Gearing up for the global 5G revolution

By Andy Purdy

Huawei USA’s Chief Security Officer, Andy Purdy, discusses how 5G will shape the future of cybersecurity.

Singapore's first 5G standalone trial network was deployed at Singtel’s testing facility earlier this month. And the nation’s Infocomm Media Development Authority announced that 5G will create around 1,000 jobs by the end of this year.

The tech will bring breakthroughs in healthcare and manufacturing - just to name a few. At the peak of Wuhan’s Covid-19 outbreak, 5G allowed medical professionals to perform remote ultrasounds on patients. These ultrasounds took only 15 minutes, and helped doctors cope with the influx of patients.

But what will 5G mean for cybersecurity? Here’s how collaboration and independent security standards will help to secure the 5G revolution.
 

More sophisticated security approaches


5G promises the ability to connect 1,000 times as many devices and surfing speeds 20 times faster than that of 4G networks. But the connected IoT devices will need more sophisticated security controls to protect against unauthorised access and attacks.

Fortunately, 5G networks will support these sophisticated security features. The different security risks coming along with new services, architectures, and technologies are well mitigated.

Operators can carry out network slicing to segment parts of the network and customise it to specific use cases. For example, IoT devices with common security vulnerabilities can be placed in the same slice. Security controls can be customised to address those vulnerabilities, limiting the scope of any potential vulnerability or attack.

Later this year, 5G technologies will further enhance the current security mechanisms to meet the new requirements for industrial IoT and consumer IoT.
 

Collaboration is key


At the Singapore International Cyber Week, Singapore’s Minister for Communications and Information S. Iswaran emphasised the need for global cooperation within a rules-based multilateral system.

At a national level, all the stakeholders involved must unite to create a secure future for the telecommunications industry.

Governments have the responsibility of formulating and enforcing laws that ensure the adoption of unified security standards. Standardisation development organisations must ensure that there are proper specifications for security assurance and best practices in place.

Regulators, in turn, are responsible for guaranteeing that Telco providers take appropriate measures to safeguard the security of their networks and services.
 

The need for independent security standards


The mobile industry needs a globally trusted and mutually recognised security assurance scheme. This will ensure all equipment have a certain level of security standards, and reduce the risk of cyber attacks.

Existing security standards lack specific technical requirements for telecom equipment. The standards are not widely adopted by the Telecom industry and recognised only by a limited number of countries. Most also entail a long certification process.

At the GovWare Focus 2020, Huawei announced its commitment to NESAS, an assurance framework to facilitate security improvements across the mobile industry. It is jointly developed by 3GPP and GSMA, the industry group for technical specifications and the global system for mobile communications association respectively.

Trust must be based on verifiable facts, which should in turn be based on shared standards. Governments should enforce a certification and accreditation process against a predetermined set of security standards for security authorisation.

Huawei is willing to collaborate with governments, security agencies, cyber security centers and other relevant public and private organisations to embed trust in all business processes.

To fully reap the benefits of 5G, its security risks must first be accounted for and mitigated. Multi-stakeholder collaboration and independent security standards for the mobile industry will be a way forward.