The Importance of Securing Sensitive Data in a 5G World
The pace of change within communications networks is happening at speeds not seen since the shift from circuit-switched networks to IP began a couple of decades ago. Today, we are in the midst of the next major transformation to hit communications networks: the evolution to a new, 5G- and IPv6-enabled global IT infrastructure.
While many operators around the world are already claiming to offer 5G services, and vendors are getting ready to roll out the latest handsets and other devices to take advantage of the speed and unique new services that will be possible with these new networks, it will be anywhere from another year to several years before we truly see 5G become ubiquitous. In any case, the onrush of adoption is likely to be swift, and the cybersecurity solutions necessary to operate in this new environment must be prepared now.
As the global IT ecosystem changes dramatically in the next few years, there will exist tremendous opportunities for operators as well as their customers. Operators will be able to deliver cutting-edge new services that support futuristic endeavors such as VR/AR, smart cars, robotics, smart cities, and drones, and other things previously seen only in science-fiction. With the advent of 5G, demand for these and other services by consumers will grow faster than we can imagine.
But even if true, global 5G will be incremented over the next few years, it’s not too early to start thinking about one of the major issues that arises in discussions around 5G-enabled and 5G-ready networks: cybersecurity.
Once 5G, and by extension its enabling services and technologies – such as IoT, IPv6, and M2M – permeates the communications landscape, operators will need to face, understand, and overcome a whole new set of security challenges that will be more complex than anything that’s come before.
Secure the Endpoints, Secure the Data
The number of 5G-enabled devices is expected to grow rapidly, and when one factors in the seemingly endless number of IoT-related end points – sensors in healthcare and traffic applications, automobile telematics units, drones, devices in a smart home, and other use cases that form the basis of smart cities – the need for security becomes critical at multiple levels.
- Customer data – The data flowing into and out of devices needs to be secure to protect the privacy of subscribers and the integrity of the information itself. In the case of IoT end points such as sensors, data could be constantly moving from one point to another very rapidly and all of that needs to be kept safe from prying eyes and those who would undermine its integrity.
- Transaction data – With the onset of 5G, we’ll start seeing much more activity in the network core and increased requirements for securing those resources, including commerce transactions.
- Network data – Preventing breaches to the network at the core, where most services will reside, is also top of the list of concerns for operators.
All of this becomes even more complex when one considers that 5G will enable network slicing, the ability to create multiple simultaneous mini networks that operate under different sets of security and service requirements. This ability to turn up quickly a 5G instance for a specific period of time, in a specific place, will make security an even higher priority and that much more of a challenge for operators, who will be the ones tasked with securing these various data types.
Their customers will inevitably turn to them in the event of a problem, and operators will be tasked with resolving any issues, which will require significant levels of knowledge and proficiency around security issues. For these reasons, most operators will not be able to go it alone when it comes to overcoming the security hurdles of 5G and other shifts in communications networks. Rather, they will need to work with trusted partners that have the expertise, track record, and experience to ensure data integrity, customer privacy and compliance with any mandates or orders.
Keys to a Secure Network
Given the burden being placed on operators regarding network and IT security within the advanced communications networks of today and the future, they will have to rely heavily on their vendors and suppliers to provide the highest levels of assurance and risk mitigation across next-generation networks. A shared model of responsibility will be required, one that unites customers and operators in pursuit of effective 5G cybersecurity.
This shared model can include:
- A dedicated security organization to support continuous monitoring of operator networks and data;
- Support for established security protocols and standards;
- Strong focus on personal data security and privacy, including identifying and protecting sensitive information;
- Auditing and assurance mechanisms to provide customers the best possible security infrastructure for the vendor’s products, solutions and services.
Having these policies and framework in place is critical for vendors working with operators as they roll out next-generation networks, but in addition there needs to be the solid experience and knowledge to back it up.
An Enhanced Security Plan
Operators need to ensure subscriber and other data is secure within the confines of their network as well as when data traverses public or private clouds. By implementing a strategy operators can protect sensitive data, as well as the software and services used to store and process that data and to apply it to their needs.
This strategy would incorporate the principles of the shared model of responsibility outlined above and go further through alignment with industry security frameworks and standards in order to bring the highest levels of assurance to customers.
This includes providing industry leading secure services and solutions designed to ensure the confidentiality, integrity and availability of our own data and our customers’ data and systems, against the fast-evolving threats of cyber criminals, hackers and other forms of intrusion and disruption.