& cplSiteName &

Evolving the Mobile Security Architecture Toward 5G

Patrick Donegan
2/24/2017
100%
0%

The announcement at RSA 2017 of the Cyber Threat Alliance (CTA) -- a non-profit trade association formed by several leading security vendors for sharing cyber threat intelligence -- is timely. It reminds us how much threat intelligence matters. And it reminds us that for large organizations with complex security requirements, such as communications service providers (CSPs), the scope and scale of their security capabilities is increasingly important.

In the mobile network sector, smartphones haven't inflicted attack impacts on the scale inflicted by PCs, servers and workstations. But the momentum in mobile threats is building. Android's vulnerabilities are well known. And with commercial malware discovered in the App Store for the first time in 2015, and a zero-day exploit uncovered in iOS in 2016, even the iPhone's famed security barriers have been found wanting.

As discussed in a new white paper, "Evolving the Mobile Security Architecture Toward 5G," 5G will be the first generation of cellular to launch in an era when the Internet is routinely weaponized. In addition to extending the 2G, 3G and 4G security framework, 5G will generate new security requirements. Think of security within and between different network slices; the threat posed by end devices capable of supporting throughput of up to 100 Mbit/s; and the security controls needed around remote medical procedures.

Operators are heavily reliant on implementing security from within the network. And here, the generally slow pace of network transformation by CSPs compares poorly with the much faster pace of Webscale Internet companies (WICs).

While there are several exceptions among the industry's leaders, most operators haven't made enough progress on virtualizing their networks. As supported by new data in the latest edition of Heavy Reading's Future of Virtualization Indexes -- see "Network Virtualization: The Road Gets Longer" -- most virtual network functions (VNFs) have been implemented in isolation from one another, with very little in the way of infrastructure sharing, automation or orchestration.

From a security standpoint, this matters a lot. Yes, the WICs have a tendency to outpace the CSPs in technology innovation. But so does the attacker community. In addition to being needed for revenue generation and opex reduction in general, the automated network scalability and agility of SDN and NFV are also needed to respond to the threat environment. Network security applications delivered more dynamically and at scale needs to be a primary driver of a more software-programmable approach -- not just an afterthought.

The telecom industry is arriving at a consensus that 5G requires a fully featured NFV Infrastructure (NFVI). The piecemeal virtualization model therefore runs out of road at the 5G inflection point. Given this emerging consensus, operators need to start evolving their networks now in a compatible direction. In that sense, 5G is injecting welcome momentum into software programmability, which can be leveraged to drive a more robust, fit-for-purpose mobile network security architecture as well.

Even as recently as the launch of 4G in 2009, the threat actors lined up against network operators and their customers posed nothing like the risk they posed today. Equally, the type of security artillery needed to protect against those threats has changed in just the last three or four years.

The sharing of threat intelligence by major security vendors in the Cyber Threat Alliance, as previously mentioned, is just one example of how the threat defense landscape is changing. Others include:

  • More software-programmable access controls for allowing differentiated access privileges for employees and partners with respect to corporate applications;

  • Leveraging of anomaly detection, so that malware that has evaded detection by conventional perimeter controls can be identified by its behavior within the network, including by deviations from the norm of a file’s own unique, historical behavior in the network.

  • Intense monitoring, pooling and analysis of DNS-related activity, given how frequently and lethally it is used as an attack vector (including the attacks on Dyn and Deutsche Telekom at the end of last year, leveraging the Mirai botnet).

  • The type of high-end cybersecurity personnel that operators need to design, implement and operate network security are in very short supply.

Convention dictates that operators build out all of their own security infrastructure. Yet changes in the threat and defensive landscapes in upcoming 5G standards, and in cloud networking capabilities, suggest that operators should pause to consider whether self-build is necessarily the right model for the future.

Operators need to reflect on how their own achievements to date compare with state-of-the-art levels of automation and orchestration in the cloud. They need to consider whether their own security resources, supported by multiple third-party security vendors, will be powerful enough to meet emerging security challenges.

Among the options that need to be considered is whether the uniquely critical area of security is one that operators should consider buying in outright from security specialists, by way of an infrastructure-as-a-service (IaaS) model.

IaaS is typically no more controversial to the IT side of an operator's business than it is in the case of any other enterprise. But run IaaS past the network side of the house, and it certainly is controversial. Other than outsourcing backhaul or transport networks to third parties, there isn't much of a precedent for it. However, technology, and technology business models, are evolving rapidly now. The nature of evolving mobile security requirements demands a willingness to think outside the box.

You can learn more about this topic by reading the new white paper, "Evolving the Mobile Security Architecture Toward 5G."

— Patrick Donegan, Contributing Analyst, Heavy Reading

This blog is sponsored by Cisco Systems.

(0)  | 
Comment  | 
Print  | 
Newest First  |  Oldest First  |  Threaded View        ADD A COMMENT
More Blogs from Heavy Lifting Analyst Notes
The Gfast rollout, which has been stalled while network operators conduct trials and chipset vendors develop new Amendment 3 chipsets, is set to start in 2018 with a ramp-up in 2019.
NFV is shifting from a technology focus to operations, as CSPs say too much effort has been spent on VNF onboarding and too little on the reality of operations.
The converged fiber access market is set to grow again, especially as copper lines continue to deteriorate.
The most recent Thought Leadership Council (TLC) survey finds that opportunities abound for 5G vendors as only 15% of TLC service providers have chosen their vendors for the 5G market.
The ability of artificial intelligence (AI) to carry out complex analysis on high volumes of data very quickly could help automate many telco security activities. But is it smart to cut humans out of the loop?
Featured Video
From The Founder
Light Reading founder Steve Saunders grills Cisco's Roland Acra on how he's bringing automation to life inside the data center.
Flash Poll
Upcoming Live Events
March 20-22, 2018, Denver Marriott Tech Center
March 22, 2018, Denver, Colorado | Denver Marriott Tech Center
March 28, 2018, Kansas City Convention Center
April 4, 2018, The Westin Dallas Downtown, Dallas
April 9, 2018, Las Vegas Convention Center
May 14-16, 2018, Austin Convention Center
September 25-27, 2018, Denver, Colorado
October 23, 2018, Georgia World Congress Centre, Atlanta, GA
November 8, 2018, The Montcalm by Marble Arch, London
November 15, 2018, The Westin Times Square, New York
December 4-6, 2018, Lisbon, Portugal
All Upcoming Live Events
Hot Topics
Trump Says Foxconn Will Make iPhones in US
Dan Jones, Mobile Editor, 1/15/2018
Net Neutrality Moves Are as Futile as Trump's Comb-Over
Iain Morris, News Editor, 1/18/2018
Huawei, ZTE Face US Federal Ban
Iain Morris, News Editor, 1/15/2018
Analyst: Verizon's Fixed 5G Is a Loss Leader for Mobile
Dan Jones, Mobile Editor, 1/16/2018
Ericsson Lurches to $1.8B Write-Down
Iain Morris, News Editor, 1/16/2018
Animals with Phones
Live Digital Audio

A CSP's digital transformation involves so much more than technology. Crucial – and often most challenging – is the cultural transformation that goes along with it. As Sigma's Chief Technology Officer, Catherine Michel has extensive experience with technology as she leads the company's entire product portfolio and strategy. But she's also no stranger to merging technology and culture, having taken a company — Tribold — from inception to acquisition (by Sigma in 2013), and she continues to advise service providers on how to drive their own transformations. This impressive female leader and vocal advocate for other women in the industry will join Women in Comms for a live radio show to discuss all things digital transformation, including the cultural transformation that goes along with it.

Like Us on Facebook
Twitter Feed