Pros and Cons of 5G

September 13, 2022 TH Author Trend Micro CISO : Article, Trend Micro CISO : Cloud, Trend Micro CISO : Compliance, Trend Micro CISO : Detection and Response, Trend Micro CISO : Digital Transformation, Trend Micro CISO : Expert Perspective, Trend Micro CISO : Risk Management, Trend Micro CISO : Skills Gap

With the introduction of the 5G Stand Alone (SA) method for operating a 5G base station independently by an independent 5G core network, 5G will finally be able to simultaneously support three different requirements: enhanced mobile broadband (eMBB) (high speed and large capacity), ultra-reliable and low-latency communication (URLLC), and massive machine type communication (mMTC) (ultra-mass terminal).

Pros and Cons of 5G

According to Deloitte Insights, there were 756 private network deployments in enterprises worldwide as of January 2022, a 43% increase from the previous year. As 5G becomes a reality, organizations need to carefully consider the pros and cons of implementing private networks to guide an effective security strategy.

PROS

On-premises coverage: With many organizations using the hybrid cloud, on-premises coverage is critical. Furthermore, it extends coverage to enterprises in remote facilities where public networks don’t exist or indoor coverage is limited.

Speed and low latency: 5G dramatically reduces the time for network devices to respond to commands and reduces latency to less than 5 milliseconds (the ultimate target is 2 milliseconds according to The Third Generation Partnership Project [3GPP]}.

Capacity: With private 5G, you’re no longer competing with other public users for bandwidth. This allows you to simultaneously connect up to 100 times more devices per square kilometer than 4G, removing the need for enterprises to strategize cellular and Wi-Fi as an either/or proposition.

Advanced technologies: Particularly in the manufacturing industry, 5G networks are essential for running collaborative mobile robots, self-driving machines, automatic guided vehicles (AGVs), augmented reality (AR) predictive maintenance, and other smart factory technologies. Private 5G will enable smart factories to implement artificial intelligence (AI) and machine learning (ML) applications quickly without disrupting the production line and supply chain. There is also the potential to build a factory without wires or cable, reducing associated costs and time spent on construction.

Security: Improved security capabilities was the leading motivation of private wireless adoption for respondents in a Trend Micro and 451 Research collaborative survey. Private 5G affords security teams more flexibility to implement zero trust architectures that their own access security policies, prioritize traffic, and ensure data does not leave the network without proper authorization.

CONS

The potential of more robust security capabilities is a pro, but as with all innovative technologies, knowing how to secure it is a challenge. In fact, 48% of operators admitted they didn’t have enough knowledge/tools to deal with a security vulnerability, according to a joint Trend Micro and GSMA Intelligence report. Here are some main security concerns:

Larger attack surface: The sheer number of devices, users, and apps connected to the network expands the attack surface and increases an enterprise’s exposure to threats. 32% of operators in the GSMA report said that an increased attack surface as a key challenge to securing 5G networks.

Greater complexity: Since 5G relies on a diverse set of technologies from many great disciplines, software complexity increases. Very few are purpose-built for the 5G world; they have design limitations and blind spots that new applications and uses will exercise and expose. This means that software that was thought to be stable will reveal security defects, code bugs, and architectural limitations.

Software supply chain: 5G devices are also cause for concern, as chips and other components could be infected by malware. Additionally, management software can be vulnerable to attacks and a breach in any part of the carrier’s or organization’s infrastructure could spread throughout the network.

Data transition: Lack of encryption early in the connection process can be exploited by cybercriminals as it lets them know what devices are connected to the network. It also provides additional details like operating system and device type, enabling malicious actors to carefully plan their attacks.

Managing risk: The first step in a security assessment starts with a risk evaluation. Given the newness of private 5G environments, it’s unsurprising that only 8% of respondents in a 451 Research survey said they will complete their own risk evaluation. The majority (37%) noted they will rely on a partner to provide expertise and complete a risk evaluation. However, the lack of security experts available may leave some organizations involuntarily left to their own devices, leading to undetected cyber risk.

You May Also Like

Aligning the c-suite with cyber risk management

How to Use Zero Trust Security for the Hybrid Cloud

Moore’s Law, Latent Demand, and the Slowing of Cloud Computing