
NATO and Ukraine in the Trump 2.0 Era
EXPERT INTERVIEWS — While the North Atlantic Treaty Organization (NATO) has long counted the United States among its most generous and loyal members, many NATO nations […] More
By Chris Christou and Joseph Bull, Booz Allen Hamilton
SPONSORED – U.S. government organizations racing to adopt 5G mobile technology must overcome significant security blind spots. Although most government and enterprise organizations know security is critical when migrating workloads to the cloud, the intersection of cloud security and 5G security is still unfamiliar territory. Gaining greater perspective can help organizations apply leading practices to safeguard systems by design.
Recent research commissioned by Booz Allen sheds light on the learning curve that many organizations face. The survey encompassed 175 individuals involved in the development, analysis, and review of U.S. cybersecurity practices and policies. Respondents included mostly federal and military personnel, as well as stakeholders in think tanks, non-governmental organizations, lobbying roles, and the legislative branch.
While many respondents (82%) ranked cloud security among the most important aspects of cybersecurity, fewer (60%) said the same for 5G security. The White House has stressed the stakes for securing 5G networks “could not be higher.” The survey findings suggest that information technology specialists, program and project managers, administration and operations personnel, and others with cyber-related roles are still absorbing this message.
The irony is 5G networks are intended to be cloud native: Organizations need to apply cloud security leading practices to 5G infrastructure itself, in addition to securing the network and applications by design. What’s more, the cloudification of mobile networks is greatly expanding the attack surface to include data centers and open-source software. It’s getting easier for less sophisticated threat actors to target mobile networks. Threat vectors related to 5G cloud infrastructure include software/configuration, network security, network slicing, and software-defined networking.
Most survey respondents (62%) said they had limited knowledge of 5G security. And respondents were roughly split on whether they had limited or substantial knowledge of zero trust—a leading security mindset that is ideal for 5G. Embracing zero trust is about stepping up and owning the risk that threats can emerge inside, not just outside, traditional network boundaries—and it’s about proactively countering these risks. This shift in mindset is needed even as efforts to build, deploy, and use 5G technology are still taking shape.
The Department of Defense, for example, is working to deploy private 5G solutions for a wide range of use cases. And as one of DOD’s partners, Booz Allen is at the forefront working with DOD to build the 5G infrastructure and conducting the prototyping based on specific 5G-enabled use cases. But this large-scale push to build and manage such infrastructure and define use cases—almost like a mobile carrier would—is new territory for the department. And many organizations are still assessing how they will use 5G, let alone how they will secure it.
While there is no “easy button” for 5G cloud infrastructure security, organization leaders can look to guidance from the Cybersecurity and Infrastructure Security Agency and the National Security Agency. This guidance shows how to bring a zero trust mindset into 5G cloud endpoints and growing multi-cloud environments: It covers preventing and detecting lateral movement, securely isolating network resources, data protection, and ensuring the integrity of cloud infrastructure.
In addition, here are five steps to guide organizations interested in developing private 5G networks:
The next few years will see more and more deployments of 5G-based cloud infrastructure and devices. As these projects progress, leaders should use these five steps, zero trust and security-by-design principles to safeguard these leading-edge systems.
This is paid, sponsored content. Interested in a sponsored post in The Cipher Brief? Contact Erika Hipkins at [email protected] to find out how to get your content in front of 36K national security professionals.
Related Articles
EXPERT INTERVIEWS — While the North Atlantic Treaty Organization (NATO) has long counted the United States among its most generous and loyal members, many NATO nations […] More
BOTTOM LINE UP FRONT — Two utterly different events, in two very different parts of the world, have raised fresh concerns about a return to […] More
EXPERT PERSPECTIVE — When The Cipher Brief looked at the global security landscape for 2025, Greenland didn’t rate a mention. That was probably true of new […] More
EXPERT VIEW — 2024 has brought multiple reminders of the threats – real and potential – posed by the People’s Republic of China (PRC). Over the […] More
DEEP DIVE – The Office of the Director of National Intelligence (ODNI) is a relatively recent addition to the institutional architecture of the U.S. Intelligence […] More
DEEP DIVE — For years, Iran’s Islamic Revolutionary Guard Corps (IRGC) has tried and failed at all sorts of half-baked schemes to eliminate enemies living in […] More
Search