Trend Micro conducted a survey on private wireless network security in collaboration with 451 Research, part of S&P Global Market Intelligence, in four countries (Germany, the U.K, Spain, and the U.S.) across the manufacturing, electricity, oil and gas, and healthcare industries. We have introduced this survey’s findings on the expectations for private 5G security and the current awareness of private 5G security implementation.
This time, we will consider the security direction required for future implementation of private 5G, with changes in the technology surrounding private 5G as the key.
Responding to technology trends surrounding 5G
With the introduction of the 5G SA (Stand Alone) method for operating a 5G base station independently by an independent 5G core network, 5G will finally be able to simultaneously support three different requirements: enhanced mobile broadband or “eMBB” (high speed and large capacity), ultra-reliable and low-latency communication or "URLLC" (ultra-high reliability and low latency), and massive machine type communication or "mMTC" (ultra-mass terminal).
5G's new requirements will provide new market opportunities such as utilisation in Industrial IoT. However, to realise this flexibly at lower cost, we need to overcome the barriers of non-interconnection in the current telecom network caused by each vendor's unique product architecture and its operation. To overcome these problems, the openness of wireless networks is being discussed and considered, and one of the representative activities is O-RAN ALLIANCE.
Our survey found many respondents appreciate the openness of the new 5G implementation. Just under half (49%) of respondents said they needed to comply with open standards like O-RAN, followed by 24% who prioritised compliance with open standards. (Figure 1)
Figure 1
Q: How important is network openness to you? Supporting open interfaces and efforts like the O-RAN alliance?
Base: n = 408 Source: 451 Research custom study
In order to fully demonstrate the characteristics of 5G, there is a growing movement to adopt cloud-native architecture for networks and virtualise network technologies. In the survey, two thirds of the respondents wanted a full (37%) or partial (28%) cloud-based private network. (Figure 2)
Figure 2
Q: Are you or do you expect to use cloud-based capabilities in your private network? Network cloudification?
Base: n = 408 Source: 451 Research custom study
Coexistence of technology evolution and cybersecurity
Openness expands business opportunities, but there are always major security challenges. Many of us will remember the Apache Log4j vulnerability that occurred at the end of 2021.
The use of open source is also promoted in O-RAN ALLIANCE mentioned above, but the biggest security issue of open source is the issue of vulnerabilities.
This isn't limited to open source, but it's an industry-wide challenge to inspect code and maintain secure management that is created through many stakeholders in a community.
For companies to utilise open source more safely, it is necessary to perform its security check at the top level, continuously monitor and manage the system, and update Threat Intelligence regarding open source.
When using a cloud environment to realise a more flexible and intelligent network, we usually entrust the operation of some or all of the equipment to a partner. In that case, it is desirable to adopt a shared responsibility model for security as well.
Many enterprises are promoting the use of private wireless networks.
Introducing these new technologies should not be limited to confirming functional requirements such as 5G performance and system operation at the PoC stage.
We strongly recommend that you perform PoCs for security operations that are integrated with enterprise-wide security.
To read the executive summary of this survey, visit: https://resources.trendmicro.com/IoT-5G-Networks-Report.html
Methodology
his report was commissioned by Trend Micro and leverages data from a survey conducted in the U.S., Germany, the U.K, and Spain. The survey consisted of about 400 respondents from the mentioned countries with job titles of director and above, across the manufacturing, power supply, oil and gas, and healthcare industries.
Sample titles of respondents include:
– VP/director of IT operations/CIO
– Director of IT, network operations/network architect/datacenter infrastructure and planning, network planning, 5G strategy planning, network virtualisation, edge computing/MEC strategy and other equivalent roles.
We queried decision-makers who are aware of their company’s private 5G wireless networking strategy and implementation plans, deployment plans and security concerns.
Trend Micro provides industry-specific security solutions that include IT, OT, and CT (Communication Technology) represented by Private 5G.
https://www.trendmicro.com/en_us/business/solutions/iot/ics-ot.html
Trend Micro 5G Security for Enterprises
https://www.trendmicro.com/en_us/business/solutions/iot/enterprise-5g-iot.html