Subscribe For Free
FOLLOW US

Speaker’s Corner: Getting 5G security right in the age of Covid-19

Mobile News
June 16, 2020

A slower start to the 5G era allows for new opportunities to shore up defences, says Radware carrier services VP Mike O’Malley

At the start of 2020, everyone in mobile was expecting 5G to launch at a normal pace. Speculation on new handsets, and the anticipation of exciting new IoT applications and wearables, through to mainstream use of AR and VR, was everywhere. And despite the major upheaval in supply of network kit caused by concerns related to Huawei, 5G rollout plans forged on.

But when Mobile World Congress was cancelled, so the new reality dawned. 5G wasn’t going to launch with the big bang we expected. That’s not to say it won’t be happening, but when we still see auctions for spectrum be delayed around the world – in some cases indefinitely – and few 5G handsets on the market, so we must accept a slower start to the 5G era.

For operators there will be some tough decisions to make. Continue to invest despite the prospect of greatly reduced revenues compared to the business plan they built pre-recession, or plough on hopeful that the different way of working and living is here to stay for some time, and as a result the consumer interest may actually accelerate in some areas.

For instance, replacing home broadband with 5G could really thrive as a result of the global lockdown. People will review their expenditure and what makes them happy. We’ve already seen the uptake of more subscription models for entertainment, so it follows that consumers will also invest in the technology to make it a slick anywhere experience, untethered to wires.

Retailers could play to this new appetite for experience with the launch of AR / VR services enabling consumers to see what the piece of furniture they want to buy looks like in their home or how that new shirt or dress virtually fits before they part with their money.

With business models shifting as a result of lockdown, this could lead to 5G supporting a company’s plans for growth and innovation in a way not conceived before, or certainly not at the scale envisaged.

Delivering ultra-high bandwidth quickly and reliably, with an ability to scale applications was always, and still is, the challenge with 5G promises. However, it’s created what some might see as strange bedfellows – the likes of Amazon and Azure partnering with the operators. In fact, most recently, Google has partnered with Telefonica in Spain to support digitalisation strategies. It all makes perfect sense, given the complementary expertise and partnerships, to sell more 5G applications in a mobile edge cloud very close to the customer.

Yet, at a higher level there are still some pivotal questions to address. Most importantly, will this be a repeat of the 2000s where service providers performed all the heavy lifting in LTE, but ceded all the application value and therefore all the financial value to the Over the Top (OTT) crowd, like Apple and Google? There could be some tricky conversations about exclusivity and who owns the customer and how the revenue is divided to come. Microsoft Azure, AWS, and Google Cloud can all provide expertise in selling and scaling applications in the cloud. However, the service providers will bring their own expertise in ultra-low latency, wireless, video, voice, and data connectivity.

But I wonder how the squabble over who owns security will go? It’s still one of the biggest unsolved debates. The service providers have built brands on near perfect 99.999 per cent reliability. But if the cloud services are managed by the cloud providers, will AWS and Azure provide infrastructure and application security? Will it be the same as or different from the service providers’ security architectures that already exist on the network? Would Vodafone or AT&T have visibility in their SOC (security operations centre) to all threats to the multi-access edge computing (MEC) or do they need to pick up the phone and rely on the cloud provider?

As I see it the service provider will need to secure the MEC from both a network and application perspective north and south – in and out of the MEC cloud. They have built their brands on trust, security and reliability and therefore will need to control the experience to retain brand value.

On the other hand, cloud service providers will need to provide their own application security on individual applications (perhaps via Openstack or Kubernetes) within the MEC cloud and between applications – an east to west scenario. Doing this in combination will ensure the service provider’s reputation and brand. Service providers can leverage their existing security architectures and best in class technologies to make the MEC security part of their holistic management of the network by the SOC, while collaborating with the cloud providers to prevent any security threat contamination between cloud applications.

As a result, the cloud providers will be able to sell the value of security to the end customers, protect from east-west attacks within the cloud, and negotiate a business relationship with the service provider for this incremental revenue on the applications.

All this at a time when trust is becoming a dominant reason for choosing a brand today. Our data and applications, and how they are protected and used, have never been so hotly debated. So, I hope that not only do we see some interesting implementations of 5G come out of the CV-19 crisis but that we also see some carefully planned secure network innovation. Consumer and business confidence rests on it, and so does the success of 5G.

Mike O’Malley is vice president of carrier services at Radware, a global cybersecurity firm.

Share this article