- Businesses are leveraging 5G, which requires a new cybersecurity approach.
- Experts at the RSA conference shared insights on securing 5G devices and networks.
- This article is part of “.5G and Connectivity Handbook” is a series that explores some of the most important technological innovations of our time.
More and more businesses are leveraging 5G connectivity through 5G mobile devices and Internet of Things technologies. This means we need to evolve our way of thinking about cybersecurity.
Business Insider spoke with several cybersecurity experts at the annual RSA conference, held May 6-9 in San Francisco. They shared advice on how businesses can improve their cybersecurity as they move into the 5G era.
“5G should be seen as a proactive alternative to WiFi for offices, factories, job sites, and campuses,” said Nathan Howe, group vice president of innovation at Zscaler. “This will require some serious rethinking, but once you get past the initial shock in terms of differences, the benefits are huge. Private 5G networks will change the way we all connect.”
Overall, experts say businesses need to think about cybersecurity from the beginning.
“It's much cheaper to think about cybersecurity when you're building something than it is to think about cybersecurity when it's already built,” said Andrea, co-founder and chief product officer at Nozomi Networks.・Mr. Carcano says.
Here are cybersecurity experts' best practices for securing 5G devices and networks.
Inspect and secure your 5G devices
Many customers are still trying to figure out how to fully take advantage of 5G. More and more organizations are purchasing and managing their own private 5G infrastructure.
If you do this, you should conduct a thorough security assessment, test the quality of the IoT products you use, and follow the manufacturer's guidelines on how to ensure their products are secure, said Akamai's chief security officer. Boaz Gerbaud said.
Additionally, experts say businesses must understand what is connected to the 5G networks they use, hold vendors accountable for security, ensure software and hardware are updated, and He said the vulnerability needed to be fixed.
Use a zero trust approach
Several experts pointed to the use of a zero trust approach. This means that systems should never trust anything that enters the network and should validate every device, request, and user. This includes security controls that control which users can access the network and which systems on the network can communicate with each other.
“Zero trust really goes hand in hand with 5G,” said Donna Johnson, chief marketing officer at Cradlepoint. “Even as the attack surface expands, the potential impact of an attack narrows. You can overcome that. ”
As part of this approach, enterprises need visibility into 5G network traffic and continuous validation and monitoring of endpoint devices on those networks. Because as more devices are connected to his 5G network, the attack surface grows.
“From an attacker's perspective, the more things that are connected, the more goldmine there is to attack,” said Christine Gadsby, vice president of product security at BlackBerry.
Darren Guccione, CEO and co-founder of Keeper Security, said it's also important to have strong enforcement layers in place, such as enforcement policies and control over which devices are allowed to access the network.
“We're making sure the right people have access to very specific systems based on their role, on the right device, at the right time, in the right place,” Guccione said. Masu.
As more IoT devices become available, there will be more ways to communicate on 5G networks. Businesses should use tools to check if rogue devices are on their 5G network.
“5G includes IoT, so there will be a lot of communication monitoring issues,” said Megha Kalshi, partner at AlixPartners. “As an industry, we also need to find ways to use 5G to monitor some of our communications.”
Analyze the risk
Finally, companies need to analyze their risks, the services they use, and how much data is exposed. You need to consider potential points of entry for hackers and how to mitigate issues as you transition to 5G.
This is critical given the wide gap between the speed at which bad actors can exploit vulnerabilities and the speed at which organizations can patch them.
Jimmy Mesta, co-founder and chief technology officer of RAD Security, said companies need to “go beyond best practices.” You need to monitor for anomalies, validate your workload, and properly configure the products you use. With the increasing use of generative artificial intelligence in cybersecurity, some tasks can be automated.
Increased use of 5G will require an update to security practices. “Many of today's standard practices will not work,” Carcano says. “That is the main risk. Someone will use 5G technology and try to apply old-fashioned methodologies to perform cybersecurity. But 5G changes boundaries, expands, and potentially all It will work even better in a zero trust network when you are at risk.”
