By Krishna Mukherjee
2022 will be considered as a year in the history of telecommunication in India as it saw the official launch of much-awaited 5G services within the country. 5G is not only an advanced technology which promises to provide internet speed and capacity at least 10 times higher than 4G services, a battery of technological innovations will also be riding on this technology, conditioning newer ways of life. Experts predict that 5G will have a cumulative economic impact of $1 trillion by 2035 and that it will increase the nation’s GDP by $150 billion between 2025 and 2040. 5G is critical for India to make further progress and compete on a global scale.
Today, more than 85% of enterprises across multiple sectors are expecting up to 20% ROI on various 5G use cases as they evaluate how 5G will benefit their process of digital transformation because of its service-based, cloud-native design and enhanced capabilities to support adoption of technologies like AI, IOT, Robotics, etc, as per a KPMG report.
But, the big question is how much 5G ready are we? Are we ready to keep certain vulnerabilities at bay that 5G brings in? An AT&T survey in 2021 carried out among 1,000 security practitioners globally found that only 9% of respondents were confident that their security postures were ready for 5G.
Powered by high speed and low latency, 5G will push us into a world of interconnected networks. It will pave the way for new technologies like the IOT, AR, VR AI, etc. These new technologies involve the transfer and exchange of large amounts of data. This could translate into security challenges if that data gets intercepted by people with dubious intentions.
5G is also likely to escalate our vulnerability to security breaches with its attributes of edge computing, and dynamic bandwidth sharing, among others where each activity will become a potential attack vector.
“The dynamic nature of 5G will expand the potential source points for cyber threats with its capabilities like dynamic spectrum sharing capability in which multiple streams of information share the bandwidth in so-called ‘slices’ with each slice embedding its varying degree of cyber risk. With so many variables, each dependent on the other, robust and reliable security infrastructure is important,” opines Lt Gen Dr SP Kochhar, Director General, COAI.
Echoing similar views, Shiv Kumar Pandey, Group CISO, Bombay Stock Exchange (BSE) says, “The advent of 5G is pushing many companies’ investments in large amounts of interconnected devices to continue their day-to-day business operations and utilize next gen digital systems. The number of IoT/OT devices connecting to the internet has rapidly increased. Thus, the devices require enhanced security and extra attention to keep them secure.”
The connection between 5G and IoT, AI will introduce an alarming number of threats and vulnerabilities, which will have an impact on the health of corporate and private networks in near future, he warns.
Meanwhile, painting a positive picture, Amit Jaokar, CDO & CISO, NKGSB says “5G is way safer than 2G, 3G, and 4G networks. These networks’ architecture did not cover the aspects pertaining to the potential for an insider attack. However, the new trust model is the most significant security change in 5G.”
Warding off 5G security threats
When a breach occurs, every second counts and costs businesses dear, while a secure digital environment stimulates trust, which is vital for every business.
But even the best of technologies, if not adopted appropriately and optimally, can cause difficulties. New age technology such as next generation firewalls, secure remote access solutions, secure web gateway and SASE, have been the talk of the town for quite some time now, but cyber threats are going to increase with every passing day. A significant concern going forward will not be the technology itself, but the manner in which the end-user, businesses, and other organizations use that technology.
Managed security service support definitely helps standardize certain requirements, but is not a panacea for the growing menace of cyber-attacks.
“Security, confidentiality, and privacy must be a part of the lifecycle of core technology of 5G, and edge and IoT devices, along with the traditional underlying compute and storage infrastructure. Strong encryption and anonymization, together with a layered security approach, is certainly crucial,” feels Chandan Pani, CISO, Mindtree.
“Deploying more resilient, virtualized, and automated security controls is the prerequisite for enabling ‘trust’ on the entire 5G ecosystem. In addition, standardization of IoT-enabled devices is necessary to reduce open-source issues, untrusted programs, unpatched vulnerabilities, and unsafe API causing a plethora of security issues. Security teams are indeed working hard, but to cater to 5G-induced growth, it is imperative that the attention paid to the necessary levels of security and the number of data protection roles are increased manifold.”
However, stressing on the benefits of next-gen security technologies and systems enhanced with machine learning, BSE’s Shiv Kumar Pandey says that companies must adapt to new attack methods and its sources. And must secure the environment with secured endpoints and enhanced security systems which are natively managed and integrated with IoT/OT systems.
Additionally enabling SASE, network micro-segmentation, NGFW, API security, advanced threat protection, multi-factor authentication and implementing zero trust access can help secure the systems with ensuring its availability and integrity, opines he.
Additionally, Cybersecurity training and awareness is critical and it is important not only for organizations but for all individuals in the digital ecosystem.
According to NKGSB’s Jaokar, the 5G Zero Trust security model is using a next-generation firewall which supports mobility protocols with mobile identifiers like subscriber ID (International Mobile Subscriber Identifier or IMSI) and equipment ID (International Mobile Equipment Identifier or IMEI). This enables enhanced visibility and security policy enforcement allowing the enterprise IT security teams to protect their 5G mobile networks with enterprise-grade security.
Next-generation firewalls (NGFW), secure remote access solutions, secure web gateway, and broader Secure access service edge (SASE) offerings are some of the most cost-effective strategies today to safeguard the network under the same tree. Regardless of port, protocol, evasive maneuvers, or SSL encryption, NGFW can identify applications and offer real-time protection against a variety of dangers. This also includes the threats that operate at the application layer. In addition to identifying particular applications, experts can also restrict or even forbid the usage of these applications along with a few specific features these apps contain. Usage of AI and ML will enable these technologies to reap the benefits of this high-speed 5G network further by creating a safer environment to operate.