Pablo Molinero, Senior Director of Product Management for Telcos at Fortinet.
In the age of Industry 4.0, critical services, from manufacturing to transportation, to energy and utilities, come in 5G the catalyst driving change. In fact, a few weeks ago, it was announced that Spain was joining Germany to give 5G proprietary spectrum to critical industries and infrastructures. 5G has the potential to accelerate the adoption of the Internet of Things (IoT) and Industry 4.0, and drive innovation, automation and efficiency. PTo extract the full potential of 5G, operators must look beyond the public network.
To extract the full potential of 5G, operators must look beyond the public network
While public networks offer a lot of capacity with high-bandwidth connectivity to all who are equipped with a device that supports this technology, they are not yet configured to support all the needs of these types of industrial and critical companies. This leads critical industries to create their own private mobile networks. which, while offering higher performance, reliability and connectivity, also carry certain cybersecurity risks.
In a study conducted in 2020 by ABI Research, it was predicted that private networks developed at the enterprise level would surpass public networks by 2036. And for good reason, as private cellular networks can be rapidly deployed and customized to serve key and time-sensitive needs for automation, control and physical and process security. Here we talk about ultra-reliable communications for low latency applications, as well as massive machine-to-machine communications for IoT and IIoT applications.
Creating your own private mobile network is not without risks in terms of cybersecurity
Creating your own private mobile network is not without risks in terms of cybersecurity. Protecting operational technologies is already critical. If you add to this IIoT devices, powered by 5G capabilities, such as high transmission rates, ultra-low latency, support for machine communications, predictability, agility and high precision, within a network made as you face many challenges in an ever-expanding attack surface. There are multiple architectures for deploying private mobile networks, varying based on business and industry requirements, use cases, and a spectrum of regulations and country assignments. A company that wants to build its own private mobile network may involve a myriad different architectures and actors to create and manage it. Before deploying, the implications of cybersecurity must be a priority for all organizations. Businesses should start by assessing their cyber maturity and being aware of the skills and technology required to detect, block, and respond to cyber threats.
Here are some points to keep in mind when designing a secure 5G mobile private network:
The first aspect of security is the micro-segmentation and access control to different networks and production devices. Security must create a virtual space in production environments to protect against threats, contain them, and limit their progression and impact.
Industrial devices are often not updated in time so as not to jeopardize the availability of the production chain. They can live with a known vulnerability for weeks or even months. In this case, the security infrastructure in place must provide a virtual security patch, preventing vulnerabilities from being exploited until devices are updated.
The low predictable latency it is also a key aspect. A few extra milliseconds can slow, stop, or even damage an entire production line if the inputs and outputs used by the industrial control application arrive too late to be usable.
Finally, security features should take up very little space and, in some cases, be able to work in high temperature or humidity environments, which requires robust solutions.
Segmentation, access control and visibility of the entire network are key to securing these private mobile networks
In short, it is well known that factories and logistics centers are very attractive targets for denial of service attacks, ransomware incursions, outages, or industrial espionage. Operators and industrial players are well aware of this, and are making cybersecurity an integral part of your private 5G network to avoid risking losses greater than your network investment what they are doing or the productivity gains that 5G is bringing. Segmentation, access control and visibility of the entire network are key to securing these private mobile networks.