Intelligent CIO Europe Issue 63 | Page 70

INTELLIGENT BRANDS // Enterprise Security

SecurityGen identifies cybersecurity priorities for mobile operators in 2023

SecurityGen , a global provider of security solutions and services for the telecoms industry , has revealed its cybersecurity priorities for telecom operators in 2023 . SecurityGen Co-founder and CTO , Dmitry Kurbatov , identifies the main factors shaping the risks and threats that operators must prepare for in the year ahead .

1 . 5G-related challenges
• 5G is open for integration – but also to attack : 5G is designed from the ground up to be flexible and open for integration . However , the same open architecture can also make 5G vulnerable and exposed to threats and hidden vulnerabilities .
The challenge for operators is to maximise 5G ’ s advanced functionality and interoperability while also recognising this vulnerability and minimising the threats arising from 5G ’ s extra openness compared to previous network generations .
• Beware roaming traffic from nonstandalone 5G : As operators deploy more 5G networks and more users purchase 5G smartphones , the volume of roaming traffic between 5G networks increases . But the majority of this extra roaming traffic goes through non-standalone 5G networks which still use unsecure legacy technology for their core networks . Without proper security measures in place , 5G is vulnerable to threats originating from non- 5G networks carried in non-5G network traffic – but which are able to damage and disrupt 5G services .
2 . Cyberattacks from hostile states and organised crime
Telecom networks are high-value targets for cyberattacks , especially during times of heightened geopolitical tensions . The growing use of mobile – especially 5G – for connecting and remote monitoring of everything amplifies the damage and disruption that an attack on an operator ’ s network could inflict . Mobile ’ s importance also makes it a target for organised crime groups to launch financially motivated attacks of their own aimed at operators or their subscribers .
3 . Operators as high-value targets for ransomware
The number and frequency of cyberattacks such as ransomware and phishing show no signs of slowing . In 2023 , expect the bad actors behind them to become more advanced and more selective in their attacks – including targeting mobile networks as the means to breach telecom operators and access the valuable customer data they hold .
4 . New industry regulations on security but operators must do more
National and pan-regional regulators are pushing the telecom industry to comply with new security requirements that address the heightened threat of cyberattack on digital infrastructure and telecom networks as part of it . Mobile network security is still perceived as an after-thought . Rather than adopt a network-wide , security-by-design approach , many operators continue to rely on inefficient one-off security techniques which leave parts of their networks exposed .
5 . Effective cybersecurity also depends on collaboration
• Hinders knowledge sharing : When companies and experts share their knowledge and experience , everyone benefits . But with international cooperation undermined by current geopolitical rivalries and tensions , divisions might open between operators and other telecom industry players , industry regulators and national governments that make it more difficult to cooperate on collective joint efforts for better cybersecurity .
• Cybersecurity skill shortages : The telecoms industry , led by operators , needs to step up and invest in training initiatives to attract new workers and provide them with the requisite skills needed to grow the cybersecurity talent pool .
Against this range of threats , Kurbatov identifies the following steps for operators to strengthen the security and resilience of their 5G networks :
• Make the security of your 5G network as much of a commercial and operational priority as its performance in terms of speed , throughput , and coverage .
• Adopt a defence-in-depth approach based on continual network-wide assessments and monitoring .
• Effective 5G security requires more than just installed software solutions and automated monitoring and testing . Extensive and ongoing training is also essential , so that operator security teams can explore and stay up to date with the latest cyberthreats – and also identify new vulnerabilities . p
70 INTELLIGENTCIO EUROPE www . intelligentcio . com