Securing the 5G-Enabled Future
5G promises to deliver remarkably high speeds, lower latency, and more bandwidth, which can help organizations keep pace with today’s digital marketplace and support new digital innovation initiatives. But with any new technology comes new security risks. As 5G becomes commercially available and service providers prepare to take advantage of this new opportunity, cybersecurity must be top-of-mind.
Fortinet’s Ronen Shpirer and Alain Sanchez joined us virtually to share how service providers can seize the opportunity for new business growth in the area of enterprise services as it relates to 5G while ensuring a strong cybersecurity strategy that can protect their entire infrastructure — from the mobile core to the edge.
Can you give a brief overview of what you are hearing from customers and CISOs around 5G?
Ronen: 5G is seen as an opportunity in many industries, mostly by large enterprises. There is a lot of potential for innovation but many enterprises are still trying to understand how these “theoretical” 5G capabilities can be harnessed to their benefit in the real world. Private 5G networks are one area that seems to be getting a lot of attention and traction.
There are also a lot of knowledge gaps around security in 5G. The fact is that 5G is more secure than any other previous mobile generation. But this is a sort of “baseline” security and needs to be further strengthened by security solutions from 3rd party security vendors such as Fortinet. Like any new and significant technology, enterprises need to understand its impact on their overall security posture. They need to understand how the use of 5G services and technologies will impact the attack surface, the attack vectors, and the very nature of attacks. They need to understand where the Mobile Network Operator (MNO)’s security responsibility starts and ends and what their part is – similar to the shared model in public clouds. The potential benefits of 5G will overcome the security concerns associated with it – as long as enterprises understand what they are and what is required to mitigate them. MNO’s incorporate security in 5G infrastructure and services in response to enterprise security requirements.
Alain: The CISO community realizes now that 5G is not just 4G on steroids, but a mosaic of interacting blocks exchanging dynamically to deliver unprecedented services. Radio Access Networks (RANs) for example, the tip of the 5G iceberg, are not limited by the presence of base stations in the vicinity. By becoming virtual and flexible, the radio network opens unprecedented possibilities of services at the edge, but these very benefits are creating many data access points that constitute many potential points of attack. The value of a holistic security approach in this context is significant. For example, Fortinet machine learning algorithms learn what normal behavior patterns look like for a given company, user, or processes. The moment an attack creates a disruption, it triggers a series of automated incident responses that would isolate the suspicious activity, then flags it, according to the policy and also learns from the attempt. This requires a dynamic collaboration between the various components of the dense lines at 5G speed. CISOs now realize that only a natively integrated security platform can do this.
Can you talk about how infrastructures become “platforms of opportunity” with the advent of 5G for CSPs and others?
Ronen: Technology evolution in mobile networks with 4G and the introduction of 5G presents MNOs with the opportunity for a profound change in their addressable market segments and the scope of the services and value they provide. Expanding from consumer to business sector markets and from a connectivity-focused service to an ecosystem of industry and vertical value-added services enables growth that is very hard to achieve with 4G. The opportunity 5G brings to MNOs is to climb up in the enterprise and consumer value chain. This can only be achieved by:
- Delivering the services and capabilities required for new models of data gathering, consumption and manipulation
- Delivering an ecosystem of applications and platforms that provide high-level user data capabilities, such as compute, management, analysis, and machine learning/AI.
The big challenge for MNOs: How can I identify the use cases that enterprises will be willing to invest in and therefore I need to invest in? Other than private networks, the “low hanging” use cases are difficult to identify.
Alain: Speed and Granularity. These two attributes work together to enable new services from service providers to their enterprise customers. Through a deep understanding of the information flow, the service provider will be able to detect potential vulnerabilities in the business processes of its customers. For example, if end-users are using unpatched access devices or if their authentication practices are suboptimal, they will then be able to offer managed security services that would address these potential risks and monetize them accordingly.
Can you give an overview of the cybersecurity challenges that organizations should be aware of in regards to 5G?
Ronen: It really depends on the use case. If one uses 5G as a faster and better connectivity service for its locations (Fixed Wireless Access for example) then this will be probably be incorporated in its SD-WAN underlay and can be secured by a Secure SD-WAN solution or a next-generation firewall (NGFW).
But if the organization uses 5G for more than just connectivity (private networks, MEC, AR/VR, robotic control, predictive maintenance, etc.) a stateful firewall is required, but it is not enough. You would probably need to have API security, application security, and IoT security mechanisms in addition to NGFW capabilities. And these will have to be distributed – based on the use case – in the enterprise site, the MNO sites, 3rd party clouds/sites, and the public cloud.
Alain: The challenges vary according to the actual needs of the enterprise as well as the risk inherent to enterprises specific business models. As 5G gets closer to the business-critical applications, the level of protection, as well as the sophistication of the cybersecurity, raises. When industrial sensors managing a manufacturing process exchange with the regulation middleware through 5G, the overall process becomes more reactive and adaptive to operational conditions, but it also makes 5G a core component of the process itself instead of a faster access network. As a result, the entire cybersecurity strategy has to be aligned with the business sensitiveness of each of the resources. This is a great opportunity for CISOs to ask the right questions to the rest of the C-Suite:
- What are the critical resources?
- How does 5G adoption redefine the matrix of risk?
- What additional cybersecurity services are needed to protect this extended attack surface?
What does “end-to-end security from the mobile core to the edge” mean and is that possible?
Ronen: Yes, this is possible. End-to-end security is a necessity for the following reasons:
- As 5G is distributed, the data plane traffic can terminate almost anywhere in the MNO infrastructure (and not just at the core like in previous generations). So, security needs to be present wherever that happens (MEC, pops, regional data centers, the core).
- The edge, or MEC (Multi-access Edge Compute), is important as it enables ultra-low latency and geographical context that is required in so many 5G use cases, such as autonomous driving, smart manufacturing, AR/VR, etc.
- One of the “low hanging fruits” is 5G private networks. There are multiple ways an MNO can provide this and an enterprise can consume it. An important part is having the appropriate security visibility and control within the telco and enterprise responsibility domains, as part of a shared security responsibility model. Whatever the private network model used, end-to-end security must be provided to safeguard the multiple use cases, applications, and services using the network. And it is clear that with any deployment scenario, the edge will be a foundational component, and therefore security at and for the edge is fundamental.
Alain: With such speed available at the edge, many operations will move closer to the end-user delivering better performance in terms of latency and bandwidth efficiency. Why move data back and forth when it would be better used where it is produced and needed? Think of what happened to mainframes as the PC emerged and rose above in performance, storage, and user-oriented interface. Now the same dilemma happens with 5G, enabling performance at the edge brings a lot of new risks and thus requires organizations to deploy edge-oriented security. Such security requirements at the edge make a scalable security approach that is natively designed to enforce a unique and consistent security policy throughout the entire, extended surface essential. In fact, a common mistake is to consider the edge eligible for a different security policy. The need for unique visibility that can embrace, correlate, and respond across the entire infrastructure has never been more crucial than with 5G.
Learn more about securing 4G, 5G and beyond with Fortinet.
Orginally posted on Fortinet by Ronen Shpirer and Alain Sanchez | August 05, 2020