The security challenges of next-generation communications networks
As the global IT ecosystem changes dramatically in the near future, due in large part to the spread of 5G networks and IPv6, new opportunities will emerge for operators as well as their customers. Operators will be able to deliver cutting-edge new services that support futuristic endeavors such as VR/AR, smart cars, robotics, smart cities and drones as well as other things previously seen only in science fiction. With 5G and IPv6, the demand for and availability of these and other services will grow rapidly.
5G networks have been looming on the horizon for several years, but it seems that the industry is finally breaking through, with widespread deployment expected in the next two to three years. Some operators are already claiming to be 5G-enabled, although in many cases they are referring to a more advanced version of LTE. But whether their next-generation networks are 5G-enabled or 5G-ready, which we’ll see in the near future, operators must ensure that they do not forget about security issues.
While innovative 5G use cases may still seem opportunistic and futuristic, now is the time for IT managers, security managers and their staff to learn about cybersecurity issues and prepare themselves for what’s coming.
Security challenges for telcos
With the seemingly endless number of IoT-related endpoints—sensors in healthcare and traffic applications, automobile telematics units, drones, smart home devices and other use cases that form the basis of smart cities, all enabled by IPv6—security is paramount. Billions of new devices, connected through 5G, will generate mountains of data to be analysed and secured. Generally, there are three types of data that must be protected.
- Customer data – The data flowing into and out of devices needs to be secure to protect the privacy of subscribers and the integrity of the information itself. In the case of IoT endpoints such as sensors, data could be moving constantly from one point to another very rapidly. All of this data must be kept safe from prying eyes and those who would undermine its integrity.
- Transaction data – With the onset of 5G, we’ll start seeing much more activity in the network core and increased requirements for securing those resources, including commerce transactions.
- Network data – Preventing breaches to the network at the core, where most services will reside, should be among the top concerns for operators and their security professionals.
These needs become even more complicated with 5G-supported network slicing, which enables the creation of simultaneous mini-networks that operate under different sets of security and service requirements.
This ability to invoke a 5G instance for a specific period of time, in a specific place, will make security an even higher priority and that much more of a challenge for operators, who will be the ones tasked with securing these various data types.
Operators and security professionals will have to resolve any issues, which will require significant levels of knowledge and proficiency around security. In fact, most operators will not be able to go it alone when it comes to overcoming the security hurdles of 5G and other changes in communications networks. Rather, they will need to work with trusted partners with the expertise and experience to ensure data integrity, customer privacy and compliance.
Netcracker enhanced security plan
Netcracker works closely with our customers to ensure subscriber and other data is secure within the confines of the operator’s network as well as when data traverses public or private clouds. Our enhanced security plan is designed to secure sensitive data, as well as the software and services used to store, and process that data.
We predicate our strategy on a shared model of responsibility, which includes:
- Sound IT and security architecture, including a full set of security tools and controls.
- A dedicated security organisation to support continuous diagnostics and monitoring of operator networks and data.
- Support for established security protocols and standards.
- Strong focus on personal data security and privacy.
- Auditing and assurance mechanisms.
While having these program elements and a strong framework is essential to working with operators as they roll out next-generation networks, vendors must also have the solid experience and knowledge to back it up.
We incorporate the principles of the shared model of responsibility and align our solutions and services with industry security frameworks and standards in order to bring the highest levels of assurance to customers. This approach is designed to ensure the confidentiality, integrity and availability of our own data and our customers’ data and systems, mitigating the risks brought about by the fast-evolving threats of cybercriminals, hackers and other forms of intrusion and disruption.
Security should be an integral part of an operator’s plan for 5G networks and services. But to be successful, operators will need to team up with a vendor that’s serious about security and has been delivering a strong solution to its customers as they move into the world of 5G and beyond.
The authors are Samuel S. Visner, security director, and Scott Sykes, senior director, Global Security Organisation, Netcracker Technology
About the authors
Scott Sykes is the senior director of Global Security Organisation at Netcracker Technology, in Boston, and a former Board Member of the Virginia Cyber Security Partnership, in Richmond, VA. He previously served as chief information security officer at Tata Communications International, in Herndon, VA, and director of Internet Marketing for Genworth Financial and director of IT strategy at Capital One Financial Services, both in Richmond, VA.
Samuel Visner is the director of the National Cybersecurity Federally Funded Research and Development Centre (MITRE), sponsored by the National Institute of Science and Technology. He also serves as the security director for Netcracker Technology Corporation and as a member of the Cyber Council of the Intelligence and National Security Alliance and the Cyber Committee of the Armed Forces Communications and Electronics Association. Sam is also a member of the Council on Foreign Relations, the Atlantic Council and the Intelligence Community Studies Board, sponsored by the National Academy of Science and serving the Office of the director of National Intelligence.