Researchers Say Businesses Aren’t Ready for 5G Roll-Out
Researchers have published a new report showing that the vast majority of organisations aren’t close to ready in terms of their cybersecurity readiness for the roll-out of the new 5G network.
The paper, published by AT&T is known as the Cybersecurity Insights Report: Security at the Speed of 5G analysed data from 704 cybersecurity professionals from organisations across the globe- all with more than 500 employees. The paper found that enterprises are lagging in terms of their security capabilities with the new network, and are failing to capitalise on the new-found opportunities of automated security that are enabled by a 5G network.
The study found that nearly all respondents are expected to make 5G-related changes to their security policies within the next five years, but a mere 16% of this figure have begun preparations for the deployment of a 5G network. When asked what their preparations were focussed on, 44% said planning for the larger attack surface implicit in 5G technology was a key priority, with 39% adding that preparing for a greater number of devices accessing the network was also a concern. 36% said there was a need to extend their security policy to the expanding internet-of-things, with more connected devices, and 33% said they need investment in the authentication of a larger number and variety of devices.
Just 29% of the respondents said that they were planning to implement security virtualization and orchestration during the next five years. “A degree of reticence was also detected when it came to the planned adoption of a shared security model that would enable certain functions to be shifted to carriers,” the report states.
“Most of the transitions in networking have been about faster speeds or increased capacity. 5G introduces more complex networking and is being delivered with virtualization in mind,” the researchers stated.
“The latter appears to be a crucial gap in the way enterprises are preparing for 5G, as enterprises will need to take advantage of virtualization to make the network nimbler and more responsive, with the ability to provide just-in-time services. Many enterprises are not considering this as a possibility, according to our data.”
According to Sarah Coble’s report, “with 5G, the size of the cyber-attack surface expands, creating more opportunities for bad actors to strike. Despite this, researchers found that enterprises did not appear to have fully considered how to boost their vulnerability management programs (both patching and mitigation) for devices at the edge, which may carry vulnerabilities that go unnoticed and unpatched.”
In addition to this, just 33% of the enterprises that took part in the survey had already implemented two-factor authentication, with an additional 7% stating that they are planning on implementing it in the near future.
The report cites a quote from AT&T spokesperson who added that, “to better realize how large (and vulnerable) the attack surface becomes with 5G, consider that 274 petabytes of data are currently crossing AT&T’s network each day, and with 5G this number is expected to increase by 10x.”