Our May 2022 article, “The Imperative of Enterprise-Grade Security for 5G,” explains why 5G security must be “enterprise-grade.” We also explain what that term means. This blog provides a high-level summary of our May article.
The promise of 5G is much more than lower latencies or faster speeds. 5G can bring massive business transformation and digitalization, it can drive the future of Industry 4.0 and critical infrastructure, and it is expected to contribute $2.2 trillion to the global economy over the next 14 years.
As opposed to previous generations of mobile technology like 3G and 4G, adoption of which was largely by consumers, 5G will largely be the domain of enterprises and governments. While many service providers and telcos are investing in 5G (with many mobile network operators announcing 5G pilot trials and commercialization plans as they expand their geographic footprints) enterprises and governments around the world are also investing in and leveraging private 5G networks. The design of 5G networks (with the ability to allow millions of connected devices in high-density settings) can enable smart supply chains, autonomous transportation, smart manufacturing, mass adoption of the Internet of Things (IoT) and much more. This in turn enables new enterprise and government use cases that were not previously possible. In fact, 5G is now the catalyst for change for many private and public sector organizations, allowing deployment of industrial-scale IoT networks combined with ultra-low latency, mission-critical reliability and a high degree of mobility. 5G can enable digital transformation of manufacturing, logistics, large public venues, oil, gas, mining and many other industries. Governments, and specifically defense agencies, are also beginning to leverage private 5G networks across environments from logistics and campuses, to military bases and aircraft carriers.
Evolving and Sophisticated Cyberthreats and Attacks on Enterprises and Governments
Even though most enterprises and governments are not yet on 5G, levels of attacks on enterprises and governments are growing more numerous and sophisticated. The risk of cyberattacks to all organizations will exponentially grow with the scale enabled by 5G, which will dramatically increase network capacity and attack surface, particularly as an unprecedented number of devices attach to enterprise and government networks. The proliferation of devices, vast increase in intelligence at the network edge, and the aggregation of critical functionality at the network core bring challenges that together contribute to a perfect storm of security risk in 5G deployments.
Enterprise-Grade Security Is Needed for 5G
Because the stakes are higher, cybersecurity is more important than ever for 5G networks. Legacy security solutions and approaches that may have been adequate for 3G and 4G will not be appropriate for 5G, yet enterprises and governments will need to know that 5G networks and services are highly secure before investing in them. Businesses need to establish a strong security posture that can stop cyber attackers from infiltrating their networks, disrupting critical services, or destroying industrial assets. In mission-critical industries, security breaches cost more than just downtime, lost revenue and tarnished brands; they can put human lives in jeopardy. Government agencies must protect citizen data and national security information.
What Is Enterprise-Grade Security?
Enterprises and governments already expect a certain level of security for their existing IT networks, data and applications because these are mission-critical. These organizations will simply expect this same level of security (“enterprise-grade”) for the 5G networks that will increasingly underpin their operations.
Enterprise-grade security means the ability to secure the service, technology and application stack by securing all layers (signaling, data, applications and management), all locations, all attack vectors and all software lifecycle stages. As organizations are managing increasingly complex and dynamic environments, leveraging AI/machine learning (ML)-driven automation becomes a necessity. Enterprise-grade security enables organizations to take a Zero Trust approach to their 5G networks, including applying security on network-slice level.
- Securing All Layers: Enterprise-grade security for 5G means that all layers should have security detection and control mechanisms. This includes the signaling, data and applications layers. You cannot secure what you cannot see. The first goal when securing 5G is having visibility and constant real-time monitoring across 5G signaling and 5G data layers to spot any security threats and attacks. The next step is adding the ability to automatically prevent known attacks, threats and vulnerabilities that were detected by constant, real-time monitoring.
- Securing All Locations/Interfaces: Enterprise-grade security should be able to secure all locations and interfaces.
- Securing All Attack Vectors: Enterprise-grade security should be able to detect and control all security attacks and threat vectors. This includes malware, ransomware, command-and-control traffic, remote code execution, remote information retrieval, authentication bypass vulnerability, remote command injection and brute force attacks. Enterprise-grade security should secure all stages of the software lifecycle across the build, deploy and run stages of today’s CI/CD (continuous integration, continuous development) approach.
An additional aspect of enterprise-grade security for 5G is network slice security. Network slicing is a fundamental 5G differentiation compared to all previous generations of mobile networks. 5G allows service providers the ability to offer different, dedicated, end-to-end network slices with different bandwidth and quality of service (QoS) to different enterprises, vertical industries and government agencies on the same 5G network simultaneously. Different network slices can also run side by side for different purposes and have their own security requirements applied to meet their respective needs (e.g. to apply application controls, anti-virus, anti-spyware, URL filtering and intrusion prevention services by network slice or group of slices). The ability to apply different security policies per 5G slice will help to give enterprises and governments the confidence to use 5G for their core business activities.
Attacks rapidly and automatically evolve, and attackers use machines to automatically morph attacks. In addition, the threat actors utilize AI/ML to automate and obfuscate the attacks, and thus similar techniques are needed to defend. Reactive security cannot keep up. Automation and ML should be at the core of 5G security to analyze vast amounts of telemetry, proactively assist in intelligently stopping attacks and threats, and recommend security policies.
It is clear that 5G will fuel digital growth and enable digital transformation across many industries, enterprises and governments. Enterprise-grade security will help to unlock 5G’s potential and provide the confidence to move ahead with business transformation and reap the rewards of 5G. Read more details on all of the above points in our article, "The Imperative of Enterprise-Grade Security for 5G."
The post Enterprise-Grade Security for 5G — Why It’s Needed appeared first on Palo Alto Networks Blog.
Article Link: Enterprise-Grade Security for 5G — Why It’s Needed