Explore our latest thought leadership, ideas, and insights on the issues that are shaping the future of business and society.
Choose a partner with intimate knowledge of your industry and first-hand experience of defining its future.
Discover our portfolio – constantly evolving to keep pace with the ever-changing needs of our clients.
Become part of a diverse collective of free-thinkers, entrepreneurs and experts – and help us to make a difference.
See our latest news, and stories from across the business, and explore our archives.
We are a global leader in partnering with companies to transform and manage their business by harnessing the power of technology.
Our number one ranked think-tank
Explore our brands
Explore our technology partners
Every tech revolution comes with risks, and 5G is no exception. From IoT applications to the 4G – 5G transition, the scale of 5G usage is opening up an enormous surface area to potential attackers. The promise of high bandwidth + low latency in the coming years is extraordinary, but organizations that are slow to react to these threats are taking a gamble. Fortunately, there are a number of security measures that can substantially reduce these risks. Read on to learn how to keep pace with the security demands of 5G today.
Every promised benefit of 5G brings with it a corresponding risk. The number of connected IoT devices is growing at upwards of 18% per year, on course to pass 14 billion this year. Each new edge-computing device creates new vulnerabilities for bad actors to exploit. The decentralized nature of IoT products makes security measures difficult to implement at scale, while 5G’s greater bandwidth has the potential to fuel new DDoS attacks with the power to overwhelm organizations. And the expansive nature of 5G itself poses new risks. As the number of users increases into the millions and billions and networks expand to accommodate more devices, network visibility plummets. It becomes harder to track and prevent threats, especially against sophisticated attackers. Device vulnerabilities, air interface vulnerabilities, RAN, backhaul, 5G packet core & OAM, and SGI/N6 & external roaming vulnerabilities all need to be re-examined.
There are many services in today’s industries that require various performance measures such as high throughput, low latency, high reliability, etc., which can be achieved by network slicing, which integrates multiple services with customized local networks. In theory, network slicing should raise security – like the bulkheads on a ship, which contain a potential breach to one flood zone. This is the same logic behind IT network segmentation, which is an established best practice. However, just like network segmentation, network slicing alone does not guarantee that threats are contained. Without additional measures, they’re likely to pass seamlessly into the wider system. Network slicing also faces security challenges connected with resource sharing among the slice tenants and slice security coordination, which are fairly straightforward to solve, but do require attention.
Businesses deploying 5G-connected equipment need an up-to-date set of security solutions capable of monitoring and protecting against the new generation of cyber threats. The specifics will vary according to each user, but the backbone of the new strategy may look something like the following:
Security edge protection is the foundation of 5G security, upon which all other strategic considerations rest. The following methods can help secure 5G edge installations:
Zero Trust Architecture (ZTA) eliminates implicit trust by continuously validating a set of actions at every step. Based on perimeter-less security principles, ZTA requires each asset to implement its own security controls. It includes security features such as:
Containers bring the potential benefits of efficiency, agility, and resiliency. Gartner expects that up to 15% of enterprise applications will run in a container environment by 2024, up from less than 5% in 2020. Containers are orchestrated from central control planes which are configurable, used for scaling up and down workloads, collecting logs and metrics, and monitoring security. Containers bring a few unique security risks, but they are solvable.
When containers run in privileged mode or as root, they provide attackers with direct access to the kernel, from which they can escalate their privileges and gain access to sensitive information. It is therefore essential to add role-based access control and limit permissions on deployed containers. It’s easy to run a container in non-root, simply by providing instructions in the docker file. Two more ways to enhance container security are by rejecting pods or containers in privileged mode, or by keeping privileged containers but limiting access to the namespaces.
The complexity of 5G infrastructure requires security applied at multiple levels. Handling complex security such as threat, risk, different devices, scaling etc, is so difficult manually as to be impractical. Additionally, manual operations introduce an element of uncertainty which may in some cases be exploited. There is absolutely a place for human ingenuity. But increasingly the operations level needs to be automated.
What about AI/ML technologies – are they helpful, or just hype? Currently, a bit of both. They already have a role in security, primarily in detecting irregularities. The next step in AI/ML-based security will involve deep learning, through which the system builds its own capabilities through experience – theoretically going so far as to predict threats before they’re deployed. Claims about revolutionary AI protection need to be considered very sceptically, but at the same time the potential for AI to fundamentally alter network security is real. This is a space to watch.
The Capgemini Research Institute recently probed organizations’ preparedness to cyber-attacks and revealed a concerning level of disconnect: 51% of industrial organizations expect cyberattacks on smart factories to increase over the next 12 months, and yet nearly that same number (47%) report that cybersecurity is not a C-level concern. We see the lack of a comprehensive, system-wide approach to security as a serious long-term threat.
It is tempting to describe security breaches as instantaneous, but in fact, an honest examination often reveals vulnerabilities that had been left out in the open for months or years, with no adequate security protection. Security you can rely on starts early, with solid fundamentals across people, process, and technology. It’s not easy, but it’s doable.
We can see the risks that come with 5G. Let’s put a security plan in place now. To learn more about our 5G security capabilities, contact us below.
TelcoInsights is a series of posts about the latest trends and opportunities in the telecommunications industry – powered by a community of global industry experts and thought leaders.
Chhavi is part of the Product Services and Support team at Capgemini Engineering GBL. She focuses on developing DevOps/ DevSecOps and cloud security solutions and delivering them to customers.
Panigrahi Prasad is part of the Product Services and Support team at Capgemini Engineering GBL. Focuses on developing DevOps and Cloud solutions and delivering them to customers.
We respect your privacy
You may accept all cookies, or choose to manage them individually. You can change your settings at any time by clicking Cookie Settings available in the footer of every page.