As global telecommunications infrastructure evolves toward highly distributed, software-defined networks such as 5G, the challenge of managing cryptographic operations in a secure and scalable manner becomes increasingly urgent. The reliance on legacy cryptographic algorithms, which may be vulnerable to emerging threats like quantum computing, exacerbates the risk landscape.
Furthermore, as networks modernize and prepare for the upcoming shift to Quantum-Safe Cryptography (QSC), the first and most essential step for operators is to understand the cryptographic assets currently existing in their systems. Without this foundational knowledge of understanding where cryptography is applied, which algorithms are in use, and the roles they play in securing operations, telecoms operators cannot effectively plan or execute a transition to quantum-safe alternatives.
The Cryptographic Bill of Materials (CBOM) emerges as a key enabler of this visibility. A CBOM serves as a structured inventory that helps telecom operators document their cryptographic footprint across software, hardware, network functions, and interfaces. It provides the baseline needed to identify weak or outdated algorithms, understand dependencies, and plan for future-proofed cryptographic upgrades. In essence, a CBOM becomes the “plan of record” for an organization’s cryptographic infrastructure.
By capturing this information in a machine-readable and standardized form, CBOMs empower telecom operators to feed cryptographic data into risk assessment frameworks, prioritize remediation activities, and ensure crypto-agility, which is the ability to adapt cryptographic implementations as new requirements and threats emerge, particularly during the migration to quantum-safe cryptography.
This paper highlights the critical role CBOM plays in telecom, with a particular focus on 5G networks, and proposes how a standardized CBOM specification can meet these domain-specific challenges. By demonstrating the tangible benefits of CBOM for managing the security posture of complex telecom environments, the report concludes with recommendations to promote CBOM standardization and ensure interoperability across multi-vendor ecosystems.
Download the White Paper
Fill out the form below to access the PDF.