The 5G era has arrived, presenting large rewards – and risks.
Promising even faster mobile speeds and ultra-low latency to enable compute at the edge in near real time, 5G may become a transformative force that will disrupt and advance industries across the board.
We are already observing the beginnings of this advancement with the rise of emerging technologies such as autonomous driving and immersive experiences with AR/VR. On a more practical level, we will see the real benefits of 5G in the enterprise sector where companies will use it to modernize and digitally transform infrastructure and operations. With 5G enterprise digitization expected to generate $1.5 trillion in revenue by 2030, the possibilities are endless.
However, before 5G can truly come to fruition, the industry needs a major paradigm shift - we are still missing a big part of the picture by only focusing on what 5G can accomplish, rather than how to effectively enable it. As with any other transformative technology, the larger potential for integration into our ever-expanding digital lives, the larger the attack surface and exposure to risk. Cyberattacks are on the rise, becoming even more sophisticated as our reliance on digital tools grows. All organizations must now assume that they are the target of an advanced attack.
5G expansion creates new opportunities: both good and the bad
The expansion of 5G-enabled products, capabilities and services creates greater opportunity for bad actors to exploit their technology and architecture. Luckily, today’s 5G standard offers several strong security capabilities, such as features for user authentication, privacy, traffic encryption, and protection of signaling traffic. While this makes for an attractive foundation for an organization's digital transformation initiatives, these features will only get companies so far as they aren’t designed to identify and stop advanced threats within the mobile traffic itself.
Additionally, 5G networks offer an expanded, undefined surface area that’s hard to monitor and even harder to control. And while we have access to legacy solutions for mobile traffic security, they don’t have the capabilities to achieve the level of granular visibility needed to effectively identify and remediate threats.
The promise of 5G rides on enterprise-grade security
Organizations need to build cybersecurity into 5G architectures from the start. And the stakes are much higher – some of the most security-sensitive industries, such as healthcare, critical infrastructure, and manufacturing are looking to leverage 5G to enable their digital transformations. These industries require both reliable high-performance 5G connectivity and enterprise-grade security as good, or better than the security systems they already have in place. But how do we get there?
For starters, companies have to enable full visibility and control of the network. This requires a zero-trust security approach. Based on the idea that companies can’t secure what they don’t see, zero-trust frameworks ensure complete visibility and control across all facets of the 5G infrastructure, such as networking interfaces, applications, and workloads. Paired with user and device level visibility to mobile traffic in real time, organizations can quickly identify and defend against security threats and attacks.
Additionally, companies will need to leverage AI-powered cybersecurity solutions to manage and respond to advanced threats. Remember that bad actors are just as capable of using tools like AI and ML to automate attacks, thus similar techniques are needed to defend against them. For example, bad actors can use automation and AI to scan and analyze vast amounts of data to identify new vulnerabilities or threats, as easily as security teams can use them to intelligently assist in responding to or defending against them.
Finally, it's just as important for service providers to shift their approach to 5G security from being a cost center to a profit center. As 5G enterprise adoption accelerates, organizations will need higher levels of security and reliability within their networks to protect their business-critical applications. There’s a massive opportunity for industry to build new security solutions to serve enterprise customers, but it’s still a challenge to educate operators on the importance of security. In fact, a recent study conducted by GSMA found that 48% of surveyed operators said that they do not have enough knowledge or access to tools and solutions to solve security vulnerabilities.
The 5G era has made its debut in an era when cybersecurity risks are higher than ever. For 5G to live up its promise, enterprises must reimagine and redesign cybersecurity to meet new needs, challenges and demands from a 5G-enabled world.
Anand Oswal, senior vice president, network security, Palo Alto Networks