Private 5G is becoming a critical asset for enterprises as it addresses common challenges across industries. Omdia’s latest research, in collaboration with Trend Micro and his CTOne, surveyed 150 organizations and 150 service providers on their 5G networks and their strategies to ensure their security. In our research, the main reasons organizations cite for deploying 5G are to achieve faster operation speeds, handle more connected devices, and reduce operating costs.
Compared to previous mobile protocols, 5G offers improved communication speeds. Focus on security — and organizations are eager to profit from this. That said, there remains awareness and education to distinguish the limitations of 5G’s “security by design” approach and when an organization needs to implement additional security on its 5G network. Omdia’sBeyond safety by default” This white paper, sponsored by Trend Micro and CTOne, details what businesses need to know about enterprise private 5G security, including best practices:
Understand 5G network security limitations
One of the important aspects to consider when implementing private 5G network Organizations may expect secure networks by default, but they still have a lot of work to do. As for the network itself, there are a number of enhancements compared to what previous cellular networks could offer, primarily in authentication, access control, and encryption. However, this does not mean that 5G networks are “just secure.” Scaling enterprise-grade security requires additional consideration across people, processes, and technology. This is especially true when considering new endpoints such as IoT devices or mission-critical requirements. Omdia research shows that many organizations are aware of these additional requirements. Organizational leaders most often selected security visibility, risk management controls, and streamlining alerts as their top requirements.
Determination of responsibility
It is clear that 5G networks have a common responsibility, but this is not the same for all organizations. 5G networks can be deployed in a variety of ways, as shown in the diagram below. Regardless of the deployment model, companies will likely work with a service provider or system integrator at some point along the way, including planning, implementation, and operations.
Source: Omdia
Therefore, it is important that each organization understands and establishes clear responsibilities throughout these stages. Our research shows that most enterprises expect to manage the planning, deployment, and operations of 5G private network cores, IoT devices, and data networks, and manage radio access networks (RANs) and multiple networks. You will rely on your service provider or supplier for this. – Access edge computing (MEC) elements. This will vary on a case-by-case basis, but it shows that security solutions need to take this shared responsibility into account. While a company may not be directly responsible for securing her RAN and her MEC, as in this example, it still needs to ensure that its partners are providing secure products and services. there is.
Considering new integrated security measures
When asked how enterprise 5G network security will integrate with existing security measures, most organizations (60%) say new measures are needed and need to be fully integrated with existing tools and services. I think there is. Integration is key here, as the complexity of 5G already poses significant challenges for organizations from a management and skills perspective, leaving room for misconfigurations and underutilized technology, and cybersecurity. This is because it may become a hindrance.
Other survey respondents expect to implement new 5G security measures separately (15%) or address 5G security with existing tools and services (25%). In some cases, existing tools and services such as web application firewalls, workload protection, and endpoint detection and response can be applied to 5G networks. Many principles of IT security also impact the communications technology side, and existing service providers may be able to support organizations across these technologies. However, 5G will require special features such as the need for greater visibility into all aspects of cellular networks, the amount of connected devices and their security management, threats related to Subscriber Identity Modules (SIMs), etc. There are some subtleties that require careful attention. , air interface vulnerabilities, or even physical tampering with her RAN equipment.
Think about the landscape as a whole
Organizations must be prepared to accurately understand 5G networks and other technologies, especially OT and IoT, which are likely to intersect. This means extending visibility and monitoring across IT, communications technology (CT), devices, infrastructure, and networks, and applying proactive protection, detection, and response.
The Internet of Things is a good example here. The number of these devices connected to the network is likely to be even higher, with 61% of organizations saying they are deploying 5G as the number of connected IoT devices increases. . These devices are typically not hardened and often have security vulnerabilities. Organizations need to consider not only the device itself, but also communications, data, applications, and more. Organizations need visibility into these devices and their actions, and the ability to enforce granular policies on mobile devices. Although devices authenticate to the network, organizations must consider who is using the device, the processes on the device, and how data is flowing. Our research highlights the complexity and importance of tools and technologies that can visualize this environment and its connected devices, given that many organizations plan to deploy 5G across multiple sites. I am.
