When building critical infrastructure, diversity of suppliers is a significant risk factor. The problems of removing Huawei from the UK network (probably a decade’s worth of work) show what over reliance on a single vendor can lead to…:
[…] The 5G Toolkit recommends that each member state adopts a multivendor strategy to avoid or limit any major dependency on a single supplier (or suppliers with a similar risk profile), especially those deemed to be high risk. The Report finds that progress is urgently needed to mitigate the risk of member state dependency on single suppliers, as well as suppliers that are deemed to be high risk. The Report finds that there is a high degree of dependency in six countries and a medium level in eight. In addition, the Report finds that the 14 member states reported as medium/high are exposed to high-risk suppliers. Many member states mention that it is not possible to mandate a multivendor strategy under their existing legislation, so legal changes are needed. Moreover, the Report notes that further analysis is required in many member states to identify the appropriate legal basis to impose obligations in terms of diversification of suppliers.