Industry Voices

Automation and collaboration key to mobile operators meeting their cybersecurity regulatory responsibilities

SecurityGen CTO Dmitry Kurbatov July 2023 (1).jpg

5G is on a roll worldwide. The new technology has grown rapidly across the world, especially in the Middle East and South East Asia.

But while 5G offers new levels of operational ease and vastly improved perfomance compared to previous technology generations, its added complexity along with its interconnectivity with multiple devices and other networks widens the threat surface available to malicious cyber actors and makes operators and their customers a more vulnerable target.

In response to 5G’s growth, governing bodies have introduced new regulations to improve and encourage the security of mobile networks. The European Agency for Cyber-security (ENISA) has published a set of guidelines and best practices to support 5G networks against cyber-security threats and ensure network security and compliance. The ENISA guidelines call on operators to assess risks, implement security measures, secure supply chains and regularly provide audits of their security systems.

To meet these guidelines, operators must continuously test and validate their cyber-security measures to constantly improve their network defences. To do so, mobile operators are increasingly turning to innovative automated security processes and tools to help them. Let’s get into the details.

Meeting ENISA 5G guidelines is an imperative

Introducing the regulations, Thierry Breton, the EU’s European Commissioner for Internal Market, stressed the operational importance of effective cyber-security to 5G, “Security is at the core of 5G’s roll-out. EU-wide certification, in combination with other types of measures in the EU 5G Toolbox, supports our efforts to optimise 5G security and patch technical vulnerabilities.”

When a mobile operator fails to meet the necessary levels of network security and compliance, it vastly increases the risk of breaches and potential data theft or service outages for itself and its customers. Operators that fail to comply may face a range of consequences such as penalties and fines, as well as lasting damage to their brand reputation among customers.

The ENISA 5G security toolkit provides proper guidance on secure network architecture and design. Meeting these requirements is an important starting point for operators to ensure their networks are safe, secure and compliant.

The steps outlined in the ENISA toolkit are similar to the NIST Cyber-security Framework, which is a widely used set of guidelines, standards and best practices for managing cyber-security risk. Both frameworks emphasise the importance of risk management, identifying and protecting critical assets, detecting and responding to security events, and continuous monitoring and improvement of cybersecurity practices.

The pivot of this frameworks - that operators must be proactive in the development of their network security and continuously be on the lookout for threats should they arise. They can take several steps in the immediate to ensure their networks are compliant, including introducing automated security systems that can inspect and detect their network for threats on an ongoing basis.

The all-important first step is to conduct a gap analysis of their current security posture against the recommended security toolkit. Identifying gaps and weaknesses that need to be addressed first is crucial: having identified these vulnerabilities, it then becomes easier for the operator to develop a plan to fill any gaps found, prioritising the most serious ones first and allocating resources accordingly - while also putting in place actions and timelines for addressing the other vulnerabilities when it’s possible to do so.

Steps to stay compliant

In addition to the gap analysis and remediation plan, operators should also establish policies, procedures, and controls that align with the ENISA 5G Security Toolkit's security requirements. This includes establishing a vulnerability management, deployment of protection measures, network security monitoring, development of incident response and remediation plan. All of which can be supported by automation.

Its imperative that operators conduct regular risk assessments to identify and mitigate potential threats to their networks. These are core to ensuring the security of your network and can be supported by automation tools such as an inspection, detection and prevention system. The earlier a threat or vulnerability is detected the better and detection relies on constant inspection of the network.

Based on the results of the risk assessments, network operators should implement appropriate security measures, such as encryption, access controls, and intrusion detection systems.

Outside of inspection, the security of operators’ 5G networks and services extends to the third-party businesses and service providers who develop their own 5G products and applications. Operators need to engage closely with these partners to ensure that they are also managing risk and following 5G cyber-security best practices. This means requesting visibility of audits and the measures that partners have in place themselves.

Operators should also provide regular training to their own staff on cyber-security best practices and ensure that they understand and appreciate the importance of network security. Human error is a frequent route in for cyber-criminals, so it is essential to ensure that staff are both vigilant and confident in identifying possible threats as they emerge. When it comes to a new and evolving technology like 5G, operator security teams need to have the proper knowledge and insight to be prepared to protect their networks against the security threats associated with 5G.

Another crucial step is to engage with relevant stakeholders, such as government agencies and other mobile operators, to share information and coordinate efforts to continually update and enhance 5G’s security. Working together, operators and agencies can continuously monitor and assess the effectiveness of the security measures implemented and adjust them as necessary to ensure ongoing compliance with the ENISA 5G Security Toolkit's requirements.

Stay ahead of the game

The ENISA toolkit was created to support the EU5G certification scheme, which has been in development for the past two years and is set to have a significant effect on the development and direction of 5G. Ongoing, two -way engagement with national, regional and international industry bodies like ENISA mean operators are able to prepare for any changes before they are officially implemented.

With 5G’s global rollout continuing apace and a range of industries exploring how to incorporate the technology into their operations and business models, it is vital for operators, industry bodies, government authorities and equipment suppliers to work together to ensure that new networks are safe, secure and resilient for businesses and consumers to use. Implementing and following mutually agreed cyber-security regulations is a cornerstone to realising the commercial and operational value and benefits of 5G.