The GSMA estimates that 5G has the potential to add a staggering $2.2 trillion to our world's economy in the next 15 years. But the killer apps that drive revenues and customer loyalty in the 5G age will be very different from what we know today. The beneficiaries of 5G will include autonomous vehicles, telehealth, smart cities, and logistics – each of them multi-billion-dollar markets. Each of them is also likely to suffer significant disruption, even loss of life if their security is compromised.
To support these new and exciting market opportunities, operators need an entirely new approach to network management, automation, and cybersecurity. In order to address the concerns surrounding the risks of 5G, networks will be automated end-to-end, and software-controlled processes will be integral to 5G’s infrastructure.
Delivering on the potential of 5G will require networks to be extensively automated. Manual processes will be no match for the demands of, say, deploying self-driving cars during a busy rush hour. The mantra of the 5G age will, therefore, be 'programmability' or the ability to define and control every aspect of the network in software, from the core to edge. But this programmability is a double-edged sword – it also gives hackers a means to cause mayhem from afar.
A critical foundation in developing secure systems is a robust architecture to identify threats and design and deploy effective security controls. This needs to be a day-one priority and not an afterthought. To make this happen in an effective manner, a new ecosystem of vendors, researchers, and operators need to emerge to drive the cybersecurity agenda for 5G.
This architecture needs to afford operators the flexibility to deliver the services customers need while denying malicious actors any opportunity to cause disruption. The application programming interfaces, also known as APIs that enable programmability together with artificial intelligence (AI) and machine learning (ML), can become the service provider's silver bullets against cyber-attacks.
Below are the key elements of a robust 5G security architecture that operators should be aware of:
Edge Security: Effective edge detection can help identify and contain attacks quickly, away from sensitive core networks. Edge computing can thus reduce attack detection latency by placing security monitoring functions closer to users, and creating alternate data transmission routes, making the process more secure.
Software-Defined Networking (SDN) Controller Security: Software-defined networking can help mitigate any breaches by using intelligence gathered through northbound APIs to control southbound routers and switches.
Proactive Security Analytics: Applying AI and ML to traffic at all points in the network can help operators identify patterns in data traffic - particularly useful for identifying zero-day attacks.
Hypervisor and Container Security: Virtualized systems are at risk from a variety of attacks, including data exfiltration and resource starvation. Hypervisor hardening mechanisms can help guard against bugs and misconfigurations, which commonly result in vulnerabilities.
Orchestration Security: The orchestrator oversees the functions and infrastructure of the entire network. That means it helps contain attacks but can lead to system-wide disruption if compromised. A variety of systems and procedures can guarantee the integrity of the orchestrator.
5G is expected to become one of the biggest technology disruptors of this time, and the security stakes are high. Enterprises can’t think this is something they can do on their own, and they should not be afraid to turn to outside help such as academic experts, researchers, or technology vendors and operators themselves to shape and design the cybersecurity architectures that will protect these networks. If the networks upon which 5G will operate are not built securely, the promise of 5G will be spoiled by malicious attackers. Those are risks that cannot be ignored.