AT&T Cybersecurity Insights™ Report: Security at the Speed of 5G

November 11, 2019 | Theresa Lanowitz

While some enterprises appear to be getting an early jump on the security implications of 5G, many are struggling with the implications to the business and the changing security model.  This is based on a survey AT&T Cybersecurity conducted with 451 Research of 704 cybersecurity professionals in North America, India, Australia and UK in August - September 2019. Participating organizations spanned 13 industry verticals and each had more than 500 employees.

Here are excerpts from those surveyed in the AT&T Cybersecurity Insights on their progress in making security changes required by 5G:

Timeframe to implement security changes

graphic of time to implement

5G is more than an increase in speed – it’s not a “faster 4G". It provides new features such as network slicing, which allows for isolated domains for traffic. 5G service providers can assign slices to users with customizable quality of service and bandwidth.

Sporting innovative built-in security measures, 5G can allow for stronger over-the-air encryption, subscriber identity protection and reduced risk of eavesdropping.

At AT&T, we believe that 5G will encourage a shared security model akin to the public cloud. The beauty of this is it shifts some security functions to the 5G service provider, freeing up enterprises from some concerns. The anticipated shared security model of 5G does require security pros to think differently, which will take time. However, in the end the shifting of some security functions to the 5G service provider may provide great benefits for enterprises.

With the large number of devices associated with 5G, authentication and identity need to be considered in the scope of security, similar to the public cloud. The 5G service provider can help confirm device identity as well, because the network will know a device’s physical location. In a way, the 5G service provider uses the network itself as a security tool.

Introducing 5G networking impacts many technical areas, but also provides an opportunity and motivation to modernize security approaches. Software Defined Network (SDN) and virtualization technologies should be considered by enterprises preparing for 5G due to its sheer scale. In parallel, security should be virtualized and automated.

From the survey we learned the top security concerns cited were due to the increased attack surface. Have a look at what companies had to say:

Top 3 security concerns

graphic of top 3 security concerns

Conclusion

5G has the potential to bring significantly more devices onto the network, expanding the attack surfaces and increasing the possibility of new threats. Security organizations relying on manual security approaches likely will have a hard time keeping up. Security that is dynamic and automated will be able to quickly and effectively address the new security threats of 5G networks, and virtualization can help provide flexibility to respond to unknown future threats. 

The research in this report reveals that organizations should do more to prepare their cybersecurity practices for 5G. Preparations that should be made include security virtualization, automation, and SDN, enhanced measures for identity and authentication, and planning for a shared security model. Be proactive and improve your security posture now, while 5G is still in its early stages of deployment and adoption.

Read the whole report.

Theresa Lanowitz

About the Author: Theresa Lanowitz

Theresa Lanowitz is a proven global influencer and speaks around the world on trends and emerging technology poised to help today’s IT organizations flourish. Theresa is currently the head of evangelism and communications at AT&T Cybersecurity. In 2006, Theresa founded industry analyst firm voke, to highlight emerging technologies and the benefits of adoption ahead of legacy analyst firms. Theresa has been a trusted advisor to some of the most innovative and influential companies and executives in the world. At voke, Theresa was the go-to collaborative analyst for software vendors focused on delivering transformational products, establishing new categories, and making a business case for technology adoption. From 1999 through 2006, Theresa was an industry analyst with Gartner. Theresa spearheaded the application quality ecosystem, championed application security technology, and created the successful Application Development conference. At Borland International Software, Theresa shipped the iconic Java integrated development environment, JBuilder. While at Sun Microsystems, Theresa worked on the Jini project – a precursor to IoT (Internet of Things). Theresa led strategic marketing and creation of early and futuristic use cases for Jini to highlight a world connected by devices. Theresa’s professional career began with McDonnell Douglas where she was a software developer on the C-17 military transport plane and held a US Department of Defense Top Secret security clearance. Theresa holds a Bachelor of Science in Computer Science from the University of Pittsburgh, Pittsburgh Pennsylvania.

Read more posts from Theresa Lanowitz ›

TAGS: 5g

‹ BACK TO ALL BLOGS

Get the latest security news in your inbox.

Subscribe via Email

Watch a Demo ›
Get Price Free Trial