5G, Security, IoT & ROI: Some Assembly & Automation Required

The current 5G commercialization wave has already moved the needle in terms of providing 5G users with access to new services. While this is only the beginning, communications service providers (CSPs) must still validate the business models when rolling out new services to ensure they deliver a positive cash flow. For example, CSPs must validate the models for Internet of Things (IoT) services running over 5G networks. These services will undoubtedly become a staple of the services landscape, given the broad range of applications possible. From narrowband basic monitoring and tracking services to high-band, ultra-low-latency services, including autonomous vehicles, the revenue opportunities are diverse.

However, one characteristic that is common to all IoT services is the need to ensure that devices and the data they generate are protected from threat vectors. As a result, CSPs are adding IoT security services to their already expanding portfolio of cloud-based managed security services.

A modeling tool for IoT security services
In order to assist CSPs with their rollout of IoT security services, Heavy Reading, in collaboration with Radware, developed a modeling tool designed to quantify the financial and return on investment (ROI) fundamentals of IoT security services. Due to the diverse range of IoT services noted above, the model was designed with the greatest level of flexibility possible. It utilized several distinct modules to estimate IoT device penetration and traffic generation. The model also estimated operational costs, including general sales and administrative/marketing, as well as the capital equipment essential to support service launch.

Once it was finalized, Heavy Reading modeled a number of IoT-based scenarios, including narrowband IoT services (NB-IoT). NB-IoT is a very interesting case, given many of the devices are expected to enter the marketplace with little if any embedded security capabilities, making them vulnerable out of the gate. In addition, these devices will typically generate less data traffic, which has data usage pricing model implications.

Slightly revenue positive
Despite this, as shown in Figure 1 below, NB-IoT can be slightly revenue positive ($3.5 million by year 5) at the right market entry threshold. This case assumes $0.15 per Mbit/s traffic for support of managed IoT security services augmented with a $0.10 one-time onboarding charge. To achieve these numbers, a minimum base of 2 million NB-IoT devices is required with a services penetration rate of 26% of total devices by year 5.

Figure 1: NB-IoT Usage/Onboarding Pricing Model Source: Heavy Reading

Although revenue positive, the revenue generated by NB-IoT security services is modest. This confirms that while NB-IoT security services will be a critical component of protecting the cloud, the business model will demand a significant base of NB-IoT devices and an extremely efficient network implementation.

Automation and end-to-end managed security solutions
Heavy Reading also believes automation will play a key role efficiency wise in assisting with the creation of a revenue-positive services model. For example, if we take the same model and assumed a 50% savings in network monitoring-related opex due to implementing automated process, the net cash flow increases by about 36% per year, a significant impact in a thin margin business.

In looking at the model scenario outputs, another key finding stood out. Specifically, since 5G delivers a new disaggregated services-based architecture, it will be important to consider any managed security service on a more holistic end-to-end level.

What is required is the ability to assemble and onboard software security enforcement points at any point in the networks both on the control and user plane to most effectively block threat vectors. This is not a simple feat, but as Heavy Reading documented in a recent Light Reading webinar where we presented the model and some of the scenarios, we are already seeing the technology mature. It is now possible to start to roll out managed security solutions to support NB-IoT before the massive wave of commercial and subscriber devices reach the market.

For more information on this topic, watch the archived webinar here.

This content is sponsored by Radware.

— Jim Hodges, Chief Analyst, Heavy Reading