5G Cybersecurity

Adopting 5G as Your Private Mobile Network? Now, Think Security.

This is the second article in a two-part series on private mobile networks. Part one is about knowing your acronyms

The next industrial revolution, aka Industry 4.0, is on the horizon. Enterprises across a wide range of industries are already on it, including manufacturing, utilities, energy, mining and transportation systems. 5G technology is a key driver. And private mobile networks in particular promise more robust connectivity, acceleration of Internet of Things (IoT), as well as greater operational and financial efficiencies. This has many executives salivating.

But it has CISOs and other cybersecurity professionals worried. And for good reason, too.

That’s because as more data is captured on more mobile devices and shared over networks, the number of potential vulnerabilities expands. Meanwhile, cyberattacks grow more innovative, automated and “defense-aware.” That puts added pressure on organizations to further harden their rapidly expanding private mobile network infrastructure.

Whatever technology is used to build and run your private mobile networks—4G/LTE or 5G—your journey to pervasive mobility is guaranteed to be a wild ride. There will be exciting benefits in performance, reliability and connections. But there also will be anxiety, when security professionals try to secure all those new mobile endpoints along the private mobile network.

It is cybersecurity readiness and preparation—more than concerns about spectrum availability, rollout timeframes and consistent latency—that has the greatest potential to shape the deployment and operation of next-generation private mobile networks.

The Brookings Institute summed it up nicely: “The adage ‘what’s everyone’s business is nobody’s business’ has never been more appropriate—and dangerous—than in the quest for 5G cybersecurity.” And make no mistake, the race to make next-generation private mobile networks the foundation of enterprise communications is well underway.

“The Fourth Industrial Revolution encompassing industrial IoT and smart manufacturing is upon us, and enterprises seeking digital transformation are moving rapidly in embracing private mobile networks,” said Lakshmi Kandadai, director of product marketing at Palo Alto Networks. “A big reason why is that private mobile networks are becoming available globally, either through mobile operators or independently through a do-it-yourself approach using dedicated enterprise spectrum allocated by governments.”

Why Build a Private Mobile Network?

Research indicates that spending on private mobile networks built on LTE and 5G technologies will balloon from $4.7 billion by the end of 2020 to nearly $8 billion by 2023. That growth will undoubtedly be spurred by a range of both communications and industrial IoT use cases.

We’re not just talking about traditional high-rise offices and carpeted environments, either. Unique and potentially groundbreaking private LTE networks have been rolled out by such global players as heavy equipment manufacturer Komatsu and Canadian mining giant Agnico Eagle.

Industries seeking to fulfill machine-critical needs find adopting a private 5G network attractive for  its speed, reliable connectivity and high performance. Add to those another key quality: 5G’s ability to support connection density at massive scale. That means industrial-scale IoT, spanning applications from robotic manufacturing lines to industrial sensor networks.

But as exciting as IoT is in driving increased economic value and access to real-time data, it also brings substantial cybersecurity risks. Those will surely materialize as 5G-based private mobile networks are deployed.

Cybersecurity implications must be top of mind for all organizations deploying private mobile networks. This is particularly the case when enterprises opt to build their own private mobile networks, according to Kandadai.

“The emerging network architectures using private mobile technology vastly impact the network security postures for all industries,” she said. “Do these enterprises have the critical expertise skill sets and technology necessary to detect, protect and remediate against a surge of volume and variety of cyberthreats?”

Proliferating threats such as ransomware and spear-phishing campaigns have already become more innovative in design and execution. This is especially true in IoT environments because of smart devices’ limitations on memory, CPU and bandwidth to host security modules.

“Cybersecurity becomes more important than ever to de-risk private network investments,” Kandadai said. “That puts a lot of pressure on network and security architects both inside enterprises and at operator and system integrators.”

Security Questions to Ask

Here are a few questions you and other business leaders should be prepared to ask when your CTO presents to the board their plans for 5G technology and private mobile networks:

  • How will we approach cybersecurity with our new network infrastructure, especially with emerging private mobile networks?
  • Do we have visibility into network traffic traversing private mobile networks for consistent security enforcement across the enterprise?
  • What steps are we taking to properly secure all the new connections accommodated by private 5G networks?
  • How will mission-critical applications be properly secured on cellular-based private networks?

5G technology—and whatever comes next—offers a lot of exciting potential to help your organization derive greater economic value from the data and services carried on your private mobile networks. Just don’t let it all be for naught by failing to apply the right cybersecurity strategy.

Mike Perkowski is an award-winning journalist who has written extensively about a wide range of technology topics for IT professionals, security experts and business leaders.

share: