The National Telecommunications Agency – ANATEL published on January 5, 2021, Act No. 77 on Cybersecurity Requirements for Telecommunications Equipment.

Establish a set of cybersecurity requirements for telecommunications equipment to minimize or correct vulnerabilities through software / firmware updates or configuration recommendations.

In the case of initial certification and homologation of equipment, the homologation application must contain a declaration from the interested party informing which requirements listed in this document the product and its supplier meet.

At any time, through the Market Supervision program, Anatel will be able to assess whether the approved product and its supplier are in compliance with the declaration included in the approval request.

Any cybersecurity flaws identified in approved equipment that affect the safety of its users, providers or the country’s telecommunications networks can be assessed by Anatel, even though the affected feature has not been the subject of the declaration that makes up the approval request.

ACT No. 77 will enter into force in July 2021 and after its validity, all products that have the function of terminal equipment with an Internet connection or of telecommunications network infrastructure equipment must present a declaration by the interested party stating the requirements listed in this document product and its supplier meet.

Access the full document: Act no 77, of January 5, 2021