5G Cybersecurity Risks and How to Mitigate Them
As 5G’s adoption becomes more widespread, concerns about its cybersecurity continually grow. 5G’s benefits are promising, such as software-based networking and acceleration of internet of things devices. However, these benefits conversely open up vulnerabilities for cyberattacks. If these vulnerabilities are tapped into, enterprises face risk to their internal operations, as well as their consumer data. […]
As 5G’s adoption becomes more widespread, concerns about its cybersecurity continually grow. 5G’s benefits are promising, such as software-based networking and acceleration of internet of things devices. However, these benefits conversely open up vulnerabilities for cyberattacks. If these vulnerabilities are tapped into, enterprises face risk to their internal operations, as well as their consumer data.
To understand how 5G will shape enterprise operations, it is important to understand what shapes 5G-powered businesses.
“The 5G-powered business is a business that leverages 5G to transcend the possibilities of today, that uses 5G as a toolbox to solve business problems in new ways, and represent a new way of working and thinking,” says Dr. Brenda Connor, Director of Security Portfolio Application, Ericsson.
There are a number of key differences between last-generation 4G and 5G, including:
Perhaps the most actionable benefit 5G can provide for businesses moving forward is its advancement of IoT devices. Businesses can gain the power to offer services that would’ve previously been too expensive to operate. Although this is exciting, 5G’s benefits conversely pose some cybersecurity risks that must be addressed.
There are four main risks enterprises face when adopting 5G technology. These include the transition from hardware to software-based networks, the rise of IoT devices, the risk of availability compromise, and the lack of end-to-end encryption early in the connection process.
The primary security risk 5G holds is in its transition from centralized, hardware-based switch to its more distributed, software-based digital routing. According to a 2019 Brookings report, the opportunity for choke point inspection and control is far more limited in a 5G-defined network.
Because 5G will be mostly an all-software network, updates will also be carried out through software— similar to how operating systems on tablets, phones, and computers are updated—an additional point of vulnerability.
The lack of security in many IoT devices is an ongoing concern. 5G accelerating the world of IoT can only further this risk. Acts have been made to prevent this in government agencies, but enterprises and the private sector still lack these measures.
A Trend Micro and GSMA Intelligence report showed that out of 63% of enterprises that have deployed IoT, 15% have not updated their policies to establish a “security first” strategy. This could be a consequence of the rapid growth of these technologies, but many enterprises and users are seemingly expecting IoT and 5G solutions to be secure-by-design.
Availability compromise refers to the notion that total network access can be completely cut off through a cyberattack. If enterprise infrastructures are all on a single 5G network, any attack to that network could compromise all facets of the enterprise.
For additional context, this could prove detrimental for national security. If governments do not diversify their 5G networks or use non-overlapping technologies, any attack to the defense infrastructure could prove devastating.
Although end-to-end encryption has potential in a 5G-driven network, malicious players can still gain access to devices early in the connection process. Attackers can move laterally and cause more damage from compromising just one 5G device.
Ultimately, increasing the number of objects that are not only online but also integrated with one another on a single network will invariably increase vulnerabilities.
Also read: Approaches to Cybersecurity in 5G-driven Enterprise Networks
The risks of adopting 5G seem too large to manage at times. Although governments are trying to prepare for the future of a 5G-driven world, enterprises must look for actionable ways to mitigate risks.
Looking forward, enterprises need to prepare a robust 5G security plan. Plans will look different for many businesses, but being proactive about your plan and adopting new enterprise cybersecurity solutions can be a good starting point.
In their Brookings report on new approaches to 5G cybersecurity, former FCC chairman Tom Wheeler and Pamplin College of Business professor David Simpson map out two distinct recommendations for enterprises, governments, and general users to follow as 5G technology continues to advance.
The first point both writers make is for companies to recognize and be held responsible for a “new cyber duty of care.” They pull from the traditional idea that common law advocates for: Those who provide products and services have a duty of care to identify and mitigate potential harms that could result.
In a sense, this recommendation goes beyond prioritizing cybersecurity in your company culture. It advocates for inserting security in the DevOps cycle, adopting AI-driven technologies to handle more complex attacks, and generally investing resources into cybersecurity for businesses of all sizes.
Furthermore, the cyber duty of care calls for reversing the historic underinvestment cybersecurity has so far faced. This is especially critical for enterprises that could put public safety at risk if an attack ever was to occur.
Another poignant example of the cyber duty of care is their urge to implement machine learning and artificial intelligence at the core of cybersecurity moving forward. There are a number of AI cybersecurity software solutions already in place that enterprises are taking advantage of. It’s critical to use these tools that can learn from and analyze mass quantities of data that traditional methods can’t keep up with.
Wheeler and Simpson also make the case for a new approach to the relationship between businesses and government. Innovation simply needs a faster approach as the new age of 5G is ushered in. The writers propose a few considerations, including:
Ultimately, the widespread adoption of 5G will most likely see enterprises iterating on how they go about their cybersecurity mitigation efforts. IT teams will have to prepare for identifying and mitigating threats while keeping the user experience and network latency intact.
Generally speaking, enterprises should be prepared to adopt a hybrid approach to their cybersecurity. Enterprises should uphold cybersecurity in all facets of its operations and company culture. In parallel, they should be prepared to work with advanced cybersecurity solutions as their network of IoT devices expands.
Read next: Understanding the Zero Trust Approach to Network Security
Yousef Fatehpour is a Content Writer covering software reviews and industry trends. His primary areas of interest are software design, user journeys, and how user experience is handled across software markets. Yousef also has experience in product design and multimedia content production.
Enterprise Networking Planet aims to educate and assist IT administrators in building strong network infrastructures for their enterprise companies. Enterprise Networking Planet contributors write about relevant and useful topics on the cutting edge of enterprise networking based on years of personal experience in the field.
Property of TechnologyAdvice. © 2025 TechnologyAdvice. All Rights Reserved
Advertiser Disclosure: Some of the products that appear on this site are from companies from which TechnologyAdvice receives compensation. This compensation may impact how and where products appear on this site including, for example, the order in which they appear. TechnologyAdvice does not include all companies or all types of products available in the marketplace.
