Latest from C&E/NetDev Ops/GIS/Open-Source Networks
Edge-ucating Your Customers on Edge Security
What Type of Edge Security is Best?
Edge networks continue to gain adoption. They are underpinned by 5G technologies, which drive the opportunity for low latency, high bandwidth, and massive machine environments. With edge network adoption comes a transition in data accessibility, agility, scale, and user/customer access—a change that can enable innovative use cases and business differentiation. But new and different risks also are part of the transition, and decision makers need to determine how to address them.
The numerous approaches to edge networks and security controls combined with a lack of clear trends indicate an early market. The lack of industry consensus confirms that edge is still emerging.
Organizations in all industries surveyed (healthcare, retail, finance, manufacturing, energy, and US public sector) are forging ahead with use cases despite perceived risk for several reasons. Critical thinking about edge security and edge networks considers:
- Stiff competition in a global marketplace. Enterprise survival depends on remaining competitive and meeting user and customer expectations.
- Changing business models. Board members and executives want change because they recognize that traditional infrastructure strategies won’t carry their organizations into the future.
- Rethinking operating and infrastructure strategies. For many organizations, this story began in recent years and involves 5G and Zero-Trust. In the 2021 AT&T Cybersecurity Insights Report, 94% of survey respondents said they were on a Zero-Trust journey, including research, implementation, and completion. In addition, 57.7% of survey respondents were adopting 5G architecture at the time of the survey to remain competitive. Edge networks and security at the edge are the next chapter of the story.
- Use case commonalities and variabilities by industry. The findings in this report point to significant variability. The numerous approaches to edge networks and security controls combined with a lack of clear trends indicate an early market. The lack of industry consensus confirms that edge is still emerging.
- Managing stakeholder expectations. Lines of business and IT appear to be working together on security spending and prioritizing ways to satisfy the needs of both groups. But given the number of players involved in edge implementations, anticipate the need to set realistic expectations.
The summary of security concerns and spending, the shared security responsibility model, edge network use case adoption, and the impact of 5G, gives your clients a realistic state-of-the-edge view.
Most Likely to be Attacked
Meaningful conversations about security at the edge encompass specific network environments, components, security controls, and risks. Decision makers are pondering this mix as they forecast security investments related to their use cases.
Survey respondents express concern about all attack vectors listed in the survey. More than two-thirds of respondents rate the likelihood of an attack as “highly likely” and the impact to the business as “very impactful”.
- Respondents are concerned about all attack vectors offered as options in the survey. Across all use cases, 74% of respondents say the likelihood of compromise is “very likely”.
- Ransomware was rated highest in concern. It is perceived as the most likely objective of attack overall across verticals and regions surveyed.
- Sniffing attacks against the RAN landed in fourth position overall (65%). The lowest rated perceived attack vectors (tied at 61%) are distributed denial of service (DDoS) against the RAN and attacks against the MEC.
Figure 1 shows which attack types are of highest concern to each industry.
Within industries, the least worrisome are supply chain attacks, attacks against 5G core (telco), physical attacks, DDoS attacks against the RAN, and attacks against MEC, although these are highly represented overall. Since supply chain attacks enable other attacks, supply chain isn’t always thought of as a stand-alone attack vector. If the goal is exfiltration of data at the edge, supply chain attacks often are a conduit to ease that exfiltration.
Whether perceived risk is viewed by likelihood of frequency and impact or attack vector, respondents across regions and industries express concern to varying degrees. This reality validates the need for discussion and decisions about cybersecurity controls as a core part of edge adoption.
The latest developments in combined security and network solutions also may make organizations reluctant to change in the short term as the debates about on premises versus cloud and cyber versus security plus network continue, and technologies continue to evolve.
Choices
Perhaps the most challenging task in cybersecurity is determining the selection and mix of controls to deploy based on a risk assessment. Often, there isn’t a lot of directly pertinent information available to assess risk properly. The determination of potential likelihood and impact associated with a particular use case relies heavily on the experience and background of the assessors. The variability is evident in the final assessments. Likewise, there is little direct relationship between risk and security at the individual control level. Cybersecurity professionals therefore rely on experience and knowledge when they design an approach.
A common starting point involves best practices and the availability of existing security controls. Organizations often have their own cybersecurity standards to which they must adhere. But preferences for cybersecurity controls also are affected by the use case functionality and architecture.
As use cases develop into projects and architectures are evaluated, the networks and components are typically maintained in their own environment. Accordingly, the first decision about network edge cybersecurity controls typically focuses on determining how to apply an appropriate set of minimum controls. Decision making evolves to include broader considerations.
The latest developments in combined security and network solutions also may make organizations reluctant to change in the short term as the debates about on premises versus cloud and cyber versus security plus network continue, and technologies continue to evolve. The path forward in this dynamic space will be unique to each organization. Scrutiny of the environment, architecture, and use cases is vital to decisions about direction and controls.
The latest innovation in the controls arena is the secure access service edge (SASE) solution currently on the radar of many organizations across industries. SASE combines network and security capabilities in a cloud architecture, but no single vendor offers a complete SASE solution.
But wait, there's more! Read on for the portion not shared in print.
Cloud solutions can quickly negate traditional concerns about performance and bottlenecks since the architectures of cloud solutions are elastic and can be rapidly provisioned as needed. They can also be configured in many ways to address performance issues. The biggest potential downside to cloud-based solutions is lack of control. Depending on the cloud service model (IaaS/PaaS/SaaS), enterprises lose the technical freedom to architect various layers—a disconcerting situation for some decision makers, particularly those outside of the United States.
What Does it All Mean?
A proactive, preventive approach to security at the edge considers a hybrid network model that is likely to persist for a long time. 5G adoption is increasing, but organizations can leverage legacy networks where it makes sense to do so for specific use cases and as dictated by the realities of existing communications infrastructure, regulations, and location.
Four concrete recommendations for your customers should include:
- Emphasize the importance of security by design throughout all stages of edge network discussions and use case implementation. Leverage legacy controls where they are effective but keep up with next-generation approaches such as Zero-Trust and SASE that are designed for 5G and edge.
- Discuss the pros and cons of public and private 5G cellular, legacy cellular, remote office/branch office, IaaS/PaaS/SaaS cloud environment, industrial IoT/OT, or consumer IoT environments. Develop realistic scenarios for incremental transitions to 5G.
- Delve into the shared security responsibility model with public cloud service providers and carriers to clarify roles and responsibilities at every stage of use case implementation.
- Think ahead about innovation, evolving technologies, and security at the edge. Use cases are the most practical way to proceed for now, given the immature, ambiguous state of edge. Specificity is better than generality in all things edge.
About the Author: Theresa Lanowitz is Director of Cybersecurity Evangelism, AT&T Business. She is a proven global influencer and speaks on trends and emerging technology poised to help today’s enterprise organizations flourish. Prior to joining AT&T, Theresa was an industry analyst with boutique analyst firm voke and Gartner. While at Gartner, Theresa spearheaded the application quality ecosystem, championed application security technology, and created the successful Application Development conference. She holds a Bachelor of Science in Computer Science from the University of Pittsburgh. For more information, please visit: https://cybersecurity.att.com. You can also follow us on Twitter: https://twitter.com/attcyber and LinkedIn: https://www.linkedin.com/company/attcybersecurity/.
This article is adapted from the report titled AT&T Cybersecurity Insights Report™: Securing the Edge, https://cdn-cybersecurity.att.com/docs/industry-reports/cybersecurity-insights-report-eleventh-edition.pdf.
MEC 101
Edge computing devices come in many shapes and sizes because they are purpose built. They have in common their support for data processing above and beyond current cloud capabilities. Multi-access edge computing (MEC) is essentially a computer and cellular network architecture that brings real-time, high-bandwidth, low-latency access to latency-dependent mobile applications. MEC works with LTE or 5G and connects with cloud service providers. Edge computing brings cloud into the equation, which means that shared security responsibility becomes more important.
Theresa Lanowitz
Theresa Lanowitz is Director of Cybersecurity Evangelism, AT&T Business. She is a proven global influencer and speaks on trends and emerging technology poised to help today’s enterprise organizations flourish. Prior to joining AT&T, Theresa was an industry analyst with boutique analyst firm voke and Gartner. While at Gartner, Theresa spearheaded the application quality ecosystem, championed application security technology, and created the successful Application Development conference. She holds a Bachelor of Science in Computer Science from the University of Pittsburgh. For more information, please visit: https://cybersecurity.att.com. You can also follow us on Twitter: https://twitter.com/attcyber and LinkedIn: https://www.linkedin.com/company/attcybersecurity/.