Every organization has to carve its own unique path to 5G implementation, AT&T said in the 10th edition of its annual Cyber Insight Report focused on 5G network implementation and security.
Because 5G isn’t one-size-fits-all technology, how companies architect 5G will “determine how security is designed,” the carrier's cybersecurity team wrote in introducing 5G and the Journey to the Edge. “Which architecture an organization chooses will depend on the organization’s industry, speed, and latency requirements and how each organization desires to control access to data and applications.”
Here are seven ways organizations can secure a 5G network (via AT&T):
- Recognize that with 5G technology organizations won’t be able to assume that every connected device is safe. Zero Trust principles are a natural fit in the 5G world.
- Implement 5G and edge in a manner unique to the organization. Align the 5G and edge footprint with specific business goals, innovations and industry parameters.
- Learn how cyber criminals that like to attack organizations in the same region and industry and prepare the security team to better respond to those attacks that do end up landing in the environment.
- Prevent introducing intentionally or accidentally compromised devices into the network by validating the security of every connected device.
- Establish baselines of normal behavior and activity for the network and users. Be prepared to contain and respond to anomalies.
- Remember that secure by design is the operating principle. Incorporate secure design principles into the development of 5G use cases.
- Reduce complexity and risk to enhance security. When using service providers for security, look to partner with providers that have a broad platform of capabilities.
“Organizations must be bold, as 5G will ultimately enter the organization in one form or another,” AT&T said in the report. “Network operators have designed 5G with better encryption and network slicing capabilities. But 5G requires a shared security responsibility, much like that in the public cloud. Every organization must keep that in mind.”
