technology (OT) elements of the business, the manufacturing line integrity, logistics chain, and even to employ safety. There is an important distinction. IT security tends to be better protected and have more monitoring for better visibility. It often also has well-rehearsed recovery strategies—networks can be restored from backups or use disaster recovery options to be restored in a matter of hours. Operational technologies are much more diverse and less protected and monitored, though the impacts of an attack can be far more serious. Simply affecting the logistics management, causing a factory to run out of a key component, could stop manufacturing for weeks. Turning off refrigeration of a vaccine in storage could result in the loss of lives. Almost all consequences will take longer than a reboot to resolve and will have massive knock-on effects.

To protect businesses, we need to consider how to secure the IoT, and how to secure the network that supports it.

Security in a connected world

Looking at the network, the enterprise has two principal deployment options. The first is to use a public mobile network operator, which may additionally be able to partition or slice the network to provide more privacy. The second is to opt for complete isolation and control, as enterprises have in their existing LAN environments, by building a private 5G network. 

Public or private, one thing remains the same for early adopters: they’re deploying network elements early in their security development cycle. These network elements are delivering state-of-the-art technology and innovative use cases, which will inevitably evolve very quickly as lessons are learned.

Mobile operators are working tirelessly to build out their 5G offerings, but at this early stage, the focus is almost exclusively on the core business. If an enterprise requires a more bespoke solution, what do they need to consider for private 5G? 

Principally, it requires a 5G radio access network (NR-RAN) and core network functions for 5G based on service-based architecture (SBA), both delivered on virtual infrastructure, either NFVi or cloud-native. However, our factory example may blur the lines with some of the services described needing extremely low latency, meaning resources need to be as local as possible. This requires a technology called multi-access edge computing (MEC) to also be included into infrastructure design.

Moreover, these four primary elements require management and orchestration, radio-frequency (RF) planning, IT and public cloud integration and a comprehensive suite of support and maintenance services. This sounds complex and it is, requiring multiple varied skillsets from legal to negotiate for radio bandwidth licenses, public and private cloud expertise and a full composite of telecom skills—many of which need to be continued for the lifetime of the network in order to keep it running and secure.

Realistically, the only option for the enterprise is to employ a specialist system integrator who would deliver the private 5G via an ecosystem of vendors. Use of diverse vendors and a move away from monolithic vendor architecture is a key element to all of 5G, not only private networks. It promotes commercial competition but also innovation as more varied and niche core and radio access vendors come to market. But in security terms, it increases the supply chain risks, and creates opportunities for malefactors to use vendor interactions or functional differences caused by separate design streams to negatively impact the network.