What to watch with 5G network security

What to watch with 5G network security


This audio is generated automatically. Please let us know if you have any comments.

5G operators and vendors have long claimed that state-of-the-art wireless network architecture offers security enhancements over 4G. However, it also introduces new features and services that extend the threat surface to systems that had not previously touched wireless networks.

Efforts such as the virtualization of radio access networks and the push for open interfaces, which allow operators to integrate a broader set of vendor software and equipment, further complicate risk assessments.

The network architecture also allows operators to offer a network segment through shared physical infrastructure, private networks, and mobile computing.

Three years after the launch of the first 5G networks, the Cyber ​​Security and Infrastructure Security Agency issued a five-step safety assessment to counteract these supply chain threats, vulnerabilities, and concerns that companies and government agencies face.

CISA provided 5G guidelines and configurations that federal agencies should implement to enhance security. It also placed 5G under the risk management framework, a cybersecurity assessment system developed by the National Institute of Standards and Technology.

CISOs, especially those collaborating with government agencies on 5G networks, should consider CISA advice to follow the principles of zero-trust architecture and implement DevSecOps pipelines that integrate infrastructure as code capabilities, Ron said. Westfall, senior analyst and research director at Futurum Research.

“CISOs must comply with CISA guidelines with the same rigor and could stand out by helping U.S. government risk managers identify best security assistance programs and best practice evaluation frameworks.” he said by email.

CISA is effectively setting the bar high by setting 5G security assessments to NIST guidelines and aligning with what are generally considered best practices in any industry.

CISOs should follow them as a basis for their own processes, said Michela Menting, director of research at ABI Research.

The proposal marks the start of a lengthy assessment and response by the U.S. government, and is expected to be continually reviewed as 5G technology advances and introduces new services that pose an additional risk.

“5G is still a nascent technology and common, autonomous deployment is still a few years away,” Menting said. Most 5G networks today are anchored to 4G cores, which puts limits on what carriers can offer.

Autonomous 5G networks, which effectively cut cable with older systems, have not materialized as quickly as expected.

When this happens, 5G operators intend to offer advanced services based on native cloud technologies and software that extend the network infrastructure to private enterprise networks and applications running on the edge.

How the next wave of 5G will be harnessed and deployed is still unclear and this makes security assessment and risk assessment difficult, Menting said. New market players, including hyperscalators, cloud service providers, software and application developers, cybersecurity vendors, resellers, and system integrators are offering products and services in the telecommunications space for the first time. .

“The most prevalent security challenge in 5G infrastructure is the significant expansion of the attack surface relative to pre-5G networks,” Westfall said.

The disaggregation of hardware and software and a larger group of vendors introduces new threats to virtual machines and container service platforms integrated into the 5G network architecture. This includes the 5G core, radio access networks, cutting-edge computing, network cutting, virtualization, and orchestration and management.

Potential threats cited by CISA include vulnerabilities and malicious code or systems throughout the supply chain that may occur during the provision and deployment of software and hardware in 5G networks and services.



Source link

Related post

NEP looks beyond academics to envisage character building in students, says Minister

NEP looks beyond academics to envisage character building in…

It aims to impart moral and ethical values ​​to every learner, says Dharmendra Pradhan It aims to impart moral and ethical…
Emirates News Agency – WGS report addresses how governments can create a more systematic and rigorous approach to skills trainings

Emirates News Agency – WGS report addresses how governments…

DUBAI, 2nd October 2022 (WAM) – A report published by the World Government Summit Organization identifies how today’s employers are failing…
Try one of the easiest Python 3 beginner courses for $40

Try one of the easiest Python 3 beginner courses…

Offer price and availability subject to change after publication. TL;DR: Starting October 2, you can sign up for the Premium Python…

Leave a Reply

Your email address will not be published.