Four Takeaways from CISA/NSA 5G Cloud Security Guidance – EnterpriseTalk

With 5G configured to integrate into the cloud environment, organizations must follow best practices to prevent any attacks launched by threat actors.

With speed and seamless experience taking priority among businesses and customers, 5G networks are something that every organization is looking for. With cloud computing responsible for today’s digital transformation, everything will play a crucial role in the use and success of 5G networks. However, adopting the latest technology brings with it security concerns, and using the 5G cloud is no different. Therefore, the US National Security Agency (NSA) and the Cybersecurity and Infrastructure Agency (CISA) have published the first part of their four-part series titled Security Guide for 5G Cloud Infrastructure.

The first part of the series focuses on the prevention and detection of lateral movements, which is recommended for service providers and system integrators involved in the development and configuration of 5G cloud infrastructures. It revolves around the concept of zero trust.

Cloud environments have several vulnerable entry points and interfaces where threat actors could attempt to compromise environments that include APIs, software, and networks. Therefore, the CISA / NSA guidance focuses on 5G cloud environments that involve perimeter protection and secure internal controls along with sufficient security logging, automation, and monitoring.

Read also: NaaS can address the needs of today’s businesses

Here are five takeaways for security professionals from the guide series:

  • Implementation of identity and access management

Regardless of the computing model in place, organizations must have the necessary security practices in place to mitigate vulnerabilities and lateral movements in the 5G cloud environment. From an identity and access management (IAM) perspective, organizations must implement critical security measures and practices, such as less permissive access control, strong authentication, unique identities, and multi-factor authentication. These should be used to implement mutual transport layer security (mTLS) and certificate pinning to authenticate the identity of the certificate holder. In addition, the guide recommends that anomalies be identified at their earliest stage and that automatic correction capabilities be implemented when feasible.

  • Continuous 5G software update

The range of existing software increases the complexity of cloud environments, including open source and proprietary software to provide vital services to 5G cloud customers. Therefore, 5G cloud providers must incorporate sound software development practices, such as the NIST Secure Software Development Framework, along with mature vulnerability and operations management programs.

  • Secure 5G configuration

The implementation of network security in the cloud environment can vary, as it has a variety of layers, including virtual private cloud (VPC), pods, containers, and hosts. The CISA / NSA guide recommends grouping various resources based on their sensitivity and limiting the blast radius using micro-segmentation. Another way to protect the 5G cloud environment is by isolating network settings and communications. Organizations should use cloud-native capabilities such as network access control lists and firewall rules to restrict network routes. This will ensure that even if a single VPC or subnet is compromised, others will remain intact.

Read also: What CIOs Should Consider When Choosing a Database Management System

  • Lateral movement detection and monitoring.

Having preventive controls in place is crucial to the 5G cloud security environment. However, it wouldn’t matter if malicious actors gain access to 5G cloud providers and ignore them. Since credentials are compromised, infrastructure vulnerabilities are increasing, CISOs have adequate monitoring, alerting, detection, and remediation capabilities when such vulnerabilities occur. This involves activities such as monitoring the normality of user behavior and suspicious behavior of network traffic.

Take a look at what’s new Enterprisetalk podcast. For more such updates, follow us on Google News. Enterprisetalk news.

Leave a Comment