5G in the era of OT technologies:what challenges for what solutions?

For industrial companies that have undertaken their digital transformation, 5G is a real source of opportunities. With its high performance, low latency, as well as its ability to simplify mobility and boost scalability, 5G is the ideal lever to improve the automation of production processes and enable new applications, in particular those using systems latency-sensitive or real-time. However, 5G exposes industrial environments, as well as the IT/Telecom networks to which they connect, to new cybersecurity risks. The result is a convergence of communication, computing, data storage and big data analytical processing technologies, as well as better access to industrial control systems and production environments. Simply providing network and OT security for production sites alone is not enough. If 5G is to be used in a critical context, it too must be accompanied by an integral security solution.

Until recently, OT networks operated in silos. Within these critical infrastructures and industrial production environments, high availability has always been favored over cybersecurity. But the emergence and growth of IT applications capable of analyzing and managing real-time industrial environments have made IT and OT networks converge. This convergence exposes OT to the same threats that have plagued IT cybersecurity for decades. But without benefiting from decades of experience and proven solutions for sensitive OT environments.

New technologies, such as the Industrial Internet of Things (IIoT) and its interconnected sensors, instruments used to monitor or control systems, and other interconnected devices, are all taking advantage of 5G to perform better. . This puts more pressure on the ability to quickly detect and respond to threats that proliferate and spread at the speed of 5G. The IIoT is potentially made up of thousands of sensors, probes, and triggers that can be accessed remotely for control, diagnostics, and maintenance. These devices present a high risk since they are likely to directly impact and damage real-time production environments. When a critical system goes offline or behaves erratically, businesses are more than ever urged to make cybersecurity a priority to protect their assets.

The challenges and the solutions

5G is accelerating the IIoT and the digital transformation of industrial environments. It carries the promise of simplified scalability, optimal reliability and ultra-low latency wireless connectivity. However, this 5G presents new challenges in terms of security. Here are some potential challenges and practical solutions that OT systems managers are encouraged to consider.

Challenge: protecting an ever-expanding edge:

Many real-time processes react almost instantaneously to a frequently changing environment. Integrating data into a centralized system for analysis and decision-making purposes can be too time-consuming for real-time systems. On the contrary, opting for an edge computing strategy makes it possible to deploy the application at the heart of the industrial tool and promotes data collection and local decision-making, via 5G. However, too often, companies that opt ​​for edge computing fail to see the security implications. As new endpoints are added to the network, the attack surface expands and becomes more complex to manage. And since many of these systems are designed and deployed on an ad hoc basis, companies often find themselves having to manage a proliferation of solutions and vendors, relying on their already highly mobilized IT teams. The multiplicity of endpoints, combined with limited human and security resources, results in too many attack vectors, especially when a threat targeting an edge device manages to bypass a centralized security system to perpetrate its abuses.

Solution: Threat Visibility and Automated Response:

For edge computing to work properly, operations, networks (especially multisite edge devices) and security must be able to communicate with each other in real time. Edge computing devices must be protected by next-generation firewalls (NGFW), anti-virus and intrusion protection systems.
In addition, security must not be content with being integrated in a relevant way on all industrial connected objects and network devices. It should also benefit from advanced artificial intelligence (AI) and EDR (endpoint detection and response) functions to provide real-time visibility and automated threat response. This is critical if IT security teams want to detect and analyze threats, then apply security consistently across a distributed OT network and its segments (LAN, WAN, and edge cloud), especially in an environment context. Superfast 5G.

Challenge: an unprotected attack surface:

5G IIoT devices rarely have built-in security features, which makes them vulnerable: they can be used by attackers as a gateway to the industrial production environment. As the growing number of 5G devices and systems begin to play a critical role within these environments, the expansion of the attack surface to multiple locations, the emergence of new attack vectors and an ecosystem complex of users will introduce new security challenges.

Solution: a modular and segmented security infrastructure:

A major first step is to ensure that 5G and IIoT devices are positioned on separate segments of the OT network, through a next-generation firewall. This first step is certainly necessary, but segmentation alone is not enough. Meeting the challenges associated with a distributed, hyper-connected and ultra-high performance 5G environment requires deploying a consistent security architecture across IT and OT environments. Such an integrated approach provides broad visibility across the entire security infrastructure, which in turn enables rules to be defined and orchestrated to effectively manage risk. By combining edge computing and 5G security with an integrated and consistent security strategy, built around a unified and universal security platform, you ensure that all devices, endpoints, functions and networks remain protected, even within in a dynamic context.

Such a modular and holistic approach to 5G infrastructure security enables distributed systems to operate as a single, unified platform. Here are the building blocks of this modular security infrastructure:

Visibility: You cannot protect what is invisible to you. All network and security components must be able to share information and collaborate with each other to operate as a single unified solution.

Knowledge: IT and OT teams already face challenges when it comes to securing their edges and endpoints. 5G may well amplify these challenges, accelerating the spread of threats beyond the detection and response capabilities of legacy security tools.
. 5G requires improving security systems using artificial intelligence, machine learning and automation tools, so that systems collect, analyze, correlate and make data available in near-time. real world, with a view to better detecting and responding to threats.
Control: Control allows actions to be taken when necessary to minimize the impact of a threat anywhere in the 5G network, including IT and OT environments. To do this, robust OT security solutions must be built using vendors that can provide granular visibility and control.

Mastering the challenges ahead

To realize the benefits of 5G, security must be built into the process. If security systems have to wait to receive change notifications provided by the 5G infrastructure before they can modify rules and protocols, this results in a delay, and therefore a window of vulnerability that can be exploited by attackers. This is why security must move at the pace of 5G developments and not follow them. A relevant 5G security strategy should address all industrial environments and IT networks, enterprises, service provider environments, as well as public and private 5G networks. It must also address the 5G cellular network, edgecomputing sites, multisite WAN and 5G core. On the other hand, to adapt to the performance of 5G, security solutions must be able to make fast, automated and precise decisions to ensure proactive protection. Finally, beyond high-performance appliances and dynamically scalable cloud environments, the security strategy should ideally use artificial intelligence to speed up analysis and response times.