The promise of 5G is everywhere – from self-driving cars cruising our streets to smart cities that respond to our needs in real-time. But beneath this exciting future lurks a complex web of cybersecurity challenges that few are talking about.
This week, I led a panel discussion at the National Institute of Standards and Technology (NIST) Software Supply Chain Assurance Forum to explore these risks and their relevance, impacts, and mitigations to maintain rapid adoption of the promise of 5G. Panelists included: Thomas Goldberg, Principal & Co-Founder, Patriot Tools; Jon Pelson, Telecom Exec and Author of Wireless Wars; Andrew Thiessen, Head of 5G/xG at the MITRE Corporation; Jennifer Bisceglie, Founder & Executive Vice Chair, Interos Inc.; and Brett Haan, Rivada Networks.
The Dark Side of Lightning-Fast Connectivity
Imagine connecting billions of devices at unprecedented speeds. Sounds amazing, right? But here’s the catch: each connected device is a potential entry point for cybercriminals. It’s like building a house with a million doors – you need to ensure every single one is locked.
And it gets more complicated. 5G networks aren’t just faster; they’re fundamentally different from anything we’ve built before. Organizations face a critical choice between two architectural approaches:
Non-Standalone (NSA) 5G: Think of it as renovating your house while living in it. It’s quicker to deploy but carries the baggage of old security vulnerabilities.
Standalone (SA) 5G: This is like building a brand-new house. It’s more advanced but comes with its own set of unexplored risks.
The Supply Chain Problem Nobody’s Talking About
Here’s a sobering thought: your 5G network is only as secure as its weakest component. With parts sourced from across the globe, how can you be sure each component is trustworthy?
Consider this:
- Counterfeit components can slip into the supply chain
- Firmware could be tampered with during manufacturing
- Foreign vendors might build in hidden backdoors
- Intellectual property and trade secrets can be stolen
Ways to Protect Your 5G Future
Embrace Zero Trust Architecture: Trust no one – it sounds harsh, but in cybersecurity, it’s smart. Every user, device, and connection should prove itself trustworthy. Think of it as having a bouncer who checks IDs at every door, not just the main entrance.
Secure Your Supply Chain: Know your suppliers’ suppliers. It’s like checking not just the restaurant’s health rating but also where they source their ingredients. Use tools to:
- Vet suppliers thoroughly
- Track components from source to deployment
- Maintain detailed documentation of every part
Build Resilient Infrastructure: Your 5G network should be flexible – strong yet adaptable. This means:
- Using programmable networks that can adapt to threats
- Implementing end-to-end encryption
- Keeping everything updated with the latest security patches
Join Forces: No organization stands alone. Harness supply chain illumination and advanced analytics to uncover hidden vulnerabilities and strengthen defenses. Share threat intelligence, contribute to industry standards, and participate in joint security exercises. Think of it as a neighborhood watch for the digital age, proactive, collaborative and essential for resilience.
The Bottom Line
5G isn’t just another tech upgrade, it’s a revolution in connectivity that will transform how we live and work. But with great power comes great responsibility. The organizations that thrive in the 5G era will be those that take security seriously from day one.
Are you prepared to secure the 5G future?
If you are unsure, The Chertoff Group can help you evaluate the challenges you are facing and develop a plan to mitigate risk. Our services include developing risk-aware 5G deployment strategies including:
- Risk Assessment & Implementation: Identify vulnerabilities and define security controls;
- Lifecycle Support: Secure 5G implementation, maintenance and monitoring;
- Cybersecurity Integration: Address software, hardware and supply chain risks.
Michele Iversen is Principal and Head of Geopolitical & Regulatory Risk at The Chertoff Group.
