As rapid digitalisation drives enhancements in mobile telecommunication networks, addressing security and privacy threats becomes more critical than ever. 5G networks have been created with these considerations in mind. These networks incorporate features such as mutual authentication, cloud-native design, security edge protection proxy, network slicing, IP-based protocol stack,  3rd Generation Partnership Project (3GPP) end-to-end encryption standards, and network virtualisation that mitigate threats faced in 4G/3G/2G networks.

5G solutions can be deployed in both private and public settings. However, the prime differentiators between private and public 5G networks boil down to the level of organisational control over the network. First, in public 5G networks, anyone with a compatible device can access the network, whereas in private networks, only the members within an enterprise can connect to the network through SIM cards, certificates or passwords. Second, in public 5G networks, mobile network operators control the encryption keys, while in private networks, organisations can manage the encryption keys and protocols. Third, public 5G networks cater to larger entities such as an airport, while private 5G networks are more targeted towards a smaller user base, such as a factory.

That said, 5G has unleashed a new era of security threats. For instance, when a user connects to a 5G antenna, their location can be traced, exposing them to threats such as semantic information attacks. Access point selection algorithms in 5G mobile networks can also give away the user’s location. Another pertinent concern is that 5G generates massive data that is disbursed over the network and stored in the cloud, making it susceptible to cyberattacks. The use of internet of things (IoT) devices further amplifies these threats. Adding to this, public 5G networks are vulnerable due to the reliance on shared spectrum, infrastructure and networks, while the signals of private 5G networks propagate and face the risk of external infiltration.

Strengthening public 5G networks

The widespread adoption of 5G necessitates addressing all these security gaps. Adopting a layered approach can prove to be a particularly useful strategy to diffuse various cyberthreat vectors.

Switching to a zero-trust architecture through the continuous verification of users, devices and services is a good place to start at. End-to-end security must encompass all layers of the network, including radio transport, telco cloud, IoT devices, security operations and slicing. Further, while network slicing has in itself been designed to keep threat actors at bay, having dedicated policies modelled on the slice’s purpose and threat archetype will also improve the efficiency of network slices. At the same time, new-age technologies such as artificial intelligence and machine learning can be harnessed for monitoring network traffic to detect unusual behaviour in real time. Another simple yet effective strategy is to procure hardware and software only from trusted vendors. For instance, cloud service providers must be selected only after conducting thorough due diligence. With regard to shielding 5G radio access network deployments in the cloud, risks can be alleviated through tenant isolation, separation of inbound and outbound traffic, and multi-factor authentication, among other things.

Securing enterprise defences

Although private 5G offers a higher degree of security to institutions, it is also not devoid of cybersecurity risks.

At the foundation, strong identity and access management is essential. This involves using SIM or eSIM authentication, digital certificates and role-based access control. This ensures that only trusted users and devices can access the network. The encryption of data over the air and across the core protects sensitive information in transit. Network segmentation, such as logical slicing or microsegmentation, can isolate applications or departments, preventing lateral movement in the event of a breach. Given the proliferation of connected devices in private 5G environments, securing endpoints is crucial. This involves securing IoT and operational technology devices, keeping firmware up to date and deploying endpoint detection systems. At the infrastructure level, both the core and edge computing platforms must be hardened with secure virtualisation practices, runtime protection and regular patching. Real-time monitoring is key, supported by intrusion detection systems, threat analytics and centralised log management. These capabilities allow rapid detection and response to anomalies or attacks. Additionally, securing management interfaces through multifactor authentication and encrypted channels reduces the risk of unauthorised administrative access. Enterprises can consider deploying IP security or other secure tunnelling mechanisms to prevent man-on-the-side attacks. Solutions such as antivirus software, antimalware software and device hardening can also be implemented for thwarting attacks. Firewalls, code scanning and penetration testing are some ways to protect applications from cyberattackers. Finally, to maintain trust and operational integrity, private 5G deployments should align with established industry standards such as ISO 27001 and those developed by 3GPP and the National Institute of Standards and Technology, as well as undergo regular security assessments and audits.

The bottom line

As 5G continues to evolve and reshape connectivity across industries, safeguarding its infrastructure is not just a technical necessity but also a strategic imperative. A zero- trust approach – where no entity is automatically trusted – is increasingly regarded as a best practice in 5G protection network design. Ultimately, a secure 5G network goes beyond protecting infrastructure – it is fundamental to ensuring reliable, uninterrupted operations that power innovation and digital transformation.