About the author Benoit Jouffrey is the VP 5G expert at Gemalto, a Thales company. 5G has enormous potential to transform our lives, with the promise of creating a truly connected world where smart cities, self-driving cars and smart factories are not just an ambitious concept, but a reality. According to a recent Ericsson study, 5G will reach 40% of the population and 1.5 billion subscribers worldwide by 2024, making it the fastest mobile generation ever deployed on a global scale. However, as history has repeatedly taught us, any rapidly growing technological innovation creates new cybersecurity risks. With billions of devices connected to the Internet, we face increased risk of cyberattacks, data breaches, and even state-sponsored attacks. If we don't get security, we risk undermining trust in the new wave of connected devices and the concept of smart city and smart industry in general. The top three security issues we face are: Data Protection Compliance – If the GDPR protocol has set up the global data protection protocol, it will soon be accompanied by an even stricter framework called the Privacy Regulation (EPR). The EPR will be enacted in late 2019 and 2020 and will require pseudonymization and encryption of personal data as standard. Larger attack surface: 5G transforms the core network and mobile functions of a network and brings new security threats. The risks and attack methods previously associated with high-end computing will now apply to mobile networks. Therefore, it is essential that the 5G ecosystem, including mobile network operators, policy makers, third-party providers and manufacturers, be ready. Cyber Warfare: Cyber warfare is no longer the war of the future, but the war of the present. Attacks are becoming more sophisticated and nationalized cyber warfare is beginning to attack all ICT networks, including mobile telecommunications. If the 5G network is compromised, cities and communications can come to a standstill.
Which industries will be the most affected?
The first step in 5G adoption is now taking place in the consumer market with enhanced mobile broadband. The next step will be to use the technology more widely for high reliability, low latency, and mass communications. This will have a profound impact on the industrial world. In the automotive industry, for example, 5G will enable greater driving autonomy and vehicle-to-vehicle or vehicle-to-infrastructure connectivity. In manufacturing, thanks to its very low latency and high reliability, 5G will play a key role in automating work, achieving the vision of smart factories, while in healthcare, it could facilitate remote telesurgery and patient monitoring. However, smart cities are one of the key areas affected, where 5G will play a key role in facilitating the deployment of smart transportation networks, smart buildings, and enabling smarter metering. This will lead to changes in the way we design technology for connected devices, including the need to build in ad-hoc security, as this will be crucial to launching the next generation of smart technologies.
The impact of the EU GDPR on 5G networks
EU PMPs are shaping global data protection, and similar initiatives are emerging in some of the world's major economies, including the United States, Canada, Japan, China, Brazil, and the United States. South Africa. As the world uses to tighten data protection requirements to ensure user privacy, the focus will be on data management in 5G networks. As defined in the ePR, this includes stricter rules for managing electronic communications metadata, as this enables the identification of a device on a network. As a result, identifiers such as SUPI (Subscription Permanent Identifier), the equivalent of IMSI for 5G mobile networks, must meet strict requirements for encryption and data storage. To meet these requirements, connected devices must be designed in the interest of cybersecurity.
Ensure the confidentiality of data in 5G networks.
Businesses and device manufacturers must adopt a security strategy based on five key principles. First, security mechanisms must be tailored to the potential risk of a breach. All use cases do not require the same level of security: a sensor in a soap dispenser does not need the same level of protection as a connected vehicle lock, for example. The second principle requires considering security as an end-to-end approach, from the periphery to the center. This means that security must be built into devices and software at the design level, otherwise vulnerabilities can only be fixed later. For example, the use of 5G secure SIM cards, which provide complete end-to-end anonymization of subscriber identities, is essential to provide robust protection against hacking and future security threats. Organizations should also consider secure endpoint connectivity modules that provide additional layers of security beyond the connectivity itself. The third principle is to use state-of-the-art encryption, keying, and data storage, which eliminates the risk of misuse of personal information and ensures compliance with regulations, such as the GDPR. The fourth principle is that companies should collaborate with partners who can verify the specific implementation and meet key security certifications to ensure that all third-party components used for the final product meet the highest security standards. Ultimately, 5G adoption will depend on industry standardization, which will reduce market fragmentation and ensure that all participants adhere to the principles of data security and confidentiality, as well as an appropriate level of interoperability. These standards may need to continue to evolve over time to accommodate emerging technologies and market developments and ensure their long-term relevance.
Business opportunities for 5G-based services
5G offers great potential to transform traditional industries and create new opportunities for innovation in services: from smart factories to autonomous vehicles, to virtual reality remote training and rapid video streaming. But, once again, behind all these innovations, it is necessary to ensure the security and reliability of 5G technology and the network infrastructure that supports it. To take full advantage of 5G, electronics manufacturers and other key market players need to identify the specific infrastructure that allows them to achieve their strategic goals in a secure and reliable manner. This infrastructure could depend on court or private networks. Working with an established and trusted partner with the experience to assess the end-to-end security required for 5G networks and devices will be critical to ensuring cybersecurity is integrated into your 5G deployments. Ultimately, success will depend on teamwork: governments, standards bodies, mobile network operators, device manufacturers, and software or application providers must all work together to succeed. Create a trusted IoT ecosystem that delivers on its promises. of 5G. Benoit Jouffrey is the VP 5G expert at Gemalto, a Thales company