The Flexible Security Model and its Role in 5G

Amit Marwah, Chief Marketing Officer, NokiaAmit has been associated with Nokia for over eight years now prior to which he has held key leadership roles across Lucent Technologies, Motorola, Nokia Siemens Networks and Huawei.

In the era of 5G, flexible security isn’t just going to be a 'nice to have' component of digital service providers’ investment in cloudbased managed security services it will be a business essential. Not only is the security of a service an essential trust building block, it is also a growing business opportunity for digital service providers. That’s because 5G network slicing will enable a company to offer highly tailored services that can help them win the business of a wide range of new customers in a variety of industries. An opportunity to monetize will come by offering different and flexible security levels that match the needs of services delivered. For example, a gaming service network slice does not need the same mission critical level of security that public safety communications do, given their role in life or death scenarios.

What elements should 5G security include?
To protect 5G services and the accelerating growth in connections, service providers need a new approach to security. Essentially, there are four key elements to keep in mind: adaptability, integration, automation and rapid response. Adaptability calls for 5G security to be flexible enough to meet the increasingly sophisticated techniques of cyber attackers, which are often dynamically tweaked in realtime(or near realtime). With this in mind, a company’s defenses must be able to respond at least as quickly as the hackers can attack.

Secondly a cybersecurity platform must integrate all the different security tools and systems in a service provider’s armory all of which generates a huge number and variety
of alarms. As a result, the time it takes to respond and begin the fight back against a hacker will be reduced by having a centralized, single view for orchestrating the entire security environment, supported by data analytics to identify real threats from false alarms.

The longer amount of time a hacker is able to dwell in a network undetected, the more chances they have to hunt around for valuable data to steal

In particular, automation is vital to increase the speed of response and to tackle the growing workload facing security teams such as the amount of incident response time spent on manual processes(i.e. 33 percent). It won’t be a surprise then to know that manual processes simply cannot be scaled up to meet the rise in threats that will inevitably accompany the growth in 5G business.

Keep it Moving
When it comes to rapidity, one of the most important security success factors is reducing the ‘dwell’ time. Dwell time is the length of time a hacker goes undetected, if they’re able to breach first-line security in order to gain access to the network. While an effective firstline defense of firewalls and other measures will stop nearly all hackers before they can even get into a network, a few attacks will inevitably get through, given the amount of times a network deflects attempted breaches around the world. However, with rapid, automated and smart detection response, even these breaches can be tackled to protect customer data. This is tied to dwell time. The longer amount of timea hacker is able to dwell in a network undetected, the more chances they have to hunt around for valuable data to steal. Similar to a home burglary, the longer an intruder is able to sneak around a house before the cops are called, the more likely they are to find hidden valuables such as a safe. The moment a burglar hears a police siren however, they begin to flee or at least are cut short in the amount of items they’re able to snatch. In the same way, once a hacker knows an alarm has been triggered they know their attack time is rapidly coming to an end. From here, even if they keep mining for data, hackers know they ll only be able to leave with so much before they’re caught. Because of this, adaptability analytics machine learning,orchestration and automation act as a secondary line of defense if an attacker is able to breach the first defenses as these technologies working together can cut a hacker's dwell time by as much as 80 percent.

End-to-end 5G security is able to deploy all of these measures, and exploring flexible security options doesn’t need to wait for 5G rollout to begin. Together, these capabilities can help digital service providers to build trust in their customers today and ensure exciting, new 5G services are as secure as possible. In today’s digital world, the more trust a user has in a service, the more likely they are to buy it. At the same time digital service providers are able to monetize their investment in security through the provision of cloud based managed security services.