It’s not quite everywhere yet, but 5G connectivity is growing rapidly. That’s a great thing for remote workers and anyone depending on a fast connection, but what kind of impact will 5G have on application security?
“The explosion of 5G is only going to put more pressure on teams to harden their application security practice,” said Mark Lambert, vice president of products at ArmorCode, via email. The reason is the increase in the attack surface.
More devices with high bandwidth will be connecting to your network systems and services. At the same time, Lambert pointed out, business leaders are demanding an increase in the pace of software delivery. As 5G use becomes the norm, so does the risk of apps without the security to support faster connectivity.
“Application security teams need ways to quickly identify vulnerabilities within the DevSecOps pipeline and collaborate with development teams to escalate remediation,” said Lambert.
The IoT Dilemma
5G will accelerate the use of IoT devices, which in turn will accelerate app development for IoT devices. Based on the lack of priority for security in the application development process today, there is no indication that IoT software will be designed to handle the challenges of 5G security in the future. And there will be challenges.
The 5G systems won’t just connect phones, sensors and software to the internet. “On a high level, a 5G system comprises a device connected to a 5G access network which, in turn, is connected to the rest of the system called a 5G core network,” according to a whitepaper from Ericsson.
So, it won’t simply be all the new connections that are expanding the attack surface and creating an increased application security risk, but also the change in how 5G connects to the network. Rather than the one-way network that was in place under 4G, 5G brings a two-way communication capability, and, according to a Cyrex blog post, would “be linked in this two-way network and effectively would be public to those with the skills to exploit the link.”
5G, AppSec and the Cloud
Expect to see 5G lead to an increase in the adoption of cloud applications, said Kevin Dunne, president at Pathlock, in an email interview.
“Increased connectivity and connection speeds from anywhere will drive companies to invest in infrastructure that can be accessed from anywhere,” said Dunne. “Providing accessible applications will increase employee productivity, but it will also introduce new threats. With critical resources now on the public network, bad actors can access them from anywhere, increasing the number of threats to sensitive data and business processes.”
IT security teams will need to shift their focus from network-based perimeter protection to more modern approaches that look beyond what users can do in an application to what they are doing, Dunne added. “This helps to defend against modern attacks like phishing and ransomware which are increasingly common in cloud environments.”
It’s not all gloom and doom for 5G and application security. 5G can enhance app security, allowing developers to create more intelligent software and allowing them to use virtual hardware. 5G can also improve identity management and authentication that will make it more difficult for threat actors to infiltrate applications.
5G is expected to transform business reliance on IoT devices and cloud applications. Expect new threats and risks to go hand-in-hand with the innovations that 5G brings. Those responsible for application security will need to prepared with cybersecurity systems that will adapt to those threats.
5G Wireless: A Comprehensive Introduction
👇 Please Follow our LI page…
DISC InfoSec
#InfoSecTools and #InfoSectraining
