As enterprises evolve to 5G edge-intensive architectures to deliver and process information, security basics get elevated in importance.
A majority of executives in a recent survey, 57%, are concerned that their adoption of 5G and edge technologies is also increasing their security vulnerabilities. In addition, 52% believe such threats are a significant challenge to the availability and integrity of their networks.
These are some of the takeaways from a recent report issued by AT&T, which notes that “while the promise of 5G is universally recognized, the path to implementing 5G is unique to every organization.” Enterprises need to “closely examine existing company networks and security models and rethink accordingly,” the report’s authors advise. “Each organization will ultimately create a footprint in 5G and edge design that is unique and purpose-built to that organization. 5G is not a one size fits all technology. How 5G is architected will determine how security is designed.”
The variety of 5G edge architectures may range from “an isolated on-premises private 5G network, independent of the public operator 5G network, or one that shares mobile operator 5G network resources.” Or the architecture may be built on “multi-tenant public options delivered as a service, with network slicing and virtualization to provide a single-tenant experience.”
The report’s authors suggest the following considerations for securing 5G and edge systems across the enterprise:
Recognize that 5G is not an evolution but more of a revolutionary new technology. At the same time, transition will not occur overnight, the AT&T authors caution. “The sheer quantity of devices that will be connected from different places at faster speeds will stress security teams. Organizations will not be able to assume that every connected device is safe. Zero Trust principles are a natural fit for a 5G world.” Envisioning the end state is also key to this mindset. “Consider segmentation as a first step to Zero Trust or choose an initial focus on creating platform visibility of threat intelligence, analytics, and response tools across existing assets.”
Observe and be aware of what needs protection. This includes considering the organization’s asset and network topology. “Learn about the tactics, techniques, and procedures of the cybercriminals that like to attack organizations in the same region and industry and prepare the security team to better respond to those attacks that do end up landing in the environment,” the AT&T authors advise. “Deploy a unified platform that incorporates integrated and continuously updated threat intelligence from a broad set of telemetry, threat hunting, and other threat detect-and-response capabilities.”
Review your existing security posture. “The need for a benefit-to-risk evaluation of data security and access management concerns juxtaposed against enhanced speed and reduced latency benefits. This evaluation requires a review of existing security programs, policies, and controls.” This includes identifying “areas of security in need of immediate attention. Think about which currently deployed security assets can be utilized today that will make the journey to 5G with the business more efficient.”
Strive to reduce complexity. Reducing complexity and risk will enhance security, the report’s authors point out. “Utilizing more redundant tools in the security operations center can lead to increased cost and complexity. When utilizing service providers for security, look to work with providers that have a broad platform of capabilities.”
Determine your organization’s innovation posture. “Evaluate whether the organization is a leader or laggard in a software-defined world with the ability to enable a malleable 5G security architecture.” This also includes aligning 5G technology and the digital transformation strategy with an overall enterprise-wide strategy.
Implement 5G and edge in a manner unique to the organization. “Design the 5G and edge footprint in alignment with the specific business goals, desired innovations, and industry parameters of the company. And, because this design will be unique to business needs, security must also be tailored to protect the company’s individual architecture.” This includes establishing baselines of normal behavior and activity for the network and users. “Be prepared to contain and respond to anomalies.”
Evaluate every user and verify every device. “Validating the security condition of every device that connects can proactively prevent introducing intentionally or accidentally compromised devices into the network.”
Adopt software-driven approaches. New topologies – such as software-defined networking, security virtualization, self-healing, and automated networks – will pave the way to a more highly secure 5G edge infrastructure. “Bear in mind that secure by design is the operating principle,” the authors state. “Incorporate secure design principles into the development of 5G use cases. Recognize that security gets shifted left.”
As enterprises evolve to 5G edge-intensive architectures to deliver and process information. “security basics don’t go away but rather get elevated in importance,” the authors point out. “Organizations cannot firewall their way around the distributed 5G edge — though firewalls and network segmentation are still relevant. Data security, identity and access management, threat intelligence, and visibility are more important than ever in finding threats and shutting them down commensurate with the near real-time promise of 5G.”