AT&T Cybersecurity: 5G and the Journey to the EdgeBy Lewis - 11 February 2021
Theresa Lanowitz, Director, AT&T Cybersecurity
5G will dramatically change the way organisations do business. From smart cities and fleet management through to remote surgery – 5G is not just about back office types of computing endeavours. With its low latency and ultra-high bandwidth, 5G will change the way computing is conducted.
Last year, 5G was an upcoming revolution in technology. Now it is here. Organisations are living in a hybrid world sliding between 4G, 5G and previous network generations. This year’s AT&T Cybersecurity Insights Report: 5G and the Journey to the Edge sets out to understand how businesses are adapting and building a cybersecurity-first mindset.
REMOVE INFORMATION SILOS
Gaming is all about sensitive data so how the industry addresses digital risk is crucial. Businesses are taking identification, credit cards, and exchanging money – personally identifiable information (PII). Organisations ought to be asking themselves how they are supporting business continuity?. What happens if your business has to pivot and shift? What if there is disruption? Organisations need to be adaptable.
Businesses should be talking to technical and information security teams to address digital risk and ensure they are adaptable to disruption. Management should be breaking the traditional delineation of businessmen and women on one side and the technical side of the house on the other.
The technical teams – development, quality assurance, infrastructure, operations, networking and cybersecurity – should not be working in the information silos they were previously working in.
A SECURITY-FIRST MINDSET
Organisations are beginning to lead with a security-first mindset because they know how important customer trust is to any business. Leading with a security-first mindset means the information silos have gone away and business is working closely with technicians to continually assess risks for business adaptability.
The business can pivot and withstand any sort of disruption whilst showing customers they are working in the latest application types and technology. One of the things we have seen over the past ten years or so is that organisations who really engage customers with their software have been able to do far better than their competitors. Underlying software has to be functional, easy to use, intuitive to the user, fast and secure.
Inside the company, security-first means the tone is set at the top. Security is front and centre of everything. A result of the rapid digital transformation we’ve seen is that organisations are now focusing first on security. In the AT&T Cybersecurity Insights Report, we found that companies are predominantly adopting 5G to remain competitive.
We asked survey participants what their primary reason is for adopting 5G and the overwhelming response was to ‘remain competitive because it is a competitive world that we live in’. 93 per cent of organisations are either researching, implementing or have completed a 5G initiative.
PROTECT DATA ENDPOINTS
In a 5G world, we’re going to have more and more devices connected, including IoT devices where a human being is not connected to the other end. It’s just a thing sitting out there on the Internet. Many organisations will forget such IoT devices are an endpoint just like any other. These devices have to be protected as adversaries will take the path of least resistance and try to attack these types of endpoints.
It is also crucial businesses protect endpoints where data may be stored. With 5G, you have the luxury of data being stored where it is consumed and created for faster interaction with the applications you’re working on. A perfect example of this is in-arena betting. However, these types of use cases are a treasure trove for adversaries if endpoints are not protected and taken care of in the correct way.
5G – A BUSINESS DRIVEN NETWORK
Standalone 5G is more secure than any previous network generation. The only constraint of 5G use cases is the imagination of the people who are using it.
15 years ago, we would have never thought of using a ride sharing application like we do today or streaming television shows on our mobile phones. On a 3G network, nobody could have predicted those types of applications when GPS systems were first coming online. On 4G, you could ping a driver to meet you within a metre of where you request a ride drop.
With 5G, there are going to be incredible use cases. It is unlike any other technology revolution that we’ve seen as is not being driven by technical teams but by the line of business. This is why our latest report focuses on how business professionals are preparing for 5G. Businesses have sensed an opportunity to become more competitive.
As an industry, we have been predicting for more than a decade that business is going to become more involved in technology decisions. 5G is the manifestation. All organisations are looking at 5G – whether it is to offer in-arena betting or manage parking spaces within the city – for a competitive business differentiation. 5G is only constrained by the imagination of those who write the applications.
A POTTED HISTORY OF CYBERSECURITY
In the mainframe days, the biggest security threat data centre workers had to worry about was a physical security threat – spilling coffee on the keyboard or accidentally unplugging something. The moment the four walls of the data centre opened and compute power became more democratised is when cybersecurity became something that people really needed to worry about.
When the first PC’s were connected through local area networks you suddenly started to see attacks – namely worms and viruses through hobbyist hackers. Moving onto web, mobile, and cloud applications; these hackers became financially motivated with phishing attacks, SQL injection and so on. As organisations have begun to increasingly rely on computing to conduct business, the greater the risks involved.
The last twelve months has forced organisations to adapt to a remote and mobile workforce, accelerating the digital transformation of businesses at a time where there was already a sizeable cybersecurity skills gap in the market. As this skills gap continues to persist and grow, cybersecurity is going to become more of a threat to every type of business. An increase in cybercrime and cyberthreats is the natural progression of computing.
THE YEAR AHEAD
2020 was the year cybersecurity went from being a technical issue to a business imperative. In the year ahead, organisations are going to increasingly adopt 5G and begin the process of figuring out how to make themselves more competitive.
We are also going to see new types of applications being written. We have moved away from creating big monolithic applications to a whole new ecosystem with new hardware and smaller, faster applications built out as result of 5G. A new network means new infrastructure, hardware, and applications.
Software is going to be smaller in size, purpose-built and security will be built in from the very beginning as part of the requirement of writing applications. Security is something organisations will lead with and will no longer be an afterthought bolted on at the end of the development cycle. Personal identifiable information (PII) security is going to be front and centre.
BIO: AT&T Cybersecurity has been in the cybersecurity business for over 25 years and has been protecting networks since the very first phone call, making it safer to innovate. We have eight security operation centres staffed 24/7, 365 days a year. Our threat intelligence team examines 20 million threat indicators a day through the Open Threat Exchange – a large global community for threat intelligence. AT&T Cybersecurity’s structure allows us to go to market in a way that means our customers, prospects and clients can engage with us in two ways.
i) Consulting. Our consulting organisation has very knowledgeable and experienced consultants with an average of 12 years’ experience. They have all the latest certification to help organisations really understand what cybersecurity means, how to remediate vulnerabilities and put together a robust cybersecurity strategy.
ii) Managed Security Services. Through our eight global security operation centres, we focus on three broad categories – endpoint, network security, and threat detection response.