Arguably the first real game-changing technology advancement of the still young 21st century, 5G has already radically augmented what networks can do and how they perform.
For enterprise networks in particular, 5G has given rise to powerful networks that are fueling digital business transformation with a recent market report projecting the 5G Infrastructure market to reach a CAGR of 72.40 percent, valued at $57.5 billion 2026, up from just $2.2 billion in 2020. This value proposition is underpinned by greater adoption of the Internet of Things (IoT), paving the way for businesses to more efficiently design their operations, increase productivity, and enhance cybersecurity.
Transcending Network Possibilities
“The 5G-powered business is a business that leverages 5G to transcend the possibilities of today, that uses 5G as a toolbox to solve business problems in new ways, and represent a new way of working and thinking,” says Dr. Brenda Connor, Director of Security Portfolio Application, Ericsson.
Dr. Connor cites five important common characteristics of a 5G-powered business as:
- It can run any process remotely, regardless of how critical it is
- It has actual real-time control of every business process
- Its operations have been automated
- It uses compute resources where it makes sense, running applications on the edge where relevant
- It has an inherently higher security level without sacrificing overall performance.
Dr. Connor’s elevation of 5G’s inherent higher security level is a mark of the shifting “network security paradigm”, as she refers to it. Noting that with 5G-enabled, data-driven outcomes, Dr. Connor sees enterprise security needs extending beyond the traditional, perimeter-based security to zero-trust environments — a level of security that can be integrated into 5G’s architecture.
“5G is a G that not only focuses on mobile broadband (MBB), but also critical industrial use cases where security is taken to a completely new level,” says Dr. Connor. “Therefore, security has been one of the cornerstones in the 5G standardization.”
The Network’s New Threat Boundaries
As 5G broadens the capabilities of the enterprise network the need for new security approaches is inevitable. With an exponential increase in new connected devices and an acceleration of networking itself, 5G infrastructure as a backbone of continual innovation correlates to compounded security threats.
“5G is not just about high-speed data connections to stream video or play online games on a phone,” notes Srini Jasti, Senior manager at Cisco. “It will enable several new capabilities that will lead to new enterprise use cases — ones that will need new security approaches.
“5G also introduces new security challenges by establishing a number of new threat boundaries,” Jasti continues. “Adding to the challenge is that these threat boundaries are now transient. The new use cases, the increased threat boundaries, and the fact that boundaries are constantly shifting, means enterprise network security needs to evolve.”
One significant factor in the rise of 5G-driven networks has been the explosion of cellular IoT connections and the subsequent security threats that erupt on the network’s edge.
“The challenge of securing a broadening number of network edges as computing becomes more distributed and accelerated is just one of the 5G security challenges,” says Jonathan Nguyen-Duy, Vice President, Global Field CISO Team at Fortinet, who notes that edge computing’s reliance on 5G’s ultra-high speed performance, its shortening of operational intervals for micro data centers, and its cost savings for enterprises who no longer have to route traffic to core data centers also has a flip side.
“With these benefits comes the challenge of ensuring visibility and control at 5G speeds and scale across millions of simultaneous sessions,” Nguyen-Duy adds. “Indeed, the challenge of applying zero trust security principles while ensuring optimized wide area network (WAN) management is a key challenge of all 5G networks.”
Identifying 5G Network Security Threats
The complexities and flexibility of 5G-driven network infrastructure — devices, air interface, user plane, signalling plane, and the application platform, etc. — and its internet-facing virtualized components provide several points of entry for cybersecurity threats.
“Hackers can attack all vectors and at the same time or when least expected,” says Dr. Connor. “We see attacks against authentication, attacks against availability, attacks against integrity, and attacks against privacy. The usual suspects, but the how may be different.”
To mitigate these attacks, Dr. Connor recommends a holistic approach across the entire threat surface utilizing an in-depth deployment methodology and zero trust network principles coupled with best practices used in IT environments to protect your virtualized enterprise.
This integrated solution is echoed with some variation by Cisco’s Jasti, who points to a flexible, software-based architecture with integrated policy, and end-to-end segmentation. “In doing this,” Jasti adds. “The network can provide visibility for more advanced threat detection, as well as more agility for simpler and more intuitive management.”
Fortinet’s Nguyen-Duy outlines a number of security considerations organizations should explore as they seek to adopt a 5G-driven network architecture, including:
- A decentralized security approach that allows each device or subnet within a 5G network to have its own security. The caveat? Be aware that as different devices and processes interact, they can accidentally introduce threats to each other.
- The danger of more bandwidth straining security monitoring and, therefore, sacrificing throughput.
- The lack of security in IoT devices, which opens the network to attacks. The proliferation of IoT devices increases this attack surface and gives hackers easy targets.
- Lack of encryption early in the connection process. Although 5G has the potential for end-to-end encryption, it needs to be more robust as attackers can still gain access to devices before they start sending and receiving data over the 5G network. With many misconfigured or unpatched devices on the network, attackers can readily penetrate and move laterally as soon as they compromise a single 5G device.
“Building a 5G-dependent network without adequate security is like building a bank without walls,” Nguyen-Duy explains. “Even if you add the walls bit by bit, the initial theft will dash any hopes of running a successful business. Similarly, 5G security is a must before your organization can successfully engage with the technology.”
Nguyen-Duy recommends a security approach that supports elastic, edge-to-edge hybrid solutions and combines both traditional and new strategies. “Security professionals must be proactive in building their 5G security plans and deploying integrated security architectures,” he adds.
Challenges for IT Security Teams
The learning curve to combating security threats on 5G-enabled networks is considerably high for IT security teams. In addition to identifying and mitigating the threat, security professionals must take care not to affect the network’s latency or disrupt the user experience while protecting an organization’s data.
The IT/OT Security Paradigm
“The traditional enterprise IT security approach is based on information-centric systems, which evaluate data breaches or loss of information systems,” notes Dr. Connor. “The 5G cellular network has capabilities to also embrace an [operational technology] OT system. Within OT, it is important to evaluate risk based on the cellular assets, sometimes called nodes, and how they can potentially be misused to cause a loss (or manipulation) of visibility or control within the Information Communications System. The 5G-enabled enterprise network security paradigm requires a combination of IT and OT security paradigms.”
For Dr. Connor, this IT/OT security paradigm brings proactive risk management and reactive incident response into focus. Network security teams must invest in automating their risk management, which is concerned with evaluating what can go wrong before it happens, to reduce the threat landscape. This automation includes detecting and mitigating the numerous daily threats already familiar to telecos along with enabling faster response times — allowing security teams to focus on more complex threats that pose greater risks.
Harnessing Visibility and Control
This automation goes both ways. As Nguyen-Duy points out, threat actors are using the same capabilities that make 5G stellar to accelerate the development and execution of sophisticated attacks.
“We’re seeing automated, opportunistic attacks as well as targeted attacks taking advantage of 5G speed for more effective swarm attacks,” Nguyen-Duy explains. “Swarm attacks use compromised 5G devices to collect and share information about vulnerabilities and other network weaknesses to continually adapt attack methodologies that eventually overwhelm defenses.”
To quickly detect anomalous behaviors that are often precursors to malicious attacks, Nguyen-Duy recommends persistent visibility and control by combining centralized orchestration and autonomous edge security to ensure consistency and effective response times.
“The 5G threat landscape brings the potential for a larger volume of DDoS attacks and signaling protocol-specific hacks to the network,” Nguyen-Duy adds. “As a result, IT security teams will need to work with their service providers to ensure the diverse new needs imposed by this new security architecture will be adequately addressed by their security solutions. The key to securing 5G networks is fully integrating and automating these solutions for consistent and effective security across the LAN, WAN, and cloud edges.”
Software-defined segmentation is part of a two-prong approach recommended by Jasti, that also includes instituting the right security policies to establish threat visibility and promote proactive threat containment.
“For instance,” Jasti says, “segmentation applies throughout the 5G network, in the transport, the distributed campus and data center networks delivering mobile edge compute and other key services.”
Jasti explains that segmentation can be delivered using two technologies:
- Segment routing in the transport layer
- TrustSec capabilities in the infrastructure that natively supports trustworthy solutions.
“End-to-end segmentation is a must in a 5G-driven world,” he adds.
Network Security Platform Solutions
Security of 5G-enabled enterprise networks is evolving alongside the development of the network’s infrastructure. Cybersecurity requires robust continuous vigilance from IT security teams armed with tools that allows them to quickly and effectively eliminate threats without compromising the integrity of the network or cause further damage.
Cisco, Ericsson, and Fortinet all have security solutions aimed at monitoring, protecting, and troubleshooting the new threat landscape inherent in 5G-enabled enterprise networks.
Cisco’s SDN Technologies and Umbrella
The goal of mitigating threats as close to the source as possible to effectively minimize collateral damage has one big obstacle, Jasti notes: encrypted internet traffic. With 50 percent of internet traffic already encrypted, the adoption of 5G technologies are poised to increase that percentage.
“Cisco’s innovation in encrypted traffic analytics provides a machine learning-based technology to deal with this evolutionary aspect of 5G,” Jasti says. “Software-defined segmentation makes it possible to enforce the access policies for users, applications, and devices which can apply to IoT devices, M2M devices and enterprise network devices.”
Jasti points to Cisco’s SDN technologies supporting orchestration integrating across data center (ACI), campus (SDA) and WAN (SD-WAN) domains, along with Cisco Umbrella, to deliver end-to-end segmented network access.
Ericsson’s Security Manager
“5G is an end-to-end secure system based on globally agreed standards, with continuous development of these standards,” notes Dr. Connor, “including strong security algorithms, traffic encryption, protection of signaling and interfaces, and mutual 5G network and device authentication. Ericsson has a full portfolio that uses a coordinated approach to security, including product security, defence in depth secure deployment, security operations and management, and product security incident-handling capabilities. So in short, each Ericsson product has security designed in.”
For cellular visibility and control, Dr. Connor points to Ericsson’s Security Manager, which provides security policy configuration compliance automation to reduce the threat landscape alongside threat analytics to automate detection and response. The manager also orchestrates protection, detection, and response inside the cellular OT environment with near real-time feeds in the feeds into the traditional IT incident response systems.
“Ericsson Security Manager simplifies the multivendor 5G enterprise network context to bridge the cellular OT security environment into the traditional IT security environment,” Dr. Connor adds.
Fortinet’s FortiGate Next-Gen Firewall and FortiWeb
“Fortinet solutions provide enterprise-wide visibility and control with accelerated performance to match 5G capabilities,” says Nguyen-Duy. “With the Fortinet Security Fabric, organizations can facilitate integration and onboarding while keeping operations and management efforts to a minimum because the same platform is constantly used throughout the 5G ecosystem.”
Nguyen-Duy also highlights FortiGate Next-generation Firewall (NGFW) and the FortiWeb web application firewall (WAF). The FortiGate NGFW can serve as a barrier between the enterprise network and attackers, he explains, blocking a wide array of attacks while simultaneously handling routing and other network management functions. In addition, FortiGate machine learning (ML) capabilities can help pinpoint zero-day threats, including potentially new threats that arise with the progression of 5G.
“Additionally, the FortiGate VPN solution can secure the connections between networks and team members, regardless of wireless technology, and establish a secure connection and encrypt all network traffic,” Nguyen-Duy adds. “These capabilities enable the full potential of 5G networks through Fortinet’s Security Driven Networking strategy, which is the convergence of security and networking.”