What Lurks Around the Corner for Telecom Network Security?

Telco networks are migrating to the cloud and becoming decentralized, with open, multivendor interoperability. The steady march of evolution targets deployment of 5G Advanced as 6G glimmers in the future. In the meantime, new capabilities like integration of non-terrestrial and Wi-Fi networks are creating a three-dimensional, loose federation of networks spanning the ground, air, space, and water.

New security risks are on the rise while existing threats continue to demand attention. They’re coming from all angles, exacerbated by volatile global conditions and threats from rogue nations.

This isn’t a doomsday scenario, but it demands serious attention, strategic planning, and swift action.

Given the more closed nature of previous mobile generations, telco networks were more of a blip on the radar of global security concerns. As mobile matures to provide mission-critical support for industries and government alike, security has surfaced as a top concern.

In this post, we’ll explore emerging security technologies, best practices, and evolving applications as telecom network security takes center stage. Specifically, we’ll focus on the role of DevSecOps, Zero Trust, and AI/ML in proactive strategies.

DevSecOps to rapidly identify and fix vulnerabilities

Service providers are deploying DevOps practices for scalable, continuous, and automated operations critical to modern, disaggregated, multivendor, open networks.

DevSecOps extends DevOps by incorporating security throughout the lifecycle. This represents a departure from previous norms that saw security efforts addressed as circumstances demanded them.

Legacy security practices are simply unable to keep pace with agile releases and the rapid cadence of updates from multiple vendors. Stakeholders are also realizing that adding security after the fact to existing solutions can negatively impact performance.

Stakeholders are also realizing that adding security after the fact to existing solutions can negatively impact performance.

The goal of DevSecOps is to catch and address security vulnerabilities early in the development process, prevent regression of security postures during updates, and continuously monitor and evaluate security efficacy.

Just as with DevOps, automation is fundamental to DevSecOps. To speed processes and support regression analysis, security testing must use common test tools and the most current security test attack libraries, continuously, across the end-to-end, lab-to-live lifecycle. The testing must be based on realistic and zero-day what-if scenarios.

The key to DevSecOps success is feedback loops that continuously provide qualitative data to reinforce security designs and decision-making.

In the future, DevSecOps will incorporate AI to provide optimized recommendations for vulnerability remediations or determine how such changes will impact the rest of the networking environment. These recommendations and remediations can eventually be fully automated in a closed-loop intent-driven process. This will be just the tip of the iceberg for AI’s role in helping to defend telco networks.

Zero Trust networks demand authentication

Networks are starting to handle a massive number of IoT devices. Non-terrestrial federations of networks are working together. The prolific growth of diverse end devices connecting to the network and heterogeneous communications networks means no asset can be trusted implicitly.

It has become imperative to architect networks based on Zero Trust security principles instead of the traditional unified security approach.

With Zero Trust, assets are verified every time they request access, even if they were previously authenticated. Continuous authentication and access control ensure only legitimate parties with approved credentials can access the relevant parts of the network. This enables highly personalized security policies and data privacy.

Zero Trust success requires broad implementation across all communications network dimensions, including:

• Traffic planes (user, control, and management)

• Networking domains (core, RAN, O-RAN, transport, wireline, non-terrestrial, IT [OSS/BSS])

• User equipment (smartphones, CPE devices, industrial IoT equipment)

AI/ML offer powerful security management but also new risks

AI combined with automation is foundational to the design and operation of evolving communications networks. With AI and automation, intelligent decisions can be made at granular levels across large, decentralized systems to enable self-orchestration and optimization, self-healing, and self-defending and self-securing networks.

A precedence has been set by IT and enterprise cybersecurity defenses that already use AI/ML extensively. From a recent survey we conducted, network security is a key requirement for private networks, often implemented with secure access service edge (SASE) capabilities. It’s just a matter of time before communications networks embrace AI/ML for security.

Communications network AI/ML security research and implementations have initially addressed threat detection. However, the longer-term evolution will focus on using AI to drive security end to end, from prevention to remediation response. User and entity behavior analytics (UEBA) will fortify the prediction of potential security vulnerabilities and breaches.

The longer-term evolution will focus on using AI to drive security end to end, from prevention to remediation response.

In parallel, AI/ML investment and research on self-orchestrating networks is lending itself to new security responses. Self-adapting networks using orchestration are already changing network configurations to improve performance. By applying that approach to security, orchestration can initiate changes for self-defense or to autonomously respond to security threats. The system can learn from those threats and block them from entering the network in the future. Using self-defense through adaptation to respond to adversarial events, the RAN, core, and transport domains can be reconfigured and updated dynamically.

AI is rapidly being incorporated into a wide variety of technologies. But there are currently no regulatory policies and no proper security postures, though the White House recently directed developers of the most powerful AI systems to share their safety test results and other critical information with the U.S. government.

AI/ML technologies present new vulnerabilities that must be addressed, such as:

• Manipulation of training data causing AI to behave in a rogue way

• Reverse engineering of data sources to gain access to private information or outputs

• Incorporation of biases in training data

New security capabilities will be required to ensure AI data efficacy and avoid compounding security risks through AI models that could spread security risks or create wider attack surfaces.

Telco network security is at a turning point

Communications networks are experiencing fundamental changes that will unleash powerful new capabilities and stimulate automated testing and operations. However, network security advances must be incorporated as early as possible in the planning stages of the network’s evolution to stay ahead of growing vulnerabilities.

Learn how Spirent security testing solutions can help, and discover how DevSecOps and continuous security testing are being used today in our 5G standalone networks and our 5G core. Also, don’t miss our webinar where AI challenges data centers are facing can provide solution insight for telecom players: The Impact of AI Workloads on Modern Data Center Networks.