October is European Cybersecurity Month, and as part of this initiative, the Cybersecurity team, alongside colleagues in the Computer Science department are raising awareness, promoting good cybersecurity practice, and promoting career opportunities in the field of cybersecurity.
The University are one of only 9 institutions in the UK which have both recognition for being an Academic Centre of Excellence in Cyber Security Education (ACE-CSE) by the National Cyber Security Centre (NCSC) and an Academic Centre of Excellence in Cyber Security Research (ACE-CSR). The University’s 5G Innovation Centre is also the inaugural winners of the Bhattacharyya Award , a Royal Academy recognition for its exemplary academia-industry partnership.
Notably, this year the University has also won the 2023 Cyber University of the Year at the National Cyber Awards. It is a recognition for our cutting-edge IT security measures, our dynamic regional collaborations, our education initiatives across various disciplines and outreach with national charities, our groundbreaking academic research in the realm of cyber security, and the collaboration between the Surrey Centre of Cyber Security and the University of Surrey’s IT Cyber Security team.
This week we present advice to business in choosing 5G suppliers. This arose from a discussion between Prof Rahim Tafazolli (Regius Professor of Electronic Engineering and Head of 5G and 6G innovation Centre) and Prof Alan Woodward (a member of the Surrey Centre for Cyber Security), and authored by a leading technology journalist, Chris Stokel-Walker1. It was originally published in the Business Insider Magazine. It demonstrates that cyber security has many unexpected dimensions, and not all of them are technical, leading to many opportunities in cyber security for those not steeped in computer science.
5 steps to develop a secure 5G network
• The opportunities from 5G are a boon for many businesses.
• But to ensure you implement a 5G network that is secure, there are some steps to follow.
Two cybersecurity experts, with knowledge of 5G network setups, outline the things you ought to do to ensure success. This story is part of “The 5G Playbook”, a series diving deep into one of our generation’s most important tech innovations.
The arrival of 5G networks around the world offers potential for organizations to transform their operations and enable new technologies. Nearly half of UK businesses surveyed in June 2022 said they planned to make investments in the mobile network technology in the coming year, and a GMD Research report estimated that, by 2031 the global 5G enterprise market will be worth more than $83 billion.
“5G, along with other forms of advanced communications, has the potential to transform business models, generate new revenue streams by unleashing the Internet of Things, and give organizations new insights through data that enable them to improve the service they provide for customers,” said Bob Driver, the head of UK5G, an industry group.
5G is the latest publicly-available version of superfast mobile internet. It boasts higher capacity and speed than the previous generation, 4G mobile internet, and lower latency, meaning that mobile internet can now be used for a variety of purposes in businesses as well as personal use cases.
However, with these potential benefits come risks that must be carefully managed. 5G experts Rahim Tafazolli and Alan Woodward of the University of Surrey spoke to Insider about the key steps organizations should take to develop a secure 5G network.
1. Understand your needs and hire the right staff
The first thing to check is whether or not you actually need a 5G network, and if so, how to scope it correctly. Everything from traffic, security levels, and latency requirements will determine how to lay out your 5G plans safely and securely.
That requires trained staff, said Tafazolli, who is the founder and director of 5GIC, 6GIC, and the Institute for Communication Systems at the University of Surrey. “In most of these organizations, they are not telecom people,” he said. “They have IT people, and to be able to manage, maintain, and support a telecoms network requires telecom skills.”
2. Evaluate public vs. private 5G options
If you don’t have the full complement of telecom skills required, it’s much safer to rely on those who do to provide your secure 5G network. A public 5G network slice provided by a mobile operator may, in that instance, be better than a private, on-premise 5G network that you have to maintain in-house.
Tafazolli said, “You don’t need to bother yourself so much with the maintenance and support of those systems” by choosing a slice of a preexisting public network. However, Woodward said that “some organizations may prefer a private network under their own control, despite the overhead of managing it, because they are handling sensitive data or have competitive concerns” and a private network is typically more secure.
3. Utilize 5G’s configurable security
Business owners and IT leads may think they have to go down the private network route because of security concerns. But 5G is a fundamentally different technology.
“When people used to lay fibers for their own personal high-security networks, they would want their own ‘dark’ fiber because nobody would intercept it,” said Woodward. “What one has to remember is that 5G has been designed with security from the start, all the way up from the IP level.”
No system is foolproof or hackproof, of course. But because 5G is a software-defined network, you have the ability to configure it better. Evaluate your risks and use 5G’s configurability to architect the appropriate mitigations.
4. Partner with experts
“If telecoms is not your core business, you’re going to need some help,” said Woodward. While 5G is still maturing, experts like mobile operators and infrastructure vendors can guide you through planning and deploying networks.
Tafazolli points out that as well as accepting what providers offer, “you can implement your own security as well.”
“It doesn’t have to be a standardized security solution,” he said. “You can put your own encryption against the mechanism for possible attacks.”
5. Implement monitoring and automation
Operating a 5G network requires extensive telecom expertise many enterprises lack. But there are tools out there that can help with advanced monitoring and automation, as well as improving performance and maintenance. Those tools can check and analyze things like uptime, latency in your connection, and any use of the 5G connection to ensure that only those authorized can access it. Make sure to budget and plan for these technical capabilities.