PARTNER CONTENT: 5G presents an opportunity for telecom operators to tap into new revenue streams emerging from the digitalization of industries. If you look at different industrial sectors, 5G can deliver the mix of capabilities required for them to move forward on their digital innovation: bandwidth, high reliability and low latency, robust IoT support, ability to run and consume applications and services when and where needed. 5G will play a major role in coming to smart factories, autonomous cars, smart cities, smart energy, smart transportation, smart healthcare, and more.

Is 5G more secure?
Due to its nature, 5G possesses aspects that are more secure than the previous generation. 5G has enhanced user authentication that allows, among other benefits, better IoT authentication with the mobile network. Moreover, the device authentication is now encrypted (unlike 4G where the authentication was in the clear) with strong 256-bit encryption. 5G can also logically segment the network (network slicing), providing different security customization per slice.

Are there new security risks with 5G?
As 5G is built on a completely new set of technologies, such as API signaling, virtualization, and containers, they produce new risk factors that have to be dealt with. More important, 5G’s unique capabilities positions it as a critical component in different industries’ evolution and innovation (the connected/autonomous car, smart cities, smart manufacturing, smart healthcare, etc.). 5G will connect a significantly higher number of devices (telephone, tablets, connected cars, IoT, etc.) and therefore a security breach or attack would potentially cause significant impact and wide-ranging impact on the industries. This may make 5G an attractive means and attack vector for cybercriminals.

How can telecom operators operate the transition from 4G to 5G?
The transition from 4G to 5G is gradual and requires major investments from telecom operators. From a technological perspective, 5G breaks with the past and requires a completely different architecture and technologies. They must not only build their 5G Radio Access Network (RAN), but also the core network, which is the backbone of their infrastructure. The biggest difference with 3G/4G is that mobile networks transform from a relatively static, hardware-based architecture to a dynamic, software-based environment. Then you have a virtual, cloud-native environment, where core components and functionalities can be distributed anywhere in the network. There is no longer a concept of a core, everything is a function.  This is very different from past mobile generations that mostly provided connectivity and targeted the consumer segment.

What about the security approach to implementation for 5G vendors, operators and enterprises?
5G calls for security by design and this should be implemented both for the purpose of protecting the operator but also for protecting the customers and their use cases. Security, unfortunately, has never been a top of mind factor in most cellular technology and services/use cases. However, in light of all that has been said previously, 5G requires the attention of all stakeholders as they all have a role to play to ensure a 5G network is secure. The operators must ensure that the 5G service delivery infrastructure is secure in order to deliver internal and external business and service continuity. The operators also must ensure that specific use cases and their ecosystems are secured in order to protect themselves and their consumers. 5G vendors should implement relevant 5G standards as they relate to security and provide integration with expert security vendors’ solutions for 5G environments. And, finally, enterprises planning to use 5G services/use cases should ensure that the appropriate security tools and controls are available and meet their own security requirements.

To conclude, the introduction of 5G could become a significant enabler for all industry allowing them new business opportunities and increasing their productivity, only if security is considered from the beginning of 5G services and use cases. Knowing that there’s no such thing as a 100% secure network and that threat actors will manage to do some havoc, security’s role is to reduce the risk as much as possible and provide visibility and insight so that when a security breach occurs, its impact is limited and the recovery can take place rapidly. For the mobile network operators, they should invest and deliver these security capabilities and SLAs as well as incorporate security and integrate with a wider security vendor’s ecosystem.

 

By Ronen Shpirer, Director, Solutions Marketing Mobile Network Operators and Managed Service Providers, Fortinet