Network resilience
Modern societies rely on robust, secure and reliable electronic communications networks. The Body of European Regulators for Electronic Communications (BEREC) plays a vital role in supporting national regulatory authorities (NRAs) and operators in strengthening the resilience of Europe’s networks, ensuring continuity of communications in light of possible cyberattacks or other disruptions.
BEREC’s work on network resilience focuses on identifying vulnerabilities, sharing best practices, and promoting coordinated regulatory responses that enhance the overall stability of Europe’s communications infrastructure.
Understanding national resilience in network operations
BEREC’s initial work on network resilience examined how mobile network operators (MNOs) across Europe organise and manage critical security-related functions. Through detailed surveys of NRAs and MNOs, BEREC gathered insights into the organisation of:
- network operations centres;
- cybersecurity or security operations centres;
- fraud management teams; and
- lawful interception functions.
The findings revealed that most MNOs operate these core functions internally within the European Union (EU)/ or European Economic Area, while a smaller number outsource or relocate them. Outsourcing can introduce new risks to national resilience, but these can be mitigated through clear regulatory safeguards and good practices.
BEREC also found varying national legal frameworks governing how operators run their network security functions. BEREC strongly believes that sharing such practices among countries helps NRAs identify effective measures to strengthen national resilience.
Assessing cybersecurity dependencies and challenges
BEREC also conducted an EU-wide survey of NRAs and network operators to better understand current cybersecurity challenges and dependencies affecting the resilience of electronic communications networks.
Emergency power supply and energy resilience
Many NRAs have specific regulations requiring backup power for core or access networks. Operators reported that most core networks are fully equipped with emergency power systems, with growing use of renewable energy sources for backup.
Subsea and satellite connectivity
Subsea cables and satellite networks are essential for maintaining international connectivity and redundancy. While some NRAs regulate subsea cables as critical infrastructure, others are developing crisis management plans and redundancy structures.
Internet exchange points
Although only a few countries have a dedicated national strategy for IXPs, most regulate them under cybersecurity frameworks (such as the NIS Directive), underlining their importance for secure interconnection and data routing.
Implementation of the NIS2 Directive
Operators emphasise the need for the coherent and consistent transposition of the NIS2 Directive across Europe, highlighting opportunities for guidance and training to integrate cybersecurity obligations effectively into operational practices.
This broad data collection enabled BEREC to identify gaps, promote cross-sectoral cooperation (for example between the telecoms and energy sectors), and pinpoint areas for future work on strengthening Europe’s network resilience.
Collaborating through stakeholder engagement
To encourage cooperation and knowledge-sharing, BEREC organises external workshops to bring together regulators, operators and international experts. The external workshops reinforce BEREC’s commitment to facilitating collaboration among stakeholders and promoting a Europe-wide approach to tackle cybersecurity and network resilience issues.
Reports: