iaremenko - stock.adobe.com
Security chiefs: don’t ignore the 5G future, it’s coming fast
The benefits of 5G are numerous, but so are its challenges. Greg Day, vice-president and CSO, EMEA, at Palo Alto Networks, discusses what security executives need to know
5G is about to unleash a range of fantastic benefits for humanity. The next generation of mobile networks offers download speeds up to 100, or even 1,000, times faster than 4G.
Latency – the time delay between sending and receiving a signal – will be cut to 1 millisecond from more than 50 milliseconds. That’s faster than the human brain.
5G will be able to support an incredible one million devices per square mile. These advances will allow widespread use of autonomous cars, while the reduced latency will enable surgeons to remotely carry out operations using robots on the other side of the world.
This is more than just a better phone signal – it is a technological step change comparable to the arrival of jet travel, which will open great new revenue opportunities for businesses.
However, 5G also creates a host of cyber security headaches that threaten to undermine these benefits. A 5G-powered world will become more interconnected as data is shared between devices and applications. This vastly increases the surface for cyber attacks, extending the points where hackers can gain entry to a network.
Autonomous cars will share data with other vehicles, traffic management systems, and local communications infrastructure. Similar interconnectivity will apply to robots, wearables, mixed reality applications and retailing.
If hackers access the networks for driverless cars, surgical robots or other connected devices, they could threaten life and safety, let alone data security and business operations.
A further challenge lies in accelerating latency to almost real time. Effective cyber security shortens the time allowed for threats to hit the network and quickens the network’s response rate as it analyses data for threats.
Another difficulty will be correlating the vast amounts of data moving across the 5G network.
New-generation technology relies on thousands of mini antennas placed on buildings and lamp posts, bouncing signals to devices. A data stream on one device will move between multiple antennas. Logs will show three seconds of data from one antenna, then a separate stream as the device transfers to a different mast for five seconds and so on as the user traverses the network.
That jumbled data will need piecing together and sorting to understand the threat landscape. This is a highly complex process, but one that state-of-the-art security solutions can solve. It’s worth checking if your current solutions do this.
There is no doubt that the 4G network faces similar difficulties, but 5G creates a super-powered version of the current challenges so cyber security staff will need to double down on protective measures.
An effective measure will be the use of zero-trust networks. These work on the principle of “never trust, always verify”. They assume that every person or device accessing a network is a potential security threat, so restricts their access to the specific area they need.
For instance, marketing staff only gain access to relevant marketing data, but not to finance, human resources or operations data. A connected car will be able to access just the data it needs to communicate and avoid a collision, but nothing more.
It’s also vital to keep tabs on third-party risk and making sure organisations in the supply chain have strong cyber security controls. Healthcare, connected cars, and industry 4.0 will become collaborative ecosystems on 5G. An overview of everyone involved in the supply chain is crucial. That means identifying all the players contributing to the service and making sure they are all secure.
5G cyber security therefore requires three fundamental pillars:
- Reduce the risk though zero-trust networks, as 5G will expand your attack surface.
- You can’t secure something that isn’t visible – ensure correlation of data streams in a roaming world, and visibility of suppliers’ ecosystem.
- Make sure your cyber security can keep up with the reduced latency and massive increase in data.
These are all areas that CISOs in businesses should be working on today. 5G trials have started already, with the first networks set to roll out in 2020 and wide availability predicted by 2025.
There’s no time to lose. Security chiefs must start putting in place the cyber security measures, which will allow 5G to realise its benefits and become a boon to humanity rather than a scenario of uncertainty and danger.
Read more about 5G networks
- Local authorities must do more to facilitate the roll-out of next-generation mobile connectivity, study finds.
- Cabinet Office uses NCSC conference to lay out government’s approach to the security of 5G networks, as controversy grows around using equipment from Chinese supplier Huawei.