Security has become a major focal point for communication services providers (CSPs) that are launching 5G networks to increase market share, create new revenue opportunities, and rejuvenate bottom lines.
But 5G operators also are increasingly aware that monetizing 5G's capabilities requires in-depth security across their operating practices, as well as embedded in the services they deliver. This is especially true for 5G standalone (SA) deployments, which have begun to proliferate.
How does this relate to security?
With 5G SA, the security landscape changes significantly, as the mobile core architecture is now a services-based architecture (SBA). While this is critical to unlocking a lot of 5G’s potential, the new 5G core opens up new vulnerabilities and requires a fundamentally new approach to securing the 5G core.
Next-generation 5G services will run over new multiplexed, virtualized network infrastructures with higher RAN speeds, with low-latency communications to applications and service infrastructures deployed closer to the end user.
As more services are moved closer to users, increased visibility and control are required to ensure both service availability and security - specifically in areas of the network historically lacking both this visibility and control.
5G also enables enterprises to transform their business processes, and as business 5G services are rolled out across telco networks attack surfaces continue to grow. Enterprises will require visibility and threat detection to manage risk from these new 5G services and ensure the continued integrity of their operations and confidentiality of their data.
5G IoT devices, whether consumer, enterprise, or industrial in nature, creates a huge attack surface. In the case of consumer devices, as in wireline networks, devices can be compromised. In the case of enterprise or industrial IoT, the consequences of compromise can range from reduced lifespan of the device itself, through data breach, to loss of integrity in services that support real-world critical functions. Network exposure function (NEF) gives third-party applications direct access to 5G core functions, significantly expanding its capabilities but also increasing the likelihood it will be targeted by attackers.
In all cases, compromised devices can be used for DDoS attacks.
All of this new technology, along with new vendors and new services, represents opportunity for performance, availability, and security problems—whether from malicious attack or unintentional implementation issue.
Why embed security?
By embedding security capabilities within the mobile network, CSPs gain several benefits, including the ability to identify and mitigate threats more quickly; correlation of threats across multiple monitoring locations; gaining a complete view of endpoint behavior; and ensuring that security capabilities grow with the network as needed.
To learn more about security threats in 5G networks and why embedded security is necessary, download our newest white paper, A BLESSING AND A CURSE: 5G Networks Open Revenue Opportunities For Service Providers – As Well As A Larger Playing Field For DDoS Attacks. You can also reach out to us today for an analysis of your 5G networks and how to best protect them against attacks.
- Service Provider