Using 5G to automate security operations increases agencies’ adaptability, speed, integration and automation -- all crucial features of efficient, trusted government services delivery.
With the increasing digital delivery of government services, authorities and citizens have come to rely on available, fast and secure mobile connectivity. However, the benefits of pervasive connectivity must be weighed against the increased attack surface that will be enabled by 5G networks when they connect millions of users, internet-of-things (IoT) devices, autonomous vehicles and smart city services. To establish trust in these digitally delivered services, governments must stay ahead of the growing security issues.
5G will enable new use cases, applications and services – and not just over smartphones. It supports massive IoT sensor deployments, ultra-low latency connections for automated systems and superior coverage and higher bandwidth for many new applications in transport, health care and public safety, to name a few.
Governments at all levels -- federal, state and municipal -- will be able to leverage these new capabilities to meet constituents’ needs, address environmental concerns, improve quality of life and generally enhance operational efficiency.
This deployment of massive IoT sensor networks, automated systems and as-yet unimagined new applications will greatly increase the importance of securing the entire network. In addition to huge growth in node and link protection, there will also be multiple stakeholders, depending on the network, in mission-critical areas like public health, emergency response and smart city services.
Stronger encryption, better verification
At the same time, cyberattacks are getting more sophisticated each day. Government networks are constantly being attacked by criminal organizations, disaffected citizens, former and current employees as well as nation-states and state-sponsored actors.
Fortunately, one of the key features of 5G network architecture is its basis in software-defined networking and virtualization. This means 5G networks are very adaptable, scalable and integrated from end-to-end. Above all, many of their functions can be automated.
These networks can adapt to meet extremely sophisticated cyberattacks against government targets. Their stronger encryption of data and rigorous verification of network users also delivers significantly improved levels of security when compared with previous generations of mobile standards.
This is important, as hackers frequently employ automation in their exploits that dynamically adapt to how the network responds. Government networks must be able to adapt even faster as speed of response is critical to reduce “dwell time.” or how long a hacker or an exploit remains undetected. Software analytics, machine learning, orchestration and automation have been shown to reduce dwell time by 80%, and this continues to improve.
The key principles to establishing digital trust are security orchestration, analytics and response (SOAR) reporting. Automation in 5G enables the network to orchestrate and automate responses based on constant measurement and analysis of service-related data, which is logged to measure performance, syslog and security events. This data collection happens continuously across independent infrastructure domains containing both virtual and physical network functions. Intent-based, automated workflows captured in playbooks adapt the network in real time to ensure that security parameters are always met.
This highly dynamic, network self-awareness allows for early detection of anomalies that can then be addressed by IT security systems and personnel. Artificial intelligence and machine learning are essential for these tasks because of the massive amounts of data involved. They enable the IT team to respond quickly to assess whether there has been an error or an actual attack.
And with 5G, this constant measurement and monitoring happen in real time, as opposed to the occasional compliance and audit process that occurred sporadically on traditional networks. The end-to-end nature of monitoring makes it possible to do much more than perimeter security; accessing governance and security management are possible down to the command execution level.
This capability enables early identification of key indicators of compromise and the possible entry of harmful actors. Identification can then automatically trigger security workflows that immediately block access or refer the situation to a network security specialist for analysis.
Finally, 5G also introduces network slicing, which allows the creation of virtual networks on the same physical infrastructure, enabling isolation of traffic supporting highly secure applications. With slicing, a commercial 5G service provider can offer government agencies, such as public safety, a protected slice of its network to meet mission-critical requirements.
To summarize, adaptability, speed, integration and automation are crucial features of an efficient government security and response, especially given the new level of complexity and sophistication associated with 5G networks.
These attributes can be realized by automating security operations through machine learning, multi-dimensional analytics and threat intelligence. And in doing so, we establish the most effective way to secure 5G networks and build trust among governmental users -- a key determinant of 5G success.