This summer, the Federal Communications Commission (FCC) officially launched its ninth Communications Security, Reliability, and Interoperability Council (CSRIC) – a stakeholder-driven body advising the FCC on ways to ensure the security, reliability and interoperability of communications systems. Palo Alto Networks is pleased that its expertise has been tapped once again with the appointment of Leonid Burakovsky, vice president of Product Management, to the CSRIC Working Group 3: Preparing for 6G Security and Reliability.
It’s no secret that 5G technology has brought significant improvements in several key areas of mobile connectivity. This includes increased speeds, reduced latency, greater flexibility, density improvements, better energy efficiency and a transformation toward intelligent networks integrated with artificial intelligence (AI). However, these advancements are not without security challenges, including significant cybersecurity risks.
The increasing reliance on mobile networks, including private 5G, for critical infrastructure, autonomous systems, manufacturing, energy and transportation underscores the necessity for a security approach that can detect and withstand sophisticated cyberthreats and attacks. With this backdrop, and recognizing that the FCC highlights that “6G networks are at least seven years from commercial deployment,” we should prepare for its inevitable deployment from the most proactive posture possible. Central to doing so is studying 5G security lessons learned, as these will play a critical role in informing the security landscape of the forthcoming generation.
A robust security approach should be established from the beginning in all 6G discussions. Palo Alto Networks strongly encourages a “Security First” approach to complement the existing focus on improvements in speeds, latency, coverage and other connectivity elements. While these elements are important, driving progress across them without a commensurate focus on security will fundamentally challenge the promise of 6G connectivity.
Next-Generation Security — What We’ve Learned
The adoption of 5G technology has presented new security risks, given the increased attack surface from cellular IoT and OT devices and new threat vectors as cloud and AI adoption surges. According to The State of OT Security 2024 report, conducted in collaboration with ABI Research, more than 70% of industrial enterprises acknowledge that 5G-connected devices are becoming an increasing threat vector for 5G-OT deployments. To protect the confidentiality, integrity and availability of data and to protect networks, services and consumers, we must standardize a Zero Trust approach to enterprise-grade security. This is necessary to manage increasingly complex and dynamic environments. This means the ability to secure the service, technology and application stack by securing all layers (signaling, data, applications and management), all locations, all attack vectors and all software lifecycle stages while using AI, automation and behavior analysis.
At Palo Alto Networks, an end-to-end, Zero Trust approach is at the core of our enterprise-grade security offering for 5G. We provide secure network slicing, real-time detection of attacks, threats and vulnerabilities, automatic correlation to subscribers and equipment, and dynamic, flexible real-time security enforcement, integrating a high degree of AI and automation, so customers can manage security efficiently.
While vendor trust is important, it alone does not guarantee security. Our capabilities incentivize vendor best practices while securing modern telecom networks, communications and data regardless of the underlying technology or ICT vendor in the network. This flexibility is crucial, particularly as 6G networks are expected to integrate even more devices and applications, leading to an exponentially expanded attack surface, necessitating proactive and adaptive security measures.
5G and 6G can transform industries and drive the Industrial Revolution beyond connectivity. For cellular networks to live up to this potential of transforming industries, enterprises need the confidence that 5G and 6G provides Zero Trust, enterprise-grade security.
Next Steps
By investing in Zero Trust security technologies now, organizations can lay the groundwork for a secure 6G environment, thereby ensuring the integrity of data and critical services, as well as fostering confidence in the digital ecosystem of the future.
Incorporating the latest Zero Trust, enterprise-grade security technologies into 6G requirements and standardization from the beginning is crucial to powering digital transformation and ensuring secure and speedy adoption of 6G.
AI and automation should be at the core of network security to analyze vast amounts of telemetry, proactively assist in intelligently detecting and stopping attacks and threats, including zero-day attacks, and dynamically recommend changes to security policies, if needed, based on continuous security monitoring and real-time behavior analyses. The risk of cyberattacks to all organizations has exponentially grown with the scale enabled by 5G. The stakes are too high not to prioritize security in the development and deployment of 6G.