Op-Ed: 5G’s tsunami of fast-moving, far-reaching data has security leaders concerned

5G connectivity is not limited to our phones. It is increasingly vital to business operations, our national infrastructure, and organisations from critical infrastructure sectors, including banking, energy, food, health, transport, and water.

There’s little doubt that 5G will prove revolutionary in terms of productivity and automation, radically enhancing the way data is captured, stored, shared, and used.

But as its adoption snowballs, so too does the intensity of the threat landscape. 5G will create a tsunami of data and supercharge how far, how often, and how fast it travels.

With compromising data the principal reason for most cyber attacks, concerns are rising around the confidentiality, integrity, and availability of data in motion across 5G networks.

Ever-expanding attack surface

Thales’ recent Data Threat Report 2023 shows that 75 per cent of Australian organisations are worried about 5G network security threats.

Organisations are right to be concerned; 5G is the first cellular generation to launch in the era of global organised cyber crime and the first to be reliant on cloud and DevOps frameworks for its implementation and ongoing operation.

Deployment also continues to support an escalating number of devices that could reach up to 1 million devices per square kilometre. As this attack surface expands, so too does the potential scale, depth, and impact of a successful cyber attack.

VIEW ALL

While many organisations — particularly those operating within critical industries — understand the importance of having a strong cyber security posture, securing unprecedented volumes of fast-moving and time-sensitive data has become a critical challenge.

Securing everything but the data

Many organisations believe that working to defend every potentially exploitable asset in the digital environment around data is the most effective way to prevent data incidents. If security best practices around user access, connected devices, software and networks have been deployed, then the data must be safe, right? Wrong.

The reality is that it takes only one material error in the edge security environment or a small human oversight to open the door to a skilled attacker.

If the data itself has no security to prevent exposure, the consequence can be catastrophic. Sensitive customer information can easily be viewed, tampered with, breached, or stolen, often costing organisations a hundred times more than what it would have cost to secure the actual data itself.

The growth and success of a business today rely as much on good data security as on safeguarding its cash flow. By not enforcing confidentiality and integrity on the data itself and instead relying on everything else being secure, then the data remains at risk.

Data on the move

Losing control of data is an escalating anxiety for businesses and governments all over the world, yet securing data in transit has long been limited to legacy technology like IPSec and MACSec, which is unsuitable for the speed and volume of 5G.

Data in motion can travel two ways: within the boundaries of a private network or outside of the organisation. Data travelling outside an organisation makes it more complex to know where it is, where it has travelled or is being hosted, and whether it has been accessed or altered during its journey.

Today, almost half of Australian organisations identify data in motion as the biggest target for cyber attacks, while seven in ten are concerned about the security of data that specifically moves across 5G networks.

A third of Australian organisations are already prioritising investment into securing data in motion, but the majority are yet to tackle this critically important task.

Securing data in motion may seem like a huge challenge, yet the latest generation of network data encryption overcomes this traditional view. This technology addresses the five key requirements of 5G data in motion security:

• Transparency – alleviates the need to replace, redesign or re-engineer current networking infrastructure.
• Scalability – accommodates enormous, highly dispersed network deployments from the most remote offices to the largest global cloud clients, with autonomous key and security management.
• Extreme throughput – supports data transfer in the 10s or 100s of gigabits per second (Gbps) that is unsupportable by legacy network encryption technology.
• Low latency – accommodates near real-time response in the microseconds when leveraging 5G for time-sensitive infrastructure.
• Quantum-resistant and readiness out of the box – prevents the risk of cyber criminals “data-vacuuming” today in anticipation that quantum weak security will be broken in the future.

Raising new data sovereignty questions

Effectively encrypting data in transit will not only help secure us as 5G proliferation grows but also addresses privacy and compliance obligations. As regulations across the world continue to be tightened, digital sovereignty has become a multifaceted issue that is increasingly top of mind for government, security, and business leaders.

Securing a company’s digital environment and securing the data, combined with a “think globally, act locally” approach to digital sovereignty, will build trust in Australia’s 5G-driven digital ecosystem. Only then will organisations, and Australia as a nation, be able to truly reap the benefits that lie ahead of us.

Brian Grant is the ANZ regional director at Thales Cloud Security.

David Hollingworth

David Hollingworth has been writing about technology for over 20 years, and has worked for a range of print and online titles in his career. He is enjoying getting to grips with cyber security, especially when it lets him talk about Lego.