5G has arrived. And with it, the possibilities of ultra-high reliability, enhanced bandwidth, low latency, high positioning precision, and native support for machine communications. However, 5G also brings with it a new set of security challenges, stemming from its limited built-in security, its open nature, and ubiquitous adoption in the enterprise. As 5G is poised to become an integral part of IT, OT, and all vertical infrastructures, organizations need to position themselves with more than adequate security to cover their entire 5G implementation.
As our digital world continues to evolve and expand, so does digital attack surface innovation. Organizations that embrace digital innovation to remain relevant in their space tend to adopt multiple digital innovations to cover a plethora of services with a patchwork of apps and tools. However, when they introduce new technologies and devices into the network, they inadvertently grow the attack surface, posing new cybersecurity risks.
And integrating 5G is no different; it’s another example of a challenge digital innovation can pose to organizations that don’t have a comprehensive security platform in place designed to expand and adapt to change. Advancements in 5G will fundamentally alter the enterprise and network performance in turn. Network demand will increase, and so will the complexity of the network, and 5G will require security at the edge for all devices and applications.
Businesses that don’t proactively implement a comprehensive 5G security strategy to meet these changes before they occur run the risk of compromising endpoints and users, encountering latency and bandwidth issues, and ultimately losing customers and revenue. It’s therefore critical that unified 5G security and networking, or security-driven networking approach, is in place to protect against threats and securely increase network capabilities.
In looking ahead, it seems clear that a private or hybrid 5G network will be the dominant form of 5G enterprise consumption. Recent studies show that enterprises considering 5G would rather use nonpublic, or private, 5G networks. One of the reasons is control; another is that large enterprises are wary of network slicing within public 5G networks, because of the potential security risks. And many organizations assume that a private network will keep them safe, but that’s not necessarily the case. Increased Industrial Internet of Things (IIoT) exposure, physical mobility of people and devices on the network, and the interplay between the enterprise, mobile network operators (MNOs), IoT manufacturers, and operational technology (OT) vendors and suppliers all contribute to 5G security challenges, whether the network is private or not.
Bringing compute and data storage as close to the user as possible—at the edge where the data is collected and processed—speeds response times and saves bandwidth. It also enables organizations to scale their hybrid and multi-cloud infrastructures and increase their compute capabilities faster and at less cost. Edge compute also allows for better data collection and analysis in order to make adjustments quickly for better customer experiences. You can see how 5G is an integral part of edge compute, enhancing each aspect of its benefits.
However, edge computing can also add complexity to an organization’s security framework if implemented incorrectly. Because, as more endpoints are added to the network, to support the remote workforce, for example, the threat landscape becomes larger, splintered, harder to manage and maintain. And far too often, an organization will deploy edge-based compute without considering the security implications.
An effective solution needs to be part of a cohesive 5G security strategy that encompasses all networks, endpoints, devices, people, and edges—a system that can operate seamlessly in any environment, with modular security elements that can automatically correlate information, dynamically share intelligence, and swiftly participate in coordinated responses. This approach can substantially mitigate vendor sprawl, and provide the network visibility and collaboration needed to empower even the most basic cybersecurity. Organizations and service providers alike need to ensure that the performance and availability that 5G requires can be provided by their security solutions. These solutions must also be part of a unified security framework, not separate, isolated tools that can cause additional issues related to configuration, orchestration, and threat response.
5G security is an evolving technology that will require organizations to rethink and adjust their security platforms to meet the performance that it promises. Most legacy security solutions are just not fast enough or adaptive enough to protect the whole of 5G against cyberattacks, while also supporting performance and digital innovation. A broad, integrated, comprehensive network security platform can cover security at the speed that 5G security requires.
Subscribe to Fortinet's Cybersecurity Podcast and join Fortinet’s top experts as they discuss today’s most important cybersecurity topics.