The advent of 5G will extend a digital connection to almost every facet of our lives. With 5G and the impending orders-of-magnitude advances in bandwidth, connection and use case possibilities, there is opportunity for end-to-end innovation as the mobile infrastructure is transformed into a platform and a catalyst for value creation and service innovation.
Organisations that want to capitalise on 5G’s faster speeds, lower latency, more reliable connections and support for new services need to prepare now in order to address the impact that its potentially explosive rate of growth and innovation will have on their business, along with a related surge in new security challenges.
The biggest security challenge to 5G transformation will be the sudden, exponential growth of the attack surface due to the rapid expansion of IoT devices and edge-based computing. The other major challenge will be due to the fact that these devices will not necessarily be connected to a central network in a traditional hub-and-spoke configuration. With literally billions of IoT devices interconnected across a meshed edge environment, any device can become the weakest link in the security chain and expose the entire enterprise to risk.
Security will need to be edge-to-edge, from the IoT edge, across the core enterprise network and out to the branch offices and multiple public clouds. To do this, everything connected to the enterprise ecosystem will need to be identified, criticality rated and their state confirmed. Then, all requests for access to network resources will need to be verified, validated and authenticated. Security must also support elastic, edge-to-edge hybrid systems combining proven traditional strategies with new approaches. While network segmentation is an established technique for containing cybersecurity risks and protecting sensitive resources, legacy methodologies may not be best suited for a 5G world. New segmentation strategies will need to be developed. IT teams will need to evaluate how to manage the complexity of multiple co-managed systems as they implement 5G networks and public cloud services.
Sharing threat intelligence, correlating event data and supporting automated incident response will require security technologies to be deeply integrated. This will require the development and adoption of a comprehensive, fabric-based security architecture. Machine learning, artificial intelligence and automation will be key to accelerating decision-making, thereby closing the gap between detection and mitigation.
Interoperability between different security tools will also require establishing new open 5G security standards, the adoption of application programme interfaces (APIs) across vendors and agnostic management tools that can be centrally managed to see security events and orchestrate security policies.
Security will also need to address the following scenarios:
- Automated network application lifecycle management will require security tools to be not only high performing but also highly adaptive, to ensure that constant innovation includes consistent protection. It will also require organisations to transition from a DevOps model to a DevSecOps model to ensure that security is integrated directly into the development strategy.
- Support for cloud-optimised distributed network applications will require security to move seamlessly between and across different network ecosystems without losing track of workflows or dropping security functionality.
- Digital transformation will generate vast amounts of new data, most of which will be encrypted. Encrypted data currently constitutes more than 70 per cent of network traffic, and this percentage will only grow as encryption is used to protect data moving through open network environments. This will require high-performance security tools in IoT and other edge devices that can inspect encrypted traffic at both speed and scale.
- New strategies such as network slicing will enable organisations to more efficiently consume resources moving through massive data environments. This will also require segmentation and edge-based micro segmentation to protect critical resources while isolating them from open and less secure environments.
There are a few things that organisations can do now to prepare themselves for the 5G revolution. The most effective approach would be to migrate from traditional, isolated point defence products to a security fabric designed to be integrated, automated and open. This approach also needs to combine single-pane-of-glass management and control with security technologies that can move seamlessly across traditional, SD-WAN, multi-cloud and highly mobile endpoint and IoT devices for consistent visibility and control.
Organisations that begin preparing now for the security and networking implications of 5G will be far ahead of their competitors. And in today’s rapidly evolving digital marketplace, that difference is likely to be critical.