Securing the 5G-Enabled Future

5G promises to deliver remarkably high speeds, lower latency, and more bandwidth, which can help organizations keep pace with today’s digital marketplace and support new digital innovation initiatives. But with any new technology comes new security risks. As 5G becomes commercially available and service providers prepare to take advantage of this new opportunity, cybersecurity must be top-of-mind. 

Fortinet’s Ronen Shpirer and Alain Sanchez joined us virtually to share how service providers can seize the opportunity for new business growth in the area of enterprise services as it relates to 5G while ensuring a strong cybersecurity strategy that can protect their entire infrastructure — from the mobile core to the edge.

Can you give a brief overview of what you are hearing from customers and CISOs around 5G? 

Ronen: 5G is seen as an opportunity in many industries, mostly by large enterprises. There is a lot of potential for innovation but many enterprises are still trying to understand how these “theoretical” 5G capabilities can be harnessed to their benefit in the real world. Private 5G networks are one area that seems to be getting a lot of attention and traction.  

There are also a lot of knowledge gaps around security in 5G. The fact is that 5G is more secure than any other previous mobile generation. But this is a sort of “baseline” security and needs to be further strengthened by security solutions from 3rd party security vendors such as Fortinet. Like any new and significant technology, enterprises need to understand its impact on their overall security posture. They need to understand how the use of 5G services and technologies will impact the attack surface, the attack vectors, and the very nature of attacks. They need to understand where the Mobile Network Operator (MNO)’s security responsibility starts and ends and what their part is – similar to the shared model in public clouds. The potential benefits of 5G will overcome the security concerns associated with it – as long as enterprises understand what they are and what is required to mitigate them. MNO’s incorporate security in 5G infrastructure and services in response to enterprise security requirements. 

Alain: The CISO community realizes now that 5G is not just 4G on steroids, but a mosaic of interacting blocks exchanging dynamically to deliver unprecedented services. Radio Access Networks (RANs) for example, the tip of the 5G iceberg, are not limited by the presence of base stations in the vicinity. By becoming virtual and flexible, the radio network opens unprecedented possibilities of services at the edge, but these very benefits are creating many data access points that constitute many potential points of attack. The value of a holistic security approach in this context is significant. For example, Fortinet machine learning algorithms learn what normal behavior patterns look like for a given company, user, or processes. The moment an attack creates a disruption, it triggers a series of automated incident responses that would isolate the suspicious activity, then flags it, according to the policy and also learns from the attempt. This requires a dynamic collaboration between the various components of the dense lines at 5G speed. CISOs now realize that only a natively integrated security platform can do this.  

Can you talk about how infrastructures become “platforms of opportunity” with the advent of 5G for CSPs and others? 

Ronen: Technology evolution in mobile networks with 4G and the introduction of 5G presents MNOs with the opportunity for a profound change in their addressable market segments and the scope of the services and value they provide. Expanding from consumer to business sector markets and from a connectivity-focused service to an ecosystem of industry and vertical value-added services enables growth that is very hard to achieve with 4G. The opportunity 5G brings to MNOs is to climb up in the enterprise and consumer value chain. This can only be achieved by: 

  1. Delivering the services and capabilities required for new models of data gathering, consumption and manipulation 
  2. Delivering an ecosystem of applications and platforms that provide high-level user data capabilities, such as compute, management, analysis, and machine learning/AI.  

The big challenge for MNOs: How can I identify the use cases that enterprises will be willing to invest in and therefore I need to invest in? Other than private networks, the “low hanging” use cases are difficult to identify.   

Alain: Speed and Granularity. These two attributes work together to enable new services from service providers to their enterprise customers. Through a deep understanding of the information flow, the service provider will be able to detect potential vulnerabilities in the business processes of its customers. For example, if end-users are using unpatched access devices or if their authentication practices are suboptimal, they will then be able to offer managed security services that would address these potential risks and monetize them accordingly. 

Can you give an overview of the cybersecurity challenges that organizations should be aware of in regards to 5G? 

Ronen: It really depends on the use case. If one uses 5G as a faster and better connectivity service for its locations (Fixed Wireless Access for example) then this will be probably be incorporated in its SD-WAN underlay and can be secured by a Secure SD-WAN solution or a next-generation firewall (NGFW). 

But if the organization uses 5G for more than just connectivity (private networks, MEC, AR/VR, robotic control, predictive maintenance, etc.) a stateful firewall is required, but it is not enough. You would probably need to have API security, application security, and IoT security mechanisms in addition to NGFW capabilities. And these will have to be distributed – based on the use case – in the enterprise site, the MNO sites, 3rd party clouds/sites, and the public cloud.  

Alain: The challenges vary according to the actual needs of the enterprise as well as the risk inherent to enterprises specific business models. As 5G gets closer to the business-critical applications, the level of protection, as well as the sophistication of the cybersecurity, raises. When industrial sensors managing a manufacturing process exchange with the regulation middleware through 5G, the overall process becomes more reactive and adaptive to operational conditions, but it also makes 5G a core component of the process itself instead of a faster access network. As a result, the entire cybersecurity strategy has to be aligned with the business sensitiveness of each of the resources. This is a great opportunity for CISOs to ask the right questions to the rest of the C-Suite: 

  • What are the critical resources?
  • How does 5G adoption redefine the matrix of risk? 
  • What additional cybersecurity services are needed to protect this extended attack surface?

What does “end-to-end security from the mobile core to the edge” mean and is that possible? 

Ronen: Yes, this is possible. End-to-end security is a necessity for the following reasons:  

  1. As 5G is distributed, the data plane traffic can terminate almost anywhere in the MNO infrastructure (and not just at the core like in previous generations). So, security needs to be present wherever that happens (MEC, pops, regional data centers, the core). 
  2. The edge, or MEC (Multi-access Edge Compute), is important as it enables ultra-low latency and geographical context that is required in so many 5G use cases, such as autonomous driving, smart manufacturing, AR/VR, etc. 
  3. One of the “low hanging fruits” is 5G private networks. There are multiple ways an MNO can provide this and an enterprise can consume it. An important part is having the appropriate security visibility and control within the telco and enterprise responsibility domains, as part of a shared security responsibility model. Whatever the private network model used, end-to-end security must be provided to safeguard the multiple use cases, applications, and services using the network. And it is clear that with any deployment scenario, the edge will be a foundational component, and therefore security at and for the edge is fundamental. 

Alain: With such speed available at the edge, many operations will move closer to the end-user delivering better performance in terms of latency and bandwidth efficiency. Why move data back and forth when it would be better used where it is produced and needed? Think of what happened to mainframes as the PC emerged and rose above in performance, storage, and user-oriented interface. Now the same dilemma happens with 5G, enabling performance at the edge brings a lot of new risks and thus requires organizations to deploy edge-oriented security. Such security requirements at the edge make a scalable security approach that is natively designed to enforce a unique and consistent security policy throughout the entire, extended surface essential. In fact, a common mistake is to consider the edge eligible for a different security policy. The need for unique visibility that can embrace, correlate, and respond across the entire infrastructure has never been more crucial than with 5G.  

Learn more about securing 4G, 5G and beyond with Fortinet.

Orginally posted on Fortinet by Ronen Shpirer and Alain Sanchez | August 05, 2020


Bekki Barnes

With 5 years’ experience in marketing, Bekki has knowledge in both B2B and B2C marketing. Bekki has worked with a wide range of brands, including local and national organisations.

Data-Sharing Done Right: Finding the Best Business Approach

Bart Koek • 20th November 2024

To ensure data is not only available, but also accessible to those that need it, businesses recognise that it is vital to focus on collecting, sorting and governing all the data in their organisation. But what happens when data also needs to be accessed and shared across the business? That is where organisations discover a...

Nova: The Ultimate AI-Powered Martech Solution for Boosting Sales, Marketing...

Erin Lanahan • 19th November 2024

Discover how Nova, the AI-powered engine behind Launched, revolutionises Martech by automating sales and marketing tasks, enhancing personalisation, and delivering unmatched ROI. With advanced intent data integration, revenue attribution, and real-time insights, Nova empowers businesses to scale, streamline operations, and outperform competitors like 6Sense and 11x.ai. Experience the future of Martech with Nova’s transformative AI...

How E-commerce Marketers Can Win Black Friday

Sue Azari • 11th November 2024

As new global eCommerce players expand their influence across both European and US markets, traditional brands are navigating a rapidly shifting landscape. These fast-growing Asian platforms have gained traction by offering ultra-low prices, rapid product turnarounds, heavy investment in paid user acquisition, and leveraging viral social media trends to create demand almost in real-time. This...

Why microgrids are big news

Craig Tropea • 31st October 2024

As the world continues its march towards a greener future, businesses, communities, and individuals alike are all increasingly turning towards renewable energy sources to power their operations. What is most interesting, though, is how many of them are taking the pro-active position of researching, selecting, and implementing their preferred solutions without the assistance of traditional...

Is automation the silver bullet for customer retention?

Carter Busse • 22nd October 2024

CX innovation has accelerated rapidly since 2020, as business and consumer expectations evolved dramatically during the Covid-19 pandemic. Now, finding the best way to engage and respond to customers has become a top business priority and a key business challenge. Not only do customers expect the highest standard, but companies are prioritising superb CX to...

Automated Testing Tools and Their Impact on Software Quality

Natalia Yanchii • 09th October 2024

Test automation refers to using specialized software tools and frameworks to automate the execution of test cases, thereby reducing the time and effort required for manual testing. This approach ensures that automation tests run quickly and consistently, allowing development teams to identify and resolve defects more effectively. Test automation provides greater accuracy by eliminating human...