now browsing by tag


#cybersecurity | hacker | Is 5G the security silver bullet for system integrators in the West?

Source: National Cyber Security – Produced By Gregory Evans

U.S. vs. China heavyweight
fight not ending soon

As we endure the ongoing U.S.
vs. China trade talks, it has become increasing clear that the U.S.
administration’s on-again off-again relationship with China is not going to
change.  The U.S. is seeking a reset
in its relationship with China
including better protections for American IP,
and Huawei has become a victim of this reset.

This ongoing instability has
resulted in having the Five Eyes’ (United States, Britain, Canada, New Zealand
and Australia) decision
not to use technology from Huawei in the “sensitive” parts of their telecoms
networks.  The U.S. told allies not to
use Huawei for fear of Chinese spying through the back doors of the equipment.

The key to share shift is

Now let’s look at the U.S. vs.
China spat through the lens of wireless system integrators.  Ericsson and Nokia have long been dominant
players in world since 2G.  Huawei made
significant share increases in APAC with LTE deployments and to a lesser extent
in Latin America, Africa and Eastern Europe. 
Now LTE deployments (first national deployments begun in 2009) are
largely complete. 

The networks are built, the vendors
are selected, and their services are up and running.  Global market share is set, for now.  Now enter the 5G major deployments for 2020.  New 5G vendors are performing acceptance
testing on initial deployments imminently at this very moment, and this represents
the biggest chance in 10 years for any of the major vendors (Ericsson, Nokia,
Huawei, Samsung, Cisco) to gain share.

Enterprise fears and China

Once we accept that Huawei’s position
in the cross hairs of the U. S. administration isn’t changing, there are two
aspects we must consider.  First, though
Huawei’s executives have made multiple statements saying there are no back
doors to their equipment, two Chinese laws- the 2017 National Intelligence Law
and the 2014 Counter Espionage Law -remain very problematic for the
company.    Some of the most troubling language is
content like Article 22 which states:

“When the state security organ investigates and understands
the situation of espionage and collects relevant evidence, the relevant organizations
and individuals shall provide it truthfully and may not refuse

Legal experts
have interpreted this as a legal basis upon which the Chinese government could
compel any Chinese company including Huawei to share any and all customer data from equipment deployed both inside China
and throughout the rest of the world.

With the understanding that
Huawei may have a legal obligation to share customer data with the intelligence
wing of the Chinese government, non-Chinese vendors gain a distinct advantage.  Because enterprises believe they can be and
are being penetrated (Radware research
found that 67% of C-Suite executives believe their networks can be penetrated
by hackers).  Cisco, Nokia, Ericsson and
others can differentiate themselves by developing a superior security offering.  And they can make a statement to Service
Providers that Huawei never can: “We will never share any customer data with
any foreign governments and have ZERO legal obligation to do so.”

Once Cisco, Ericsson, Nokia
and others embrace this statement, Service Providers will clearly understand they
can build superior, high quality, agile security services with Western vendors. 

Thousands of security
instances, when and where you need them

As Service Providers build
out their new 5G core networks, many will build out thousands of Mobile Edge
Compute (MEC) nodes across the network. 
These MECs give the Service Providers a service edge that is geographically
very close to tens of thousands of enterprises, and that sees all the
applications flowing in and out of the enterprise.  This becomes an ideal point to insert a
security instance at the network, or application layer (or both) to inspect
traffic in real-time as it enters and exits the enterprise.  When the security instance sees any anomaly,
it can signal to the orchestration layer to spin up an enforcement instance to
clean the traffic and block the offending IP address (or whatever action is
required by the pre-programmed security policy).

In addition, the MEC nodes
are effectively distributed private cloud instances.  As such, they enable Service Providers to
deploy this highly valuable security service as a completely software-based
cloud solution.  This results in a
significantly lower cost service with new business models in which enterprises could
pay for a monitoring only service that increases to an additional enforcement
service just for the actual minutes spent thwarting an attack.  This opens new avenues for revenue to
businesses that see themselves as vulnerable, but can only afford a small
amount per month to monitor their applications.

Increase growth 30X? Yes

Managed Security Services are
going through a period of explosive growth. 
For example, Akamai saw 29%
growth YoY
in its most recent quarter.

In an environment where large
Service Providers are growing
overall revenues
in the low single digits, a high value, high margin service
growing almost 30X faster than the overall company is very attractive. 

Cisco, Ericsson, Nokia and
other non-Chinese vendors have a unique opportunity to lead with security in
their 5G MEC applications.  This will
enable them to differentiate against Huawei with the superiority of their
offerings and the ability to provide peace of mind from foreign government
hacking that clouds Huawei networks.  It
truly is a great opportunity for Western network equipment vendors to:

  • Gain 5G share
  • Help Service Providers
    build a superior high value security service
  • Differentiate
    themselves as the pro security, pro privacy vendors for Service providers in an
    environment where most enterprises see themselves as vulnerable.

Original Source link

The post #cybersecurity | hacker | Is 5G the security silver bullet for system integrators in the West? appeared first on National Cyber Security.

View full post on National Cyber Security