New technologies in wireless connectivity are spearheading a disruptive wave of digital transformation, which is changing the fundamental ways of business operations. This paradigm shift isn’t just changing how we think about our traditional IT infrastructure, but it is also creating innovative ways of doing business. This is creating new business ecosystems and distributed supply chains where the interactions are not one-to-one but many-to-many relationships between suppliers, vendors, operators, and end-users.
2020 has been year one of a 5-year deployment cycle wherein 5G is moving from applications to major deployments in major cities worldwide. Increasing demand for 24×7 high-speed internet access and low latency applications is spawning new business use cases across the industry spectrum.
Billions of IoT devices are multiplying every year and clear leaders are emerging in this revolution led by Asia, Europe, and the United States. Significant investments in security controls will support this wave of deployments and will primarily focus on the protection of business applications and workloads and mitigation to protect the edge networks.
5G and Industry 4.0
The cross-industry transformation between IoT and Industry 4.0 highlights the need to evolve wireless network connectivity for the fifth generation of mobile technology to enable new levels of speed, low latency and unmatched performance at-scale as compared to the previous generations of wireless communications technology. The trifecta of high speeds, connectivity, and Industry 4.0 provides specific capabilities for consumers as well as industries and society at large, thereby unleashing unlimited possibilities within the realm of IoT.
Service providers have a challenge and an opportunity in the 5G adoption cycle. As they provide new services for customers, there is a risk that services with insufficient security controls may not reach their customers. However, with requisite security infrastructure in place to detect malicious traffic on their roaming infrastructure, they sit on a remarkable revenue expansion opportunity to get more roaming traffic securely navigate through their network.
The 5G super-wave will be extraordinary for every industry, every business, and every experience, as the businesses move further ahead into incorporating 5G for their next-gen digital infrastructure initiatives. And the role of security is unmistakably significant.
Who Secures the 5G Infrastructure?
Though there is a widespread notion that the large investments in 5G is coming from only service providers and telcos, the reality is that globally, several businesses are leveraging the 5G wireless networks to pivot their businesses in ways previously unknown. Along with it, significant security infrastructure controls are being put in place from the core to the edge infrastructure by all the stakeholders: device manufacturers, software developers, enterprises, service providers. It’s a shared responsibility amongst all the stakeholders.
5G and End-to-End Encryption
The trustworthiness of 5G does is not only about a bunch of technical security specifications, but also from their design principles, deployment considerations, and the measures related to management and monitoring of networks.
End-to-end encryption plays an integral role to ensure the security of a system. Applications and endpoints — which do not need to connect to the internet in cases where the communication will be within the native telecommunication network — are generally very secure. However, wireless networks do not provide end-to-end connectivity for all services, specifically, as in the case of the IoT devices will only rely on mobile networks to obtain access to the internet. These endpoints still require to get authenticated over the top identity management scheme, end-to-end security solutions (between the device and the server on the internet) and must ensure their specific application security.
5G does much better than the previous generations in roaming encryption. 5G networks use 256-bit encryption, which is a significant improvement on the 128-bit standard used by 4G. Moreover, 5G enables the encryption of the user’s identity and location, thereby making it almost impossible to geo-locate the user from the time they hop on the network.
Mitigating Data Privacy in the 5G Era
5G continues to push the horizon for security and privacy based on the increasing demands from the industry and federal regulators alike. At the same time, information security continues to take the center stage among enterprises that are embarking on the 5G digital transformation journey. Needless to say, therefore, that IoT is about secure connection and dataflow from the end to the core, protecting personal data, business-sensitive information, and critical infrastructure.
It’s interesting to note the amount of data collection and interpretation related to the 5G deployment flags key security concerns related to detection, which need to be reviewed about the policies related to the detection of malicious network traffic. The exponential growth of more edge devices presents significant challenges to detect anomalies at-scale which so far was a manual activity by security operations personnel.
Current Security Operations (SoC) teams certainly need to expand their tools including algorithmic driven AI and ML at-scale which detects contextual behaviors and threat intelligence patterns based on indicators of compromise to reduce the manual workloads.
Building a secure 5G infrastructure requires a comprehensive view and not just focus on the individual tenets of security in isolation. Several attributes — including data interaction and workflows, rules and policies of identity and access management, role-based access controls, data encryption, peak workload situations, failover, and network resilience aspects — demand the ability to scale security proportionately with application scale out, based on the user activity and traffic.
Role of Service Providers in the 5G Revolution
Service providers play a pivotal role in maintaining and help in keeping the 5G digital economy moving securely at an accelerated speed. With a high number of volumetric DDoS attacks targeting customers and their network, service providers can help distinguish the legitimate traffic from the malicious traffic across the spectrum from core to edge. This is particularly important when we are having data being delivered in milliseconds.
In the new digital super-wave of 5G, it is time for the providers that are building these networks to deliver on the aspects of security and resilient network infrastructure. 5G networks are built on software platforms and hence security can be deployed in creative ways, as compared to the bottlenecks faced in the previous generation networks. This enables providers to have the necessary technology and tools to scan their networks to block ransomware attacks traffic where and when it is necessary to do so.
Read “5G & IoT: Real-World Rollouts Launch New Opportunities and Security Threats” to learn more.
*** This is a Security Bloggers Network syndicated blog from Radware Blog authored by Raghu Thummisi. Read the original post at: https://blog.radware.com/serviceprovider/2020/12/key-considerations-to-secure-enterprises-through-the-5g-revolution/