How CSPs Can Build Trust With 5G Security

The era of 5G means a deeper and different level of security for networks

We are set to undergo a major transformation and soon we will no longer be a global civilization that simply uses networks. Rather, we will become one that runs on them in a fundamental and indivisible way.

When it comes to building a strong relationship with customers, it all boils down to trust. Trust is especially important for the networking industry. For providers, as you earn more trust from customers in connectivity: They are more likely to buy, and keep buying, new services. This will be especially true in the years ahead as we go further into the 5G era. New 5G services targeted at consumers and enterprises continue to arise, which puts trust at an all-time-high because critical business data and reputations are at stake.

Today, building digital trust is vital for most businesses. Taking into account the current COVID-19 pandemic and its substantial socioeconomic implications globally, it’s unsurprising that cybercriminals see this as an opportunity to promote their agendas and strike fear among the masses.

For 5G security operations, establishing trust requires end-to-end optimization without any compromise, from devices and access sites to the cloud edge and network core.

Looking ahead, it is clear that 5G will play a crucial role in the national critical infrastructure. Therefore, securing the supply chain is of national importance. Next-generation networks must be more secure than any of its predecessors. Product security needs to be built in from the start, and not as an afterthought—keeping in mind that the entire network should act as one large, unified sensor to protect infrastructure and services.

Challenges of the 5G Era

As more factories and machines become automated, the risk of IoT attacks increases, from device vulnerability and Botnet Distributed Denial-of-Service (DDoS) attacks to malware, fraud and rogue devices. Recent Industry 4.0 use cases show the trend of devices being connected to an edge network.

With 5G, there will be more networks completing increasingly complex tasks and delivering wider ranges of services than before. A new norm will be network “slicing,” which is essentially virtualization that enables network resources to be shared with third parties. A caveat of end-to-end slices that terminate in private networks is that it increases the attack surface CSPs need to protect. This means that beyond securing the network as a whole, each slice with its distinct requirements also needs to be protected.

Another aspect of security that service providers and enterprises need to consider from a fundamentally different angle is the nature of the services themselves. Typically, most network services tend to remain stagnant post-design, generally operating in isolation from each other—static and siloed. Unlike traditional network services, sliced-based 5G network services are dynamic in quality and can respond to evolving conditions in real-time.

An example is remote worksites with autonomous vehicles that transport people or materials from one location to another. To ensure passenger safety, those vehicles need to be able to respond rapidly to changing conditions, whether it’s avoiding unexpected animals on the road or weather-related hazards. Real-time rapid responses will occur inside the vehicle or in the network. In this case, the vehicles’ onboard sensors and processors work together with the network and control mechanisms in a single, end-to-end ecosystem. That is why it is imperative that security extends across the entire ecosystem and is as flexible and adaptive as the services it is protecting.

Analytics and Automation: The Key Components of Security

As a service provider, you might ask: What does flexible, adaptive, end-to-end security look like in a 5G scenario and how can I build it in from the start? There are a few steps to achieve this:

First, having visibility from the device up through the network and into the cloud. It is important to have the ability to gather, correlate and examine data from one end to the other so that security threats are not missed. With 5G, this essentially means that the entire network becomes a sensor, or a series of sensors, that draws data from various systems and devices to provide a holistic, comprehensive, real-time view for maximum security.

Second, 5G security operations need to be predictive and automated. By combining machine learning, multidimensional analytics and threat intelligence, security operations can:

  • Correlate data from several domains and sources.
  • Identify abnormalities.
  • Present contextual intelligence about threats and weigh business risks.
  • Recommend or enact mitigation steps.

Most threats and attacks are designed to stay undetected for as long as possible, under the nose of the network security operation center or lurking behind the information noise of minor attacks. This makes machine learning and artificial intelligence (AI) vital in security operations, as they can discover hidden malicious activities and trigger countermeasures.

What You Need for Effective Network Security

As networks continue to become more sophisticated, so should their security operations. Firewalls and other simple defenses are important to help stop hackers from accessing the network, but the attacks will inevitably get through.

With 5G networks, it is an open ecosystem with no conventional boundaries and where all kinds of unmanaged third-party devices are connected. As such, strong security operations are required to protect data and infrastructure.

A key ingredient to achieving agile, adaptive and accurate security operations is the inclusion of integrated security workflow automation and orchestration, as it has several capabilities:

  • Privileged access management and analysis of user behavior.
  • Certification and management of digital identities of networks.
  • Machine learning of traffic patterns for threat detection and automated incident responses.

The Four Layers of 5G Security

The thing about security is that while it continues to evolve and improve, these threats eventually adapt, becoming more advanced and persistent. For service providers to engage the market and monetize their network investments to deliver on the new 5G use cases, they will need at-scale end-to-end security performances.

The 5G security approach is unique because it treats the whole network as a sensor. Not only can it integrate and automate security, but it also utilizes data from existing systems to provide a much deeper level of insight. This approach also requires security to be provided at four key layers.

At the foundation level, security must be established for both the service network and the cloud infrastructure. Moving up a level, the infrastructure—which includes software, virtual machines, hardware and devices—should be “trustable.” From there, automated security management and orchestration are in place to provide effortless security across all dynamically shifting elements, with secured sensitive data to provide access control, privacy and regulatory compliance.

At the highest level, security-related intelligence is shared throughout the entire network, among a trusted ecosystem of suppliers, partners and customers to proactively identify and mitigate threats.

Ultimately, there is no room for security to be an afterthought in the rapidly developing 5G era. Security must be established from the start; otherwise, building trust will be a tough obstacle to overcome and that can lead to missed revenue opportunities that 5G brings.

Avatar photo

Gerald Reddig

Gerald Reddig is Nokia’s Global Product Marketing Director for Security, Network Management and SON. He leads the global portfolio marketing efforts for Nokia’s security solutions. He is a member of the broadband forum, directs Nokia´s membership in the IoT Cybersecurity Alliance and steers Nokia´s Security center in Finland. Gerald is on the speaker’s circuit at international conferences and a recognized author on the topics he’s passionate about: cybersecurity technology, data privacy and finding the right solutions to prevent vulnerabilities, hacker trojans or man-in-the-middle attacks.

gerald-reddig has 1 posts and counting.See all posts by gerald-reddig