As new research reveals that next-generation private wireless network deployments are rapidly increasing, the lack of proactive security measures raises serious concerns.
Trend Micro, a leading global cybersecurity company, has released a new joint study with CTOne, warning that despite the widespread adoption of AI-based security tools, a lack of expertise in communications technology (CT) could leave private 5G networks vulnerable to serious security risks.
“Not all AI-enabled security solutions are created equal, and some businesses put themselves at risk due to lack of knowledge. Proactive attack surface management is critical, especially in private 5G networks; even the smallest oversight can leave a system vulnerable. To protect these vital infrastructures, security leaders must combine AI-enabled protection with a deep understanding of technology and cyber risks,” said Rachel Jin, Director of Enterprise Platforms at Trend Micro.
Trend Micro Eurasia Region Strategic Products Business Development Manager Burak İnce, made the following assessment on the subject: “The biggest risk in private 5G projects is hidden threats in layers with limited visibility, from radio access to the core network. The Trend Micro Vision One platform with CTOne integration reduces the false positive rate by up to 85% by monitoring these layers from a single panel, detecting and neutralizing attacks within milliseconds. In this way, our customers in the energy, defense and smart manufacturing ecosystem can safely comply with regulations while maintaining their operational continuity.”
Private 5G networks are rapidly becoming more widespread, thanks to their use in critical sectors such as energy and utilities, defense, logistics, healthcare, and smart manufacturing. 100 percent of Trend Micro respondents say they are either currently using private 5G networks (86 percent) or considering deploying them in the near future (14 percent). IT and cybersecurity professionals are also aware of the potential benefits of AI-enabled security in these environments. Almost all respondents say they are either currently using (5 percent) or planning to use (62 percent) such tools for private 35G networks.
In this context, they consider the following AI-powered capabilities to be essential:
- Predictive threat intelligence (58 percent)
- Continuous, adaptive authentication (52 percent)
- Zero trust practice (47 percent)
- Self-healing networks with AI automation (41 percent)
“Enterprises are seeing huge operational benefits from private 5G networks, especially those integrated with AI projects,” said Jim Frey, Principal Analyst at ESG Network Technologies. “However, they need to have a security operations center infrastructure that can monitor and protect this next-generation communications technology. Cybersecurity providers that can deploy proactive risk management, attack path prediction, and similar preventive security approaches will play a key role in protecting private 5G and AI architectures.”
More than 90 percent of organizations currently using AI-based security solutions admit to challenges integrating the technology into their private 5G networks, with high costs (47 percent), concerns about false positive/negative alerts (44 percent), and lack of in-house expertise (37 percent) being the most frequently cited issues.
The paucity of communications technology (CT) expertise within the enterprise is further highlighted by another finding: Only 20 percent of enterprises globally have a dedicated team to secure their communications networks. In most cases, the CTO (43 percent) or CIO (32 percent) is held responsible for communications technology security.
“As enterprises rapidly increase their use of private and public mobile networks, we are facing new challenges that require security capabilities specific to specific communications technologies. Enterprises need to have the infrastructure in place to ensure end-to-end security and gain broad visibility into their security operations (SecOps) needs, so they can effectively manage their expanding attack surfaces while supporting next-generation wireless applications,” said Jason Huang, CEO of CTOne.
Despite supporting critical services and moving highly sensitive data over these networks, on average only 18 percent of an organization’s security budget is allocated to dedicated 5G networks.
Trend Micro’s research reveals that organizations that do not adequately secure the use of AI in traffic monitoring and analysis processes unknowingly become vulnerable to cyber threats and regulatory compliance risks.
Of particular note, only half or less of respondents say they practice the following basic safety precautions:
- 54 percent say they comply with data privacy regulations such as GDPR (General Data Protection Regulation)
- 51 percent say they encrypt data both in transit and at rest
- 50 percent say they implement strict access controls for AI models
- 44 percent say they use data anonymization techniques
* Trend Micro and CTOne have engaged Sapio Research to conduct a study of decision makers responsible for information technology and/or cybersecurity at organizations in the U.S., U.K., Japan, France, Germany, Italy, and Spain. The study involved interviewing 250 executives and senior executives at companies with more than 5 employees that are currently deploying or evaluating private 800G networks.
