Group’s TSA Cyber Security Review

Our market leading method follows a risk-based approach, defining an appropriate and prioritised programme of activity for assessing cyber maturity within your business.

Our TSA Cyber Security Review can be tailored to your requirements, by understanding the work that your organisation may already be undertaking and focusing on those areas where additional insight is required.

Don’t miss your compliance deadline.