The 5G Spring Festival Gala is coming, but who will ensure its security?

The Chinese New Year is getting closer and closer, and the Spring Festival Gala, which is a must-have for the Chinese New Year, is also being intensively prepared. As we all know, at the Shenzhen venue this year, 5G network transmission of 4K ultra-high-definition content will be historically realized! This is the first 5G network 4K transmission in my country. Although this is good news brought by 5G, we have to raise such a question: "Is 5G really safe?"

[[255735]]

In the scenario of connecting everything built by 5G+IoT, people and things, people and things, and things and things will all be connected at high speed through 5G networks, which also gives hackers and malicious codes more attack opportunities, bringing fatal impacts on mobile office security, sensitive data, and even national infrastructure. Therefore, eliminating security risk concerns under 5G networks is of particular significance for the rapid development of the era of the Internet of Everything.

The impact of 5G

As 5G becomes more widely used, several things will happen in the future:

• In addition to exponential speeds, 5G will also bring greater capacity, lower latency and more flexible service delivery. This will enable organizations to provide customers with better content, more real-time delivery and a richer user experience in entertainment and business activities.
• Lower latency and highly reliable connections enable greater computing power at the edge, without the need for nearby data centers to support latency-sensitive transactions and workflows. And, by providing computing services to end users, 5G servers have enough power to act as application servers - supporting a variety of edge-based applications, transactions, and business processes.
• Ultimately, when 5G speed and capacity are combined with the powerful capabilities of edge devices, an edge network that can share and process information locally and cloud-based resources will be formed. Because these edge-based computing resources will be highly distributed, they will need to be interconnected with enterprise-level applications and high-speed connections to ensure real-time tracking and analysis of the large amounts of data, workflows, and transactions they create. 5G networks will also provide cloud computing capabilities and IT service environments for application developers and content providers at the edge of mobile networks to create new services. However, these open, hyper-connected edge networks will also have a serious impact on the management of devices, data, applications, and workflows, and how they connect to traditional and cloud-based networks.
• IoT devices will be used to track other devices and users, monitor inventory, collect user and device information, and with high-speed connections, they can provide real-time data that can impact the development of applications, management and coordination of smart cities.

Examples of 5G and IoT

For example, enhanced communication services in connected cars will go far beyond the set of interactions that already exist in in-car IoT devices such as brakes, environmental monitors, GPS, and even entertainment systems. Real-time connections between drivers and businesses enable financial transactions such as paying for fuel, ordering food at a drive-through restaurant, or paying tolls. Infrastructure-based IoT communications will enhance traffic management and enable features such as autonomous highway driving.

Likewise, there are significant implications for healthcare and the medical Internet of Things. 5G speeds will enable real-time data transmission, supporting remote surgery, tracking of other connected medical devices (including wearable medical IoT), and analysis of tests and scans by remote professionals. These advances will not only allow patients to access the best doctors in the world, but will also extend medical care to remote areas where medical resources are scarce.

Security implications for 5G and IoT

These new connected environments also have serious consequences for security. The biggest challenge is the exponential growth of cyberattacks due to the rapid expansion of IoT devices and edge-based computing, followed by the fact that these devices are not necessarily connected to a central network and are not convenient for centralized management. With billions of IoT devices interconnected in a mesh edge environment, any device can become the weakest link in the security chain and put the entire enterprise at risk. To meet this challenge, we need to think about some fundamental changes in how networks and security are approached.

• You need to focus on edge-to-edge security, from the IoT edge to the core enterprise network, to branch offices and multiple public clouds. And you need to identify everything related to the enterprise ecosystem, assess its criticality and confirm its status. Then, all access requests to network resources need to be authenticated.
• Security must also support resilient edge-to-edge hybrid systems, combining proven traditional strategies with new approaches. While network segmentation is a proven technology to control network security risks and protect sensitive resources, old strategies may not be suitable for the 5G world. New segmentation strategies need to manage local and remote resources. When implementing 5G networks and public cloud services, IT teams need to evaluate how to manage multiple complex systems.
• A comprehensive security architecture needs to be developed that deeply integrates security technologies into sharing threat intelligence, correlating event data, and supporting automated incident response. Machine learning, artificial intelligence, and automation will be key to accelerating security decision-making, thereby reducing cyberattacks.
• Interoperability between different security tools will also require the establishment of new open 5G security standards, cross-vendor APIs, and tools that can centrally manage security events and orchestrate security policies.

Although these are just a few of the security risks brought about by the adoption and deployment of 5G networks, this is the beginning of a new era of networks. Security also needs to address the following scenarios:

• Automating network application lifecycle management requires security tools to not only be high-performance, but also highly adaptive to ensure continuous innovation. It also requires organizations to transition from a DevOps model to a DevSecOps model to ensure that security is directly integrated into the development strategy.
• Support for cloud-optimized, distributed network applications requires security that moves seamlessly between different network ecosystems without losing track of workflows or removing security capabilities.
• Digital transformation will generate a large amount of new data, much of which will be encrypted. Encrypted data currently accounts for more than 70% of network traffic. This percentage will only continue to grow as encryption technology is used to protect data transmitted in open network environments. Therefore, high-performance security tools are needed in IoT and other edge devices that can inspect encrypted communications at high speed and scale.
• New strategies, such as network slicing, will enable organizations to more efficiently use resources moving across massive data environments. This will also require segmentation and edge-based micro-segmentation to protect critical resources while isolating them from open and less secure environments.

Where to Start

Many organizations clearly underestimate the potential impact of the 5G revolution and the role it will play in the next round of the digital economy. However, there are several things organizations can do now to prepare. The most effective way is to transition traditional, isolated point defense products to an integrated, automated and open security fabric using open APIs and common standards. This approach also requires combining single-pane management and control with security technology that can be applied across multiple environments such as traditional networks, SD-WAN, multi-cloud, highly mobile endpoints and IoT devices for consistent visibility and control.