5G cybersecurity: fusing automation with the human factor

What’s the difference between 5G and 4G? Simple: one is quicker than the other. It’s much more challenging, however, to answer the real question: what does this mean for organizations? Leaders must know the answer if they want to protect their businesses in the new threat landscape.

So, before we look at tackling cybersecurity in the 5G era, let’s take a step back and consider why this network upgrade changes everything.

Navigating the new threat landscape

5G calls for significant changes in the uses of computing power and how apps are constructed. Once upon a time, an endpoint was typically a single PC terminal connected to a mainframe that took on all the computing. Entry points were easier to identify and secure.

With 5G, the possible number of devices connected to the network is substantially higher, and so the volume of endpoints increases exponentially, forming what is called the internet of things (IoT). Research by Statista estimates that the total number of connected devices worldwide is set to triple from 8.7 billion in 2020 to 24.4 billion in 2030. It will no longer be necessary for the computing to be done within these new devices, which will shift to Edge networks, where much of the intelligence will be held. Unfortunately, new tides of data mean more entry points for cyberattacks.

The federated nature of 5G infrastructure adds complexity to the security landscape that even leaves security professionals scratching their heads. A key question we must understand is: who is responsible for user security? First and foremost, responsibility lies with the endpoint provider – producers of 5G-enabled devices such as smartphones or cars, for instance. Take a truck, which, manufactured today and in the near future, has 50% of its parts connected to the internet. Failure to secure any one of these parts against potential cyberattacks could seriously affect the safety of the driver and create related risks for the organization.

Although their responsibility is smaller than the endpoint provider’s, telcos must also ensure that their core network is protected as more traffic flows through their networks.

And finally, a degree of responsibility is shared with the user too, especially where sensitive data is involved.

No choice but to automate

If this all sounds unmanageable, that’s because it is. At least by humans, who are the weakest link in 5G cybersecurity. Why? Because multiplied scale and interconnectivity make traditional security measures, such as encrypting a laptop with a hard disk, almost redundant.

Vulnerability managers, confronted with a vast multiplication of assets that require scanning at pace, won’t be able to find enough hours in a day to do so. For this reason, there must be a high level of automation in cybersecurity programs. The quicker organizations and security professionals understand this, the sooner they’ll be able to adapt to and succeed in the 5G connected world.

Employing the human factor

But we cannot remove humans from the cybersecurity equation completely, and many people are understandably concerned about leaving security in the hands of automated systems. One example is when the endpoint is a machine in an intensive care unit with responsibility for someone’s life. In such cases, some level of human input will always be required.

It is, of course, essential that we also have humans who truly understand the new tools, and it may not surprise you that there’s a battle going on to recruit them. In 2013, there were 1.5 million unfilled cybersecurity jobs, whereas today, there’s an estimated 3.5 million. The lack of skilled professionals is a problem that’s clearly not going away anytime soon. Whether it’s 5G or quantum computing, every new technology requires two kinds of specialists: one group with a deep knowledge of the overarching concept and another with deep knowledge of specific security considerations.

This critical combination of factors has serious implications for the type of provider that wishes to deliver good-enough services to meet new requirements. Clients generally enjoy the intimacy of local security services and, until now, may have relied upon smaller firms or in-house personnel.

With 5G, this will no longer suffice. To ensure end-to-end collaboration to effectively manage complexity, firms need an organization with global capabilities.

Keeping pace with the new threat landscape can – and will – feel like an impossible task if you don’t act quickly. 5G offers extraordinary opportunities to level up an organization but seizing them requires robust protection that fuses the power of automation with the all-important human factor.

Contact Capgemini today to find out how our network of global Cyber Defense Centers can help your organization embrace this.