Global IT is changing faster than ever with technologies such as 5G and internet of things (IoT) leading the way to increased speed and bandwidth, but also increased connectivity complexity. Through these ongoing changes and migrations to the next generation of telecommunications networks, communications service providers (CSPs) are dealing not only with new technology but also the security requirements that come with it.
Facing these challenges on the frontline are enterprise and provider IT and security managers, who will be charged respectively with overseeing the deployment and maintenance of new advanced networks and the related security issues.
Even though 5G may still seem several years from becoming ubiquitous, now is the time for IT managers, security managers, and their staff to learn about the issues and prepare themselves for what’s coming.
Sharing the security responsibility
As the global IT ecosystem undergoes a rapid evolution, it will be critical for IT departments to have a strong understanding of the new network architecture, security implementation, and ultimately who will be responsible for what. Once 5G, and by extension its enabling services and technologies – such as IoT, IPv6, and machine-to-machine (M2M) – become the de facto standard within the communications landscape, operators and their IT departments and security managers will need to face, understand, and overcome a whole new set of security challenges that will be more complex than anything that’s come before.
Some of the challenges that are specific to internal departments include:
Since IT departments at telcos will need to overcome these issues while running a 5G-enabled, and eventually a 5G-ready network, they will need help from a trusted partner that understands the network layer, the customer layer, and the security layer. This help must encompass proven expertise in various data types, such as customer data, transaction data, and network data, to ensure that sensitive information is compartmentalized and safe from a variety of threats. Good skills in security architecture can buttress effective security through a number of techniques, including segmentation.
Securing 5G networks becomes even more complex when network slicing, the ability to create multiple simultaneous mini-networks that operate under different sets of security and service requirements, enters the picture. This ability to invoke a 5G instance quickly for a specific period of time, in a specific place, will make security an even higher priority and that’s much more of a challenge for IT and security managers, who will be the ones tasked with securing these various data types.
Their customers will turn to them in the event of a problem, and operators will be tasked with resolving any issues, which will require significant levels of knowledge and proficiency around security issues. For these reasons, most operators will not be able to go it alone successfully when it comes to overcoming the security hurdles of 5G and other shifts in communications networks. Rather, they will need to work with trusted partners that have the expertise, track record, and experience to ensure data integrity, customer privacy, and compliance with any mandates or orders.
This approach can include:
Sound security architecture including network segmentation and a full suite of interoperable security tools;
Having these policies and framework in place is critical for vendors working with operators as they roll out next-generation networks, but in addition, there must exist the solid experience and knowledge to back it up.
Implementing an enhanced security plan
Operators need to ensure subscriber and other data is secure within the confines of their network as well as when data traverses public or private clouds. By implementing an enhanced security plan, operators can protect sensitive data, as well as the software and services used to store and process that data and to apply it to their needs.
This strategy would incorporate the principles of the shared model of responsibility outlined above and go further through alignment with industry security frameworks and standards in order to bring the highest levels of assurance to customers.
This strategic approach includes providing industry-leading secure services and solutions designed to ensure the confidentiality, integrity, and availability of our own data and our customers’ data and systems, against the fast-evolving threats of cyber criminals, hackers and other forms of intrusion and disruption.
Security should never be an afterthought and teaming up with a partner that’s serious about security and has been delivering a strong solution to its customers is critical for operators as they move into the world of 5G and beyond.
NetOps teams, like Spider Man, have great powers and great responsibilities. Increasingly, they are adopting a Zero Trust approach to network operations to help fight their battles.
Senior stakeholders who want to hold on to their CISOs must ensure that they have sufficient incentives and, more importantly, support to cope with the burden of risk that they are carrying.
The most alarming takeaway from Cisco’s new Cybersecurity Readiness Index report is that even after decades of having the importance of cybersecurity driven home, cyber threats are still taken too lightly.
