Lenovo Chief Information Security Officer Talks New Standard at National Cyber Security Conference.
Businesses need to have a clear security plan to address the potential cyber security threats of 5G, according to a series of presentations and panels at this year’s National Cyber Security Alliance (NCSA) conference at NASDAQ in New York, an event that marks the beginning of National Cyber Security Awareness month.
The non-profit NCSA builds public and private partnerships to promote strong cybersecurity with a two-prong effort. The first, the conference in New York, featured panel discussions on data privacy, the role of artificial intelligence in security, and the impact of quantum computing along with a featured talk on 5G security by Jason Ruger, chief information security officer at Lenovo.
The second prong focuses on consumers and individual users, as phishing attacks and other seemingly old-fashioned attacks continue to be a serious threat, said Kelvin Coleman, executive director of NCSA, as he asked consumers to Own IT. Secure IT Protect IT.
“This simple message encourages consumers to understand the devices and applications they use every day, secure their digital profile and protect it by familiarizing themselves with privacy settings to help safeguard their privacy and limit cybercrimes,” Coleman said. “As cyber criminals become more sophisticated, it’s important to remember these few tried-and-true methods for protecting oneself online.”
In his presentation, Ruger explained how the technology driving 5G’s tremendous potential – speeds more than 100 times faster than 4G – creates not just faster speeds, but also new opportunities for improving cyber security.
These opportunities stem from what makes 5G so different: the smaller, higher frequency wavelength compared to earlier technologies. Ruger said that AM radio waves, an earlier technology from the other end of the spectrum, are 1000 feet long, while the new 5G band waves are less than 1 centimeter. This helps 5G deliver such rapid speeds with far less latency.
The major differences Ruger said organizations should keep in mind are the quantity of devices, the speed of connectivity, and the distance waves travel.
“Each of these changes present real challenges when addressing cyber security, but also opportunities to improve security,” said Ruger, who has managed previous corporate migrations from 2G to 3G, 3G to 4G, and now on to 5G for companies like Lenovo, Motorola and Google.
The faster, stronger connections provided by 5G will create an explosion of Internet of Things devices. How many new devices? Where employees may now have one or two internet-connected devices each, organizations need to plan as many as 100 devices per employee in the near future as office add smart sensors on everything from light bulbs to office chairs to thermostats.
“When employees start bringing in that many devices, that will put a lot of pressure on organizations to ensure each device is consistently updated and patched,” Ruger said. “Organizations need to have a plan for ensuring devices are updated, either through a service contract or more frequent device replacements, which could mean leasing more devices.”
Organizations also can take advantage of network slicing, which enables them to procure private portions of the 5G spectrum, which in turn reduces the opportunity for lateral movement of problems such as infections across the network.
Lenovo has plans for 5G both in how it will secure its own networks to providing products that use 5G. Lenovo’s Motorola smartphones included the first 5G ready phone, and Lenovo released the first Qualcomm 5G PC.
The biggest selling point for 5G is speed. Working almost 100 times faster than 4G, the new standard promises to make online videos run smoothly every time and downloads to seem nearly instantaneous. But the same rapid speed that makes for clear calls or perfect videos also means hackers that breach your systems can extract mountains of your data before you can react.
“That speed can seem a bit scary when you’re in charge of security, but 5G network slicing enables new monitoring and ‘detection’ capabilities,” Ruger said. “In addition, you can leverage 5G speeds for better data backups and redundancy.”
The third area is distance, which is the real dichotomy of 5G. Those 1000-foot AM radio waves have one advantage: they travel great distances. In contrast, the comparatively tiny 5G waves require cells as often as every few hundred feet, especially in dense, urban environments. This will create an explosion of infrastructure devices to propel the 5G waves onward.
While all those cells must be secured, they also provide an opportunity for security leaders to control the micro-cells installed in their buildings when 5G arrives.
“And companies can leverage that distance limitation to focus on the connectivity within the office space and improve authentication to secure your network,” Ruger said.
And he reminded everyone that things will keep moving faster as work on 6G is already well underway.