The world's communications network operators are facing an increasing number of collective challenges as they evolve their networks and businesses towards a 5G world and the issue of security is not only one of the most important but also one of the toughest challenges.
That's primarily because the nature of communications networks is going to change. We've heard for years about how operators need to move on from a "perimeter fence" mentality when it comes to security (not least because there are so many threats inside each operator…) but the shift towards 5G is only going to accentuate that as millions of end points are added to make the Internet of Things (IoT) becomes a reality and as network elements take on a software rather than physical presence.
Luckily, some industry experts have been thinking about these challenges for years and have sound advice to offer.
One such expert is Ben Azvine, the Global Head of Security Research & Innovation at BT Group in the UK. Azvine has been at the heart of BT's shift towards a network security strategy that combines AI tools, which collect and then help visualize cybersecurity threats, and skilled human operatives, who deal with the threats using their experience and know-how. That's because the AI tools are great at filtering and analyzing data, but not so good at deciding what to do next, which is where the human touch comes in.
That approach has proven successful for BT Security, which protects the UK operator's networks and helps provide security services to enterprise users.
Now Azvine has turned his attention to 5G and he has some interesting advice to share with other network operators. "Don't think you can protect everything by building a hard shell," he warns. That's old-school thinking that's focused purely on the prevention of security breaches. Instead, "think of yourself as an avocado, rather than a coconut with a hard shell," he told a keynote audience at the recent Broadband World Forum event in Berlin.
The avocado has a hard center and softer surround: The hard center represents what's really important, really critical to a business and that's what should be focused on in terms of prevention and protection. But the rest of the "avocado" isn't just left open to attack, of course, and this is where AI tools, analytics and new security processes come into play to detect and even predict cybersecurity attacks. In addition, there should be much greater focus on what happens once an attack has happened or been predicted: Response times need to be in hours or even minutes, not days.
So… think avocado, not coconut.
And it's not all about artificial intelligence: that's just one piece of the puzzle. AI systems are great at interpreting data but not good at understanding it – this is where the human element comes into play.
The avocado approach to security (or something very similar) is going to become increasingly vital to consider as 5G strategies are adopted. That's because the evolution to 5G – which, in effect, is just another way of saying "next-generation networking" – includes a much greater adoption of software-based, virtualized elements and functions, which makes a network a much more flexible and a "network border" impossible to identify at any time, hence why the coconut approach is redundant.
And with 5G, of course, comes the impact of the billions of IoT connections, which are likely to not only test the signaling and bandwidth capabilities of communications networks (a signaling storm can be created by just 500 malicious IoT devices) but also pose a massive headache for network security teams. According to forecasts made by the team that compiles the Ericsson Mobility Report, there will be more than 18 billion IoT devices worldwide by 2022, of which 1.5 billion will have cellular connections. This offers a great opportunity for mobile network operators but also accentuates the security challenges: This is where the benefits of intelligent analytics and machine learning, to help predict potential cybersecurity threats, will come to the fore.
So new security architectures and processes need to be considered right now, as part of the 5G and IoT strategies that are being put into action in the next couple of years. And just like network and service assurance, so often ignored or forgotten about until after a new network build or service launch, a coordinated, next-generation security strategy must be identified and communicated now, not after the fact. Resource needs, including skilled human resources, must be identified without delay.
And there are some emerging technology options that operators should consider, blockchain being a primary example. While still widely associated with cryptocurrencies, the distributed ledger technology is now being tested for multiple applications within communications networking and services environments, with IoT security, fraud management and identity management among its potential uses. Blockchain offers an enticing combination of inherent trust (it can determine if an IoT sensor is what it "says" it is) and automation that, when combined with intelligent analytics and edge computing, could help make 5G security far more manageable than it might currently seem.
It's very early days for blockchain, and there's a lot of work to be done on its scalability and operating cost implications, but it's an option that should be explored for anyone tasked with formulating a 5G security strategy.
Consider it part of the avocado approach to 5G security.
- Ray Le Maistre, Editor-in-Chief, Light Reading