A key component in Australia’s digital transformation is 5G, which can form the basis for intelligent, ‘human-critical’ networks that combine high data-rate, instantaneous communications with low-latency network performance and massive connectivity. This will power new applications for everything by applying the Internet of Things (IoT). With the emergence of new norm viz. social containment, IoT and 5G will certainly become the cynosure for modernization.
Where is Australia’s cybersecurity currently at?
The more we depend on networks, the more we need to ensure they are protected. The next generation of networks will therefore need to be more secure than any that has come before. Instead of being applied to network services after the fact, security will need to be built in from the start – with the entire network acting as one giant, unified sensor to keep infrastructure and services safe. The mantra is Design for Security (DfSec).
This also means that attacks on 5G security infrastructure may carry more serious consequences. Currently, Australia scores highly on its preparedness for cyberattacks, with its high index score of 0.82 in the Global Cybersecurity Index. Despite this, there are still concerns; 2019 saw nearly 1,000 data breaches reported throughout the year, with malicious or criminal attacks being the leading cause of the breaches.
In the 5G era, cybercrime will move from computers to mobiles, IoT and devices – meaning all new devices that connect into an operator’s network will present new vulnerability points. With the number of devices growing exponentially manual mitigation/prevention techniques will become unwieldy, there is a need to bring in extreme automation into the threat detection and mitigation.
Security must keep up with network services
With 5G, there will be more networks doing increasingly complex things and delivering new kinds of services. “Slicing” will become the norm: virtualization that allows network resources to be shared with third parties, with guaranteed quality of service (QoS) and isolation. Having end-to-end slices that terminate in private networks will increase the attack surface that service providers need to protect.
Providers also need to fundamentally shift how they think about security. Today’s network services tend not to change once they’ve been designed, and they typically operate in isolation from each other. They are static and siloed, but sliced-based 5G network services will be incredibly dynamic, responding to evolving conditions in real time.
Analytics and automation are vital
Flexible, adaptive, end-to-end security in a 5G scenario requires visibility from the device up through the network and into the cloud. Without the ability to collect, correlate and analyze data from end to end, security threats could easily be missed. With 5G, the entire network becomes a sensor, drawing data from various systems and devices to provide a comprehensive, real-time view for maximum security.
5G security operations also need to be predictive and automated. That means using machine learning, multidimensional analytics and threat intelligence to correlate data from multiple domains and sources, catch anomalies, provide contextual intelligence about threats, weigh business risks and recommend (or enact) mitigation steps.
Image: 5G security requires visibility from the device level through the network and into the cloud, covering a wide range of parameters.
Analytics are important because many threats are designed to stay undetected for as long as possible, under the radar of the network security operation centre or hiding in the information noise of minor, relatively harmless attacks. Machine learning and artificial intelligence (AI) can discover these kinds of ‘lurking’ malicious activities and trigger countermeasures.
Embedding security in the network
With 5G, the network will not have conventional boundaries: it will be an open ecosystem in which all kinds of unmanaged third-party devices are connected.
Strong security should be provided within the network to protect data and infrastructure. Integrated security workflow automation and orchestration are key to this, transitioning from static defenses to agile, adaptive, accurate threat responses.
These security capabilities add up to a set of required applications: active monitoring and workflow orchestration, privileged access management and analytics of user behavior, certification and management of digital identities of network entities, machine learning of traffic patterns for threat detection, automated incident responses, and more.
Designing for security
Service providers seeking to monetize new 5G use cases will need end-to-end security performance – at scale, from the edge to the core – to defend against advanced, persistent threats. The new 5G security approach integrates and automates 5G network security by treating the entire network as a sensor.
For that, security must be provided in four key layers:
At the base level, security must be in place for the service network and the cloud infrastructure. Moving up the stack, the entire infrastructure – spanning software, virtual machines, hardware and devices – also needs to be ‘trustable’. Automated security management and orchestration provide frictionless security across these dynamically changing elements, and all sensitive data must be secure, providing access control, privacy and regulatory compliance.
Finally, to proactively detect and respond to security threats, security-related intelligence must be shared across all the parts of the network – among suppliers, partners and customers.
Getting the implementation right
Australia is gearing up for the next industrial phase and understands that cybersecurity will be crucial for its preparations. As part of its 2016 Cybersecurity Strategy, the government invested AU$230M. Yet, with Australian businesses now at risk of losing AU$29 million annually from cybercrime, the government is moving forward with bolstering its strategy this year. This includes calling for views from the country’s stakeholders.
To effectively implement and continue its national cybersecurity strategy, government security teams and network service providers in the 5G era will need to work closely to limit how and where hackers can attack networks and services. By doing so, Australia can reinforce its cybersecurity infrastructure to make it more accurate in determining which threats are real and which can be ignored – while speeding up mitigation when a defensive response is needed.