Security Chiefs: Don’t ignore the 5G future, it’s coming fast
Latency – the time delay between sending and receiving
a signal – will be cut to 1 millisecond from over 50 milliseconds. That’s
faster than the human brain.
5G
is about to unleash a range of fantastic benefits for humanity. The next
generation of mobile networks offers download speeds up to 100 or even 1000
times faster than 4G.
5G will be able to support an incredible one million
devices per square mile. These advances will allow widespread use of autonomous
cars, while the reduced latency will enable surgeons to remotely carry out
operations using robots on the other side of the world.
This is more than just a better phone signal – it is a
technological step change comparable to the arrival of jet travel. The
technology will, of course, open great new revenue opportunities for
businesses.
But 5G also creates a host of cybersecurity headaches
that threaten to undermine these benefits. A 5G-powered world will become more
interconnected as data is shared between devices and applications. This vastly
increases the surface for cyberattacks, extending the points where hackers can
gain entry to a network.
Autonomous cars will share data with other vehicles,
with traffic management systems and local communications infrastructure.
Similar interconnectivity will apply to robots, wearables, mixed reality
applications and retailing. If hackers access the networks for driverless cars,
surgical robots or other connected devices, they could threaten life and
safety, let alone data security and business operations.
A further challenge lies in speeding up latency to
almost real time. Effective cybersecurity slows down latency as it analyses
data for threats. The time for threats to hit the network is shorter and the
time to protect the network is shorter too.
Another difficulty will be correlating the vast
amounts of data moving across the 5G network. The new generation technology
relies on thousands of mini antennas placed on buildings and lamp posts,
bouncing signals to devices. A data stream on one device will move between
multiple antennas. Logs will show three seconds of data from one antenna, then
a separate stream as the device moves to a different mast for five seconds and
so on as the user traverses the network. That jumble of data will need to be
joined together and unjumbled to understand the threat landscape, a highly
complex process — but one that state-of-the-art security solutions can solve.
It’s worth checking if your current solutions do this.
There is no doubt that the 4G network faces similar
difficulties. But 5G creates a super-powered version of the current challenges
so cybersecurity staff will need to double down on protective measures.
An effective measure will be the use of Zero Trust
networks. These work on the principle of “never trust, always verify.” They
assume that every person or device accessing a network is a potential security
threat, so restricts their access to the specific area they need.
For instance, marketing staff only get access to
relevant marketing data, but not to finance, human resources or operations
data. A connected car will be able to access just the data it needs to
communicate and avoid a collision, but nothing more.
The task of building a Zero Trust network can be
compared to retrofitting security for a building. In place of everyone passing
through a strong, single lock on a big door, there are 200 staff using 200
doors each with its own lock. The security department need to observe staff
behaviour and figure out which people need to go through different doors and
decide who to give keys to. The challenge here is not technical but is in the
implementation.
Another vital area is keeping tabs on third-party risk
and making sure organisations in the supply chain have strong cyber security
controls. Health care, connected cars and industry 4.0 will be collaborative
ecosystems on 5G. Visibility of all involved in the supply chain is vital. That
means identifying all the players contributing to the service and making sure
they are all secure.
In sum, 5G cybersecurity requires three elements:
· Reduce the risk though Zero Trust networks, as 5G will
expand your attack surface
· If you can’t see it you can’t secure it – ensure
correlation of data streams in a roaming world, and visibility of suppliers
ecosystem
· With the reduced latency and massive amount of
increased data, ensure your security can to keep pace
These are all areas that CISOs in businesses and
organisations should be working on today. 5G trials have started already with
the first networks set to roll out in 2020 and wide availability predicted by
2025.
There’s no time to lose. Security chiefs must start
putting in place the cybersecurity measures which will allow 5G to realise its
benefits and become a boon to humanity rather than a scenario of uncertainty
and danger.