How to Secure 5G Networks with AI, Zero Trust, and SASE

Michael Krigsman: With the huge growth of 5G in telecom, how can organizations manage security for this important technology? We're taking a deep dive with a world-leading expert, Anand Oswal, who is Senior Vice President and General Manager of Network Security for Palo Alto Networks.

Anand Oswal: It's exciting to see all the momentum of 5G technologies in transforming industries. They unlock opportunities for mobile broadband and video streaming, and today, 5G allows businesses to integrate more connected devices. And as you connect more, you can see, control, and automate more. But the real exciting trend I'm seeing is the convergence of technologies to supercharge 5G digital transformation across most of our critical infrastructure, industrial businesses, and governments.

5G is truly coming of age at the same time as AI. And as these technologies converge, you get 5G connecting nearly everything at lightning-fast speeds. And AI is embedding intelligence into it. When AI gives 5G the potential to predict issues and optimize itself in real time, you have the recipe for business transformation at a scale we have not seen before. At the same time, we also have IT and OT coming together, creating new opportunities for efficiency, for productivity and agility in traditional siloed systems.

With the rise in 5G demand and access to more IoT, users are getting their important work done from anywhere using connected devices. Together, this is driving a transformation that will create profound shifts in how businesses and industries operate, and we are right in the middle of it.

Michael Krigsman: Anand, 5G is exploding. Why is security so complex when it comes to 5G?

Anand Oswal: 5G is an incredibly amazing technology. When you think of the evolution of the G networks, we had analog with 1G, then you had digital with 2G, then you had 3G, with 4G got you more data. 5G is all about high-speed data and low latency. Now, 5G has a lot of built-in technologies for security, user authentication, encryption, and so on and so forth, but those are not enough.

You need to be able to see what's happening within your 5G traffic, because threats are getting more and more sophisticated. It's important to ensure that we protect across all layers. It's your signaling layer, it's your application layer, your data layer, your management layer, etc. All locations, right, across edge, core, cloud, data center everywhere, and that is very critical as 5G evolves.

We are working on securing the 5G infrastructure, and as people build private 5G networks to not only protect that infrastructure, but also provide the right level of visibility, segmentation and threat detection capabilities.

Michael Krigsman: Can you give me some examples of how these technologies converge to drive business transformation?

Anand Oswal: This digital transformation will happen in areas that affect our daily lives—the most important things, like energy, utilities, transportation, oil and gas, and telcos. Let me give you a few examples of this in action.

I recently met with a telecommunications company who has been combining AI with 5G to build smart 5G networks. Now, these networks are not only blazing fast, but they're also adaptive. They use machine learning algorithms to analyze network performance, predict traffic, and optimize continuously. So they can offer customers the best possible connectivity. I recently also met a chemical manufacturer that was using private 5G that connects different devices, like sensors, to monitor temperature and chemical composition, to ensure the process remains safe and stable.

Operators can then monitor and control machinery virtually from almost anywhere. With real-time data, they're able to optimize operations across the board, automating dangerous tasks, analyzing data, and even predicting upcoming maintenance windows. This has led to a decrease in human intervention, increase in safety, and better operational efficiencies, giving them a competitive edge. And last, Michael, one of our customers is a local government, that was tasked with updating their entire aging critical infrastructure. They were concerned that legacy technology was increasing their risks of attacks by nation-state threat actors, and they were also inspired by their vision of what their community could do with the help of smart solutions.

Let me also give you an example of a remote access solution. A global oil and gas exploration and production company with offices in remote locations, decided to centralize its entire SCADA system. Instead of maintaining a dedicated server at each remote office, the company chose to consolidate with a single SCADA server located at their data center. This new approach requires a secure private 5G network, connecting OT sensors, pumps, and other devices across its entire vast network, while ensuring secure connectivity to the centralized data center for all the remote operations.

By integrating 5G, AI, IT and OT into your infrastructure, communities, and countries around the world, can connect everything, including autonomous cars, transportation, supermarkets, shipping ports, manufacturing plants, farms, water systems, and so on.

Michael Krigsman: What are the most pressing security threats and attack vectors in relation to 5G?

Anand Oswal: This bright future of digital transformation and opportunities associated with that, comes with risks. The convergence of these technologies introduces new attack vectors that we have to be aware of and protect against. Now, I don't need to tell you that as more and more devices get connected to a network, it increases the attack surface.

And you don't need to be a cybersecurity professional to see how the high-speed data transfer capabilities of 5G can help cyber criminals infiltrate large volumes of data quickly. The threat landscape continues to increase, both in scale, in sophistication, and in speed. AI is having a compounding effect on all of these. So today, we are seeing over 30 billion attacks that we are able to block on our platform every single day. More and more of these attacks are net new, attacks that nobody has ever seen before, and we're telling every organization to assume that at some point of time, they will be in the attack with a scale and sophistication of nation state level attacks, and they have to be prepared for those days.

But this can be solved. We think of security holistically, when it's not an afterthought.

Michael Krigsman: There's a lot of discussion about public and private 5G networks. From a security perspective, what are the differences between them?

Anand Oswal: The 5G standard itself has some excellent security capabilities baked into it. For user authentication, user privacy, for the over-the-air traffic and traffic encryption. And some protection for signaling traffic. These are very important, but not designed for seeing and stopping the advanced threats within the mobile traffic itself, and it's definitely not enough for your enterprises, for your governments and industrial businesses. Now if you think of public 5G networks, the key thing that we want to do is protect the infrastructure of the service providers, across all locations, all vectors.

And second, ensure the users who connect to this 5G networks are fully protected. Now, if we come to private 5G networks, these networks are usually flat layer two networks. We need to first have full visibility into what the network is and ensure that we are able to provide the right level of segmentation, the right level of capabilities to be able to isolate any threats that we see, and provide, good connectivity between what we're seeing on the IT side and what we're seeing on the OT side. 

So these threats vary across public and private 5G networks.

Michael Krigsman: For organizations just starting their 5G journey, is there a key piece of advice for them to build security into their strategy from the ground up?

Anand Oswal: Absolutely. Here's how I think about securing 5G to the enterprise grade level. First, get ready. The sophistication of attacks is growing, in scale, in speed. The question isn't when you'll be attacked, it's are you ready for it? Understand the potential risks and the failure points in your 5G network and create a plan of how you can protect against those risks. Now that you have an idea of these potential risks, think about how you can identify if and when an attack happens. So it's come down to zero trust. First and foremost, it's most important to implement a zero trust approach to securing your 5G infrastructure.

This means continuously validating your users, your devices, the applications, and sessions at every stage of the digital interaction and ensuring that you have full visibility into the applications, the services and the threats present on your 5G network. Second, secure all layers. The signaling layer, the application layer, the data layer, the management layer. Secure all locations, across all facets of your 5G network. Most security solutions only protect you on layer three and layer four.

But what about the threats that you're seeing on the application side? Evasive attacks require visibility and advanced security across all 5G devices, networks and services everywhere. On premises, edge, core, perimeter, roaming and cloud. You have to secure all layers of your network and all the places where an attack may occur across every single threat vector, 

anywhere you might be exposed, And by the way, a common mistake I see is people only thinking about security once their product has gone live. Big mistake. You should be building this from the get-go with security in mind, testing it in a development phase before it goes live in containerized environments, and again, at runtime.

Next, Michael, we have to fight AI with AI. You need protections against all possible attacks, known and unknown, across all vulnerabilities, which are growing thanks to the help of AI. The good news is defenders can leverage AI's capabilities to enhance these measures, while ensuring that the 5G infrastructure is fortified against threats.

Organizations can embrace new, innovative technologies like Precision AI to more proactively and effectively safeguard their network. Next, simplify security. The typical organization juggles between a variety of different solutions and vendors. This creates inconsistent policies.

Security teams are overwhelmed with how all of this can   challenge their operations, give them inconsistent policies and inconsistent views of their entire infrastructure.

Michael Krigsman: Anand, as more companies lean into 5G network adoption, is there a role for SASE as a security architecture?

Anand Oswal: Secure Access Service Edge, SASE, is an approach to security that brings every device and service on the network together securely. So that you can ensure your company is protected, no matter where your workforce is located, what device they're using, so that they get access to the right data, the right SaaS applications, the right private applications that they need to do their jobs effectively and safely. For 5G networks, this is relevant because there are threats impacting the enterprise and users and devices that access internet websites that could be malicious. They're accessing SaaS applications. They're accessing gen AI applications when connected over the public 5G network.

This is because with public 5G, enterprise admins do not have any visibility and control of these devices, as they're not on their enterprise network. They're on the public 5G network. As a result, although these devices are carried in and out of the enterprise, the enterprise security team has no way to control them. So public 5G networks do not organically support connections into the enterprise network. And that's why we are launching a new SASE 5G solution. 

Prisma SASE 5G is built for businesses that use public 5G connectivity within their enterprise, whether it is their employees with 5G powered phones or tablets, or their infrastructure, like IoT and OT devices, or SD-WAN devices with 5G connectivity for branch wide area networks.

It uses the telco-provided SIM to authenticate the users and provide that granular policies across your network. No matter where you are in the world. No matter which user or which OT IoT device, whether you're on the wireless 5G network or the wired network, you can get consistent policy. You can get full visibility across your network, and you can prevent attacks all through a single pane of glass. Our customers will also be excited about how this enables data sovereignty with options to configure your security processing regions, locations and log storage to stay in the location that you have specified.

Telecommunications service providers should be especially excited about this, because it gives them a new opportunity to provide security to the enterprise customers as a value-added service. And they can quickly integrate this into the existing network with fast and frictionless integration through a cloud-delivered solution. You'll help enterprises secure their data, users and applications without needing to redesign your network.

Michael Krigsman: Get a little technical with me. Can you explain how this works?

Anand Oswal: When a 5G user or a 5G device connects to the 5G network, it goes through a telco's authentication process. As part of that process, the authentication details, like the IMSI and IMEI are securely communicated to Prisma Access, which uses this information to then uniquely identify the user or the device. Next, we can apply granular per user or per device policies. When the 5G user or device starts internet browsing on the phone or uses an app, that traffic is securely transported to Prisma Access.

This is achieved over pre-established, dynamically scalable, high bandwidth cross connects between the service providers, 5G network and Prisma Access infrastructure. Prisma Access does security inspection, security enforcement of the traffic to protect the user from threats and vulnerabilities. If and when the 5G user connects onto the Wi-Fi network, Prisma Access can also apply the same consistent policies for security for that user based on the user's enterprise identity.

This gives the telco service provider and the enterprise admin, comprehensive visibility of the 5G users and apply the security policies and the enforcement of security for 5G devices based on the 5G identifiers, which the enterprise admins don't have today.

Effectively, Michael, what this does is, is secure 5G users and devices when they access the internet, SASE or private data center applications, whether they are on the 5G network or on the corporate Wi-Fi or wired network, giving them the best consistent security against all the threats.

Michael Krigsman: You're doing a lot with 5G. Are there other things you're working on that you'd like to tell us about?

Anand Oswal: Our 5G-native security platform secures 5G devices, networks and services everywhere, including on-premise, edge, core, perimeter, the roaming interface and cloud with a unified network security platform. It gives comprehensive visibility, security policies based on 5G-specific identifiers, and protects against advanced threats, including day-zero attacks using Precision AI. And it has a few components. First, our next generation firewalls, which are advanced protectors for 5G network traffic, providing a deep look to find anything hiding in the traffic, detecting threats, malware or ransomware, blocking intrusions in real time and offering controls to ensure the right admins have the right level of access to the right data.

NGFWs ensure that malicious traffic or attacks don't sneak in, even when billions of devices are connecting and talking to each other. Second, software firewalls, which are next generation firewalls that run as virtualized or containerized instances in public and private cloud, or as a service natively in the cloud environment. They include all the capabilities of hardware NGFW, but can be deployed programmatically with standard orchestration tools for infrastructure as code. This flexibility makes software firewalls protect the secure 5G cloud native network functions and value added services, or even to be offered as a service for subscribers.

Our cloud delivered security solution, or CDSS, safeguards an organization's network security end-to-end. With the power of Precision AI, these best of breed security subscriptions detect and block new and unknown malware, guard against DNS attacks or prevent lateral threat movements of managed IT and unmanaged IoT devices, while stopping zero-day threats from entering into your network. There's also Cortex Cloud, which protects your 5G-native environments with a real-time security from code to cloud to socket.

Using cloud runtime security, you can stop modern attacks against your cloud native 5G deployments with real-time prevention, lightning fast response and significantly more and efficient security operations.

And of course, our newest offering, our SASE 5G solution, that allows service providers to use our industry leading SASE offering to support enterprises, deploying 5G networks by ensuring workers get secure access to right data and mission critical applications they need to get their work done from any device, any location. It features advanced AI-powered solutions to protect users from malicious websites and content, prevent unauthorized access or threats, deliver fine-grained policy enforcement, and detect those anomalous behaviors and potential threats in real time.

And finally, we have an extensive private 5G ecosystem of partnerships for organizations for a quick look to 5G adoption. By partnering with a trusted vendor, you can aim to simplify the process and better ensure that your company's 5G deployment protects against issues like data leakage and complies with all the relevant laws and regulations.

Michael Krigsman: You have a lot going on with 5G. Any final thoughts?

Anand Oswal: It's a very exciting time in the world of 5G, Michael. Yes, today's digital transformation will affect businesses across sectors and geographies. As these emerging technologies continue to intersect, they will drive more competitiveness for the business leaders who embrace them.

But in order to realize this potential, cybersecurity must be the forefront of business planning. It cannot be an afterthought, because the potential for digital transformation will provide us with an abundant future that's faster, that's optimized and more secure. And as the convergence of 5G and AI and IT and OT continues, their combined potential to drive digital transformation across industries, whether it's telecommunications, manufacturing, oil and gas, healthcare, retail. This will become more pronounced, with the future that's faster, a future that's more connected and a future that is more secure.

Michael Krigsman: Anand, thanks so much. It's great to see you again to talk about 5G.

Anand Oswal: Thank you, Michael, appreciate it.