What CIOs need to know about 5G cybersecurity

As the transition towards 5G looms, get prepared for a host of new cyberthreats.
21 October 2020

The introduction of the next cellular technology is upon us. Fifth-generation wireless technology — or 5G — builds upon existing telecommunication infrastructure to improve bandwidth capabilities and reduce network-generated delays.

While the total evolution to 5G will take years, benefits will include faster download speeds, decreased latency, and increased network capacity. That said, there are always potential pitfalls when it comes to the introduction of new technologies. Recent surveys have already suggested an overwhelming majority believe that 5G will bring new cybersecurity risks.

There are several areas necessary to consider as companies gear up for the 5G revolution, and not implementing proper cybersecurity protection against these risks could be a costly mistake.

5G security

# 1 | Corporate traffic

A fundamental shift in how corporate traffic is secured will materialize with the emergence of 5G-enabled laptops and 5G hotspot capabilities on phones. As 5G represents the shift from hardware-based centralized switching to software-defined digital routing, a reliance on distributed digital networks opens a myriad of new cybersecurity risks for a growing number of traffic routing points. The increase in exposure to more attacks will also come from a distinct lack of visibility that IT security teams are accustomed to having on their networks.

Ahead of 5G implementation, it’s vital to formulate an updated security posture to assess what aspects of the network will be most impacted. A zero-trust approach to network architecture and access will be a sure-fire way to harden identity and access management policies.

# 2 | Increased IoT

An elevated security risk will come partly due to the sheer amount of vectors through which hackers can attack. While 5G technology is set to enable a huge number of connected devices, a growing number of Internet of Things (IoT)-enabled devices could leave a host of connected machinery vulnerable. As many new devices are manufactured with poor security standards with an un-managed network, it will be difficult to update these devices, thus leaving them vulnerable to attack.

For any new IoT device deployments, be sure to revise any patching and mitigation strategies for devices at the network edge. By ensuring all devices are fully patched and have the current firmware, apps, and operating systems, systems are better prepared.

# 3 | Infrastructure instability

With the switch to virtualized software instead of the use of physical appliances to perform higher-level network functions, software vulnerabilities now come to the fore as networks themselves are managed by software that can be vulnerable.

It’s vital to move security infrastructure to the cloud where network elasticity is built-in. Solutions that leverage machine learning will also help security teams keep up with potential new attacks with increased speed and activity on the network. Good cybersecurity awareness for employees is also crucial for dealing with new security threats emerging with 5G.

# 4 | DDoS risks

Due to its network architecture, 5G will exacerbate the impact of failures on core infrastructures. 5G’s shared infrastructure ultimately has the potential for mass failure across multiple networks. With the increased amount of devices to control, together with the increased amount of bandwidth to exploit, attacks from hackers have far more potential to be debilitating.

To reduce the effects of DDoS attacks, it is critical to decentralize management solutions, while ensuring SaaS providers have the right credentials to protect against high-level DDoS and traditional attacks.

As society becomes increasingly digitalized, 5G has the potential to transform and innovate new solutions, products, and services. To fully realize its benefits, however, an acute understanding of its cybersecurity dangers and how to prevent them is required. If the potential for hackers to exploit isn’t stemmed accordingly, enterprises could end up playing catch up with runaway cybercriminals.