Continue reading this on our app for a better experience

Open in App
Floating Button
Home Digitaledge In Focus

Why firefighting to secure enterprise networks is obsolete in 5G era

Rik Ferguson
Rik Ferguson  • 6 min read
Why firefighting to secure enterprise networks is obsolete in 5G era
Effective cybersecurity is especially important for organisations in Southeast Asia, as the region is a hot-spot for cyberattacks. Photo: Pexels
Font Resizer
Share to Whatsapp
Share to Facebook
Share to LinkedIn
Scroll to top
Follow us on Facebook and join our Telegram channel for the latest updates.

All too often, organisational processes and digital architecture are implemented without security as a key consideration. A security incident inevitably happens, and the security team is called to extinguish the fire. With no structural change to address identified gaps in security, the process repeats.

This “firefighting” approach to cybersecurity has been the default operational mode of the security function. Amid the ongoing flight to digital that has transformed Southeast Asia into one of the largest digital markets in the world, how will enterprise security in the future look for organisations in the region, especially with the rise of 5G networks?

The business potential of 5G

Just as 3G networks enabled the advance of the smartphone and 4G streaming services such as Netflix, 5G technologies offer the potential of a scaled-up infrastructure that will drive change in many economies and industries. Competitive advantages that 5G can provide include real-time asset tracking, operational intelligence through a network of connected devices and digital twin infrastructure, autonomous mobile robots, and augmented reality applications.

Offering low latency, high reliability, high mobility, high throughput and high device density, 5G is laying the foundation for the transition to Industry 4.0 even within more “traditional” industries in Southeast Asia, such as manufacturing.

This is central to the growth strategy of Southeast Asia, which focuses heavily on digital transformation. Indeed, the regional number of 5G subscriptions is forecast by Ericsson to reach around 620 million by the end of 2028, becoming the leading technology in terms of subscriptions with a penetration of 48%.

See also: Keys to achieving human-centred automation testing

The ability to connect sensors, actuators, vehicles, traffic management systems, smart city platforms, smart home systems and factory equipment promises a truly immersive interconnected experience. However, one inevitable outcome of this is continued exponential growth in data generation. Consider that 2.5 million terabytes of data is estimated to be generated each day, building up to 150 million terabytes of data requiring analysis by 2025, and extrapolate from there. From a security perspective, therein lies the real challenge.

Great power means greater security responsibilities

Security risks that will arise from greater 5G adoption include an exponentially greater attack surface and migration of intelligence to the network edge. Adopters will also face challenges in the security of the 5G core network, such as encryption, device update management, continuous device integrity monitoring, in-network attacks, low visibility, limited mitigations and an increased attack surface (given more data, more services and more devices).

See also: Human element still important for effective mass communication

Security professionals also need to reconsider accepted best practices in a significant number of areas. For example, the adoption of volatile and software-defined architectures, new subscriber and authentication types for identity and access management in machine-to-machine and massive internet of things environments, as well as increasingly non-data-centre-centric usage patterns.

Furthermore, the software-driven models of 5G mean higher exposure to risks in the underlying software stack, which include protocols, operating systems, hypervisors, apps, containers, application programming interfaces, virtual network functions and shared software libraries. It also presents new opportunities for lateral movement and exploitation.

Adoption of a new protocol stack in 5G using more familiar software architectures — such as transport layer security and IP security — will shorten the vulnerability window for exploits, and the integration of cloud services further broadens the attack surface. These changes have collectively catalysed a shift in the business landscape, having accelerated the adoption of new protocols such as IPv6 to accommodate the growing number of devices, software-defined networks, big data and cloud services to store and process growing data volumes.

Moving ahead, security operations centres (SOCs) across Southeast Asian organisations are likely to increasingly rely on the scale and speed of artificial intelligence (AI) and machine learning (ML). Integration of ML into the SOC of the future is critical not only to cope with the expanded data volumes and attack surfaces, but also to address the region’s considerable cyber-skills gap. For instance, Singapore is facing an estimated talent shortage of up to 3,400 cybersecurity professionals, according to the Cyber Security Agency of Singapore, placing the country’s growth and smart city plans at risk.

Adopting an ML-augmented approach to cybersecurity allows the automation of data collection and correlation across the organisation, event triage, forensic investigation, evidence capture and even mitigation, enhancing efficiency by only surfacing urgent or high-priority events to human decision-makers.

Additionally, the use of AI and network function virtualisation will provide scale and speed of response with an ability to integrate security functions at the carrier level, rather than relying solely on an ability to enforce at every endpoint in this new interconnected world.

Success requires making 5G secure

To stay ahead of the latest tech trends, click here for DigitalEdge Section

It is evident that firefighting as a means of maintaining a secure enterprise is no longer a workable model for the present, let alone the future. No one can deny that even if your firefighting is of the highest calibre, you will systematically end up with fewer trees to burn in the long run.

Organisations looking to improve their security risk posture should incorporate five critical areas of focus in their security planning:

  • Audit. You cannot secure what you cannot see. Visibility is fundamental to effective security. What is connecting to your network, wherever your network is, enterprise, remote, cloud or mobile? Audit assets, access and privileges on a continuous basis.
  • Risk, which should also be continuously assessed. Effective security cannot rely on periodic snapshots of compliance.
  • Context. Timely and accurate security decisions rely on rich context. An event considered in isolation might appear entirely benign, but it can take on an entirely different cast when considered in the context of all other available related data.
  • Enforcement. A security policy without an enforcement capability is no more than a wish list, but enforcement of policies, mitigations and responses must be policy-based, dynamic, real-time and continuous. As soon as the risk level of an asset falls outside of an acceptable range, responses and mitigations should be automated and orchestrated.
  • Trust. Eliminate trust entirely from security decision-making. Threats cannot be eliminated entirely, but adopting a zero-trust approach to security can certainly limit the damage. Assigning additional security checks to devices with a higher risk posture and monitoring real-time connections for changes with zero-trust solutions will be vital, especially with more employees than ever working remotely.

The future of cybersecurity

The digital terrain will continue to evolve, and the firefighting approach to enterprise cybersecurity will be made ineffective, even obsolete, in the age of 5G. Effective cybersecurity is especially important for organisations based in Southeast Asia, as the region is a hot spot for cyberattacks due to its rapid pace of digital transformation.

With digitalisation being central to the region’s growth, it is essential that organisations take the necessary steps to prepare themselves for the proliferation of 5G, and by extension, the security challenges that are part and parcel of the next-generation networks.

In doing so, organisations can not only proactively remediate cyber threats but also address the cybersecurity skills shortage by more effective deployment of the human workforce. As cyber threats become more sophisticated, carrying more severe consequences, security professionals will also have to constantly upgrade their skills to remain relevant, optimising cybersecurity outcomes.

Rik Ferguson is the vice president of security intelligence at Forescout

Highlights

Re test Testing QA Spotlight
1000th issue

Re test Testing QA Spotlight

Get the latest news updates in your mailbox
Never miss out on important financial news and get daily updates today
×
The Edge Singapore
Download The Edge Singapore App
Google playApple store play
Keep updated
Follow our social media
© 2024 The Edge Publishing Pte Ltd. All rights reserved.