Capgemini and addressing the challenges of 5G security

Speaking with Aarthi Krishna, Global Head of Intelligent Industry Security at Capgemini, Mobile Magazine looks at the challenges posed by 5G security

In both public and private sectors, 5G networks have gained tremendous interest. With the potential of faster speeds and reduced latency, businesses seeking to harness its potential also look ahead to the opportunities that will come with 6G. But as Aarthi Krishna, Global Head of Intelligent Industry Security at Capgemini explains, security of 5G networks is still a top concern, especially as the European Commission recently announced plans to crack down on the major security risks posed by 5G and high-risk vendors (HRVs). 

Krishna is calling for organisations to be prepared to safeguard their network infrastructure from potential cyberattacks as 5G expands across industries - whether that be by being alert to the current threat landscape, understanding the challenges of securing 5G networks or realising how they can develop and deploy new security measures in response.

What potential threats does 5G technology bring?

The digital ecosystem is witnessing an influx of millions of newly connected devices thanks to the proliferation of IoT, largely facilitated by advanced connectivity technology such as 5G. While 5G delivers higher speeds, capacity and availability, it also increases the attack surface significantly, with our research finding that as many as 70% of industrial organisations view the management of cybersecurity as a key challenge associated with 5G implementations.

Organisations are now having to take active measures to safeguard their networks and we are already seeing this come into action with a majority of businesses investing 5-10% of their IT budgets towards securing 5G networks. While this is encouraging, increased spending must also come with diligent planning. It’s crucial for organisations to remain knowledgeable about the range of security issues in 5G, what solutions are available and which technologies are best suited to meet their specific requirements and risk appetite to safeguard their business interests.

What are the security challenges of 5G networks?

5G networks offer greater flexibility and adaptability as they benefit from multiple deployment architectures. They can be either fully public, leveraging public infrastructures, fully private and be deployed within an organisations’ campus, or can have a hybrid model with a combination of both. 

Security challenges in 5G typically pertain to the complexity of such implementations with an increased attack surface due to the number of devices and the amount of data that must be protected. Additionally, 5G leverages virtualised and cloud technology heavily that inherits many of the challenges in the IT and cloud ecosystems. Operationally, monitoring 5G networks requires specific capabilities different from those used for IT and OT networks, as existing monitoring tools cannot be easily adapted to fit cellular environments. 

Securing 5G networks starts with a comprehensive risk assessment. Such an assessment provides an in-depth and full understanding of people, processes, and technology risks. Following the assessment, necessary security controls must be deployed in both the horizontal stack that extends from the end user device to the radio, core networks and to the cloud, as well as the vertical stack that extends from the chip up to the applications in a device. 

Organisations can also adopt private 5G networks with edge computing to support with data security and privacy. Edge computing puts the computing resources closer to the end-point devices, such as IoT, as opposed to in a data centre. This reduces the attack surface as these devices terminate their connections locally at the edge and security controls can be augmented on the link that connects the edge to the outside. Such an approach could also reduce the risk of data interception during transit, a key factor driving the adoption of 5G-based edge computing for 45% of organisations. Edge computing further enables businesses to comply more strictly with jurisdictional data regulations and data sovereignty laws by allowing data to be processed closer to its source.

How does zero trust enhance 5G security?

As with everything, 5G networks must also take a zero-trust approach. Such an approach assumes that an attacker may already be present within the network meaning that a constant cycle of validation is in motion to prevent further infiltration and lateral movements. A zero-trust architecture (ZTA) is required to ensure that every access request to a resource (that may be data, a device, an application, a process or a service) in a network is verified and explicitly allowed for. 

The 3rd Generation Partnership Project (3GPP) 5G standards group have drawn up security specifications that align well with ZTA principles. Guidance and requirements for securing users and devices with digital identities, securing all signalling and data communication, and provision for decision making based on ‘trust scores’ are included in the specifications. A robust 5G security architecture must be able to take these guidance and requirements into consideration, tailor them to meet an organisation’s risks and priorities while keeping it in agreement with existing and well adopted standards. 

Ultimately, the potential of 5G and 6G hinges on our ability to create secure use cases. By cultivating a security-focused mindset that extends beyond IT perimeters to connectivity networks, organisations can proactively safeguard their businesses from emerging 5G threats. 

Aarthi Krishna is the global head of intelligent industry security at Capgemini, where her role involves building Capgemini’s global cyber practice and tackling end-to-end security challenges for the intelligent industry. With expertise in 5G, advanced connectivity, operational technology (OT), product technology (PT/IoT) and trusted software, she provides consulting and managed services for industries like automotive and healthcare, among others.

******

For more insights into the world of Mobile - check out the latest edition of Mobile Magazine and be sure to follow us on LinkedIn & Twitter.

Other magazines that may be of interest - Data Centre Magazine.

Please also check out our upcoming event - Cloud and 5G LIVE on October 11 and 12 2023.

******

BizClik is a global provider of B2B digital media platforms that cover Executive Communities for CEOs, CFOs, CMOs, Sustainability leaders, Procurement & Supply Chain leaders, Technology & AI leaders, Cyber leaders, FinTech & InsurTech leaders as well as covering industries such as Manufacturing, Mining, Energy, EV, Construction, Healthcare and Food.

BizClik – based in London, Dubai, and New York – offers services such as content creation, advertising & sponsorship solutions, webinars & events.

Share

Featured Articles

MEF: Shaping the Future of Mobile Telecoms with AI

We speak with Nick Millward, Board Member and Consultant at the Mobile Ecosystem Forum, about how AI could change the future of the telecoms sector

Samsung is #1 in Customer Satisfaction for 5G Mobile

Samsung and Batteries Plus celebrate their commitment to exceptional customer care and mobile device quality

Qualcomm & Aramco team up for Mobile Connectivity & IoT

Qualcomm and Aramco have joined forces to revolutionise mobile connectivity and IoT in Saudi Arabia, as they pioneer 5G and AI

T-Mobile in 5G First with PGA Championship

5G & IOT

Microsoft Plans Mobile-Game Store, Vying With Apple & Google

Media & Entertainment

Colt Technology Services: Embracing Future Connectivity

Technology & AI