Secure 5G Networks Key for Business and Society
As 5G networks continue to roll out, cybersecurity is top-of-mind for communication service providers (CSPs). The telecom industry was the most targeted vertical, attracting 37% of security attacks compared to 14% for the next-highest industry vertical according to CrowdStrike’s 2022 threat report. Understanding a fast-moving digital landscape comes with unique challenges, and more industries and business operations are becoming digitized, and connected to mobile networks and to each other. Telecom networks, especially since the advent of 5G, are rapidly evolving across a broad technological environment that includes cloud-native, dynamic and distributed networks, network slices and AI/ML enabling new and more efficient businesses and bringing the full potential of e.g., Industry 4.0.
With New Technology Comes New Security Challenges
By the end of 2028, 5G mobile subscriptions are forecast to reach five billion, according to Ericsson’s November 2022 mobility report. All this connectivity brings productivity and efficiency – but it also creates a broad and increasingly challenging cybersecurity environment as the number of potential attack surfaces continuously increases and changes. Two factors are converging – security has never been so important, and keeping networks secure has never been more challenging.
Aspects of 5G Security That Service Providers Should Keep in Mind
• The 5G risk landscape is dynamic. Make sure security technology, people and processes follow: 5G networks are dynamic and distributed and continuously evolving with a changing risk landscape meaning security must also be designed to adapt to this reality. This means that the automation of asset discovery and security posture management has never been more necessary. Therefore, a purpose-built security management technology needs to be integrated seamlessly with the 5G network and automated to effectively support 5G security operations people and processes.
• Security is built into standards and 5G network products. Make sure to use and manage it properly: The 3GPP has included several security enhancements in the 5G standard, more profoundly than previous generations. 5G will allow for more discrete control of access to data, topology hiding, improved requirements on inter-element encryption, extensible authentication and enhanced privacy for subscribers. This also means that there is more security to manage both across 5G network functions and specific network security functions.
• Make sure to meet mission-critical business expectations: 5G networks are also key in serving as mission-critical business platforms facilitating digitization, automation, and connectivity to machines, robots, and transport solutions, etc. Mission-critical businesses will rely on 5G networks even more so than previous generations. This has security implications as well – there is a significant value at stake as well as a significantly different tolerance for risk, which also implies increased requirements and expectations on service providers and their 5G network security.
• Make sure to meet the increased security requirements from authorities: Since cybersecurity is so important for both business and society, authorities are increasing requirements on security. Examples of such requirements are: EU NIS2 directive, US National Telecommunications and Information Administration, UK Telecom Security Regulations and there are several other examples of country-specific regulation as well.
Service Providers Must Prioritize Security to Protect Businesses and Society
The rise of new business and government use cases that are, and will be, built on top of the 5G network platform, are putting new security requirements on the service providers’ management of network security. So, how can service providers prepare to tackle cybersecurity as technology evolves?
As the 5G networks and landscape is built, service providers need to make sure that the corresponding security maturity is built as well. Create a plan for automating 5G network security management with needed technology and process enhancements.
Start executing the plan for future-proof 5G security automation with a purpose-built 5G cybersecurity platform that is well integrated with the 5G network. Meet security requirements from external entities; for example, begin preparing to demonstrate 5G security posture compliance, not only for internal needs but also for external stakeholders such as mission-critical network users and regulators.
