Getting 5G Security Right in the Age of Covid-19


At the start of 2020, everyone in mobile was expecting 5G to launch at a normal pace. Speculation on new handsets, and the anticipation of exciting new IoT applications and wearables, through to mainstream use of AR and VR, was everywhere. And despite the major upheaval in supply of network kit caused by concerns related to Huawei, 5G rollout plans forged on.

But when Mobile World Congress was cancelled, so the new reality dawned. 5G wasn’t going to launch with the big bang we expected. That’s not to say it won’t be happening, but when we still see auctions for spectrum be delayed around the world – in some cases indefinitely – and few 5G handsets on the market, so we must accept a slower start to the 5G era.

Hard Choices

For operators there will be some tough decisions to make. Continue to invest despite the prospect of greatly reduced revenues compared to the business plan they built pre-recession, or plough on, hopeful that the different way of working and living is here to stay for some time, and as a result the consumer interest may actually accelerate in some areas.

For instance, replacing home broadband with 5G could really thrive as a result of the global lockdown. People will review their expenditure and what makes them happy. We’ve already seen the uptake of more subscription models for entertainment, so it follows that consumers will also invest in the technology to make it a slick anywhere experience, untethered to wires.

[You may also like: Will IoT Get Us Through the COVID-19 Pandemic?]

Retailers could play to this new appetite for experience with the launch of AR / VR services enabling consumers to see what the piece of furniture they want to buy looks like in their home or how that new shirt or dress virtually fits before they part with their money.

With business models shifting as a result of lockdown, this could lead to 5G supporting a company’s plans for growth and innovation in a way not conceived before, or certainly not at the scale envisaged.

Strange Bedfellows

Delivering ultra-high bandwidth quickly and reliably, with an ability to scale applications was always, and still is, the challenge with 5G promises. However, it’s created what some might see as strange bedfellows – the likes of Amazon and Azure partnering with the operators. In fact, most recently, Google has partnered with Telefonica in Spain to support digitalization strategies. It all makes perfect sense, given the complementary expertise and partnerships, to sell more 5G applications in a mobile edge cloud very close to the customer.

Yet, at a higher level there are still some pivotal questions to address. Most importantly, will this be a repeat of the 2000s where service providers performed all the heavy lifting in LTE, but ceded all the application value and therefore all the financial value to the Over the Top (OTT) crowd, like Apple and Google?

There could be some tricky conversations about exclusivity and who owns the customer and how the revenue is divided to come. Microsoft Azure, AWS, and Google Cloud can all provide expertise in selling and scaling applications in the cloud. However, the service providers will bring their own expertise in ultra-low latency, wireless, video, voice, and data connectivity.

[You may also like: Forging a 5G Partnership Benefits Both Telcos & Cloud Service Providers]

But I wonder how the squabble over who owns security will go? It’s still one of the biggest unsolved debates. The service providers have built brands on near perfect 99.999 percent reliability. But if the cloud services are managed by the cloud providers, will AWS and Azure provide infrastructure and application security? Will it be the same as or different from the service providers’ security architectures that already exist on the network? Would Vodafone or AT&T have visibility in their SOC (security operations center) to all threats to the multi-access edge computing (MEC) or do they need to pick up the phone and rely on the cloud provider?

Securing the MEC

As I see it the service provider will need to secure the MEC from both a network and application perspective north and south – in and out of the MEC cloud. They have built their brands on trust, security and reliability and therefore will need to control the experience to retain brand value.

On the other hand, cloud service providers will need to provide their own application security on individual applications (perhaps via Openstack or Kubernetes) within the MEC cloud and between applications – an east to west scenario. Doing this in combination will ensure the service provider’s reputation and brand. Service providers can leverage their existing security architectures and best in class technologies to make the MEC security part of their holistic management of the network by the SOC, while collaborating with the cloud providers to prevent any security threat contamination between cloud applications.

[You may also like: Service Providers Keep Pace In Today’s Digitally Charged World]

As a result, the cloud providers will be able to sell the value of security to the end customers, protect from east-west attacks within the cloud, and negotiate a business relationship with the service provider for this incremental revenue on the applications.

All this at a time when trust is becoming a dominant reason for choosing a brand today. Our data and applications, and how they are protected and used, have never been so hotly debated. So, I hope that not only do we see some interesting implementations of 5G come out of the CV-19 crisis but that we also see some carefully planned secure network innovation. Consumer and business confidence rests on it, and so does the success of 5G.

Note: A version of this article originally appeared in Mobile News.

Read “5G & IoT: Real-World Rollouts Launch New Opportunities and Security Threats” to learn more.

Download Now

Mike O'Malley

Mike O’Malley brings 20 years of experience in strategy, product and business development, marketing, M&A and executive management to Radware. Currently, Mr. O’Malley is the Vice President of Carrier Strategy and Business Development for Radware. In this role, he is responsible for leading strategic initiatives for wireless, wireline and cloud service providers. Mr. O’Malley has extensive experience developing innovative products and strategies in technology businesses including security, cloud and wireless. Prior to Radware, Mr. O’Malley held various executive management positions leading growing business units at Tellabs, VASCO and Ericsson. Mr. O’Malley holds a Master of Business Administration degree, a Master of Science in electrical engineering, and a Bachelor of Science in electrical engineering from the University of Illinois. He also is a graduate of the Executive Strategy Programs at the University of Chicago.

Contact Radware Sales

Our experts will answer your questions, assess your needs, and help you understand which products are best for your business.

Already a Customer?

We’re ready to help, whether you need support, additional services, or answers to your questions about our products and solutions.

Locations
Get Answers Now from KnowledgeBase
Get Free Online Product Training
Engage with Radware Technical Support
Join the Radware Customer Program

CyberPedia

An Online Encyclopedia Of Cyberattack and Cybersecurity Terms

CyberPedia
What is WAF?
What is DDoS?
Bot Detection
ARP Spoofing

Get Social

Connect with experts and join the conversation about Radware technologies.

Blog
Security Research Center