Securing 5G Private Networks: The Opportunities and Risks of AI

6 mins.

Demand for private 5G networks is soaring around the world. By one estimate, the market will grow at a CAGR of 54% from 2024 to 2033 to reach almost $161bn. Enterprises are drawn by the potential for faster, more reliable networks which can be customized according to their specific requirements. It’s why organizations as diverse as airport operators, smart factory owners and healthcare providers are signing up.

Private 5G networks are also nominally more secure than their public counterparts, as the enterprise has complete operational control over them. But not all are created equal, and it would be wrong to assume that they’re inherently secure by design. Can AI-powered security help in this regard? And how great a concern for enterprises are mounting skills and resource shortages?

To find out more, we commissioned Sapio Research to survey 800 decision makers with authority over IT and / or cybersecurity across the US, UK, Japan, France, Germany, Italy and Spain. All respondents work in companies of 250+ employees and either currently use a private 5G network (86%) or are evaluating deployment (14%).

No security panacea

Private 5G networks are not immune to security risk. For one thing, they will usually feature a large attack surface of connected devices—many of which may be unpatched IoT endpoints or end-user devices that expose organizations to persistent insider risks. That’s especially concerning given the sensitivity of the data that may be flowing through such networks. Further risk could be introduced through potential vulnerabilities in the 5G equipment supply chain, and the crucial User Plane Function (UPF), which is the gateway to external networks.

Fortunately, respondents to our survey seem to be aware of the risks. Some 96% place a moderate to high priority on securing private 5G networks. And 67% have already conducted a risk assessment on their networks, with 13% in the process of doing so.

They cite data breaches, ransomware/malware, unauthorized access and 5G core vulnerabilities as the biggest cybersecurity threats to these environments. Additionally, three-quarters (74%) are concerned about the potential for supply chain vulnerabilities within their private 5G infrastructure. Most also cite real-time threats to critical infrastructure (66%), an increased attack surface (57%), network slicing risks (53%) and supply chain vulnerabilities (51%) as the most “familiar” security challenges associated with such networks.

Awareness of supply chain risk is also reflected in another data point. When asked what the most critical considerations are when working with a third-party vendor to deploy private 5G networks, respondents’ top answer was “security and risk mitigation” (60%). Data privacy and transparency (54%) ranked third.

All of which explains why global organizations are putting their weight behind security measures such as:

  • Identity and access management (55%)
  • Encryption of data at rest and in transit (53%)
  • Endpoint security (51%)
  • Intrusion detection and prevention (50%)

The regulatory compliance imperative

Tackling these challenges has an added urgency for many responding organizations that operate in highly regulated sectors. They cite issues such as the cost of compliance, the complexity of regulations and a lack of clear guidelines. And many complain they don’t have enough in-house expertise to meet the regulatory demands placed upon them. As we’ll see, skills shortages are a consistent theme. Overall, the share of respondents admitting they face challenges with the following regulations, laws and standards is as follows:

  • EU Cybersecurity Act (69%)
  • NIS2 Directive (65%)
  • National telecoms laws (64%)
  • 3GPP mobile broadband standard (63%)
  • EU Digital Operational Resilience Act (DORA) (59%)

The value of AI-powered security

The IT and cybersecurity professionals we polled also appear to understand the potential benefits of AI-powered security in their private 5G environments. Most claim they are either currently (62%) or planning (35%) to use such tools.

Interestingly, AI usage is higher for those who have conducted a risk assessment for private 5G, and for those who place high priority on private 5G networks (both 75%). This suggests that they’re more aware of the associated risks and emphasizes the importance of using AI to monitor and secure 5G private networks.

Respondents highlight a number of current and planned capabilities, reflecting the power of AI to analyse vast quantities of data—across networks, users, and devices— in order to flag suspicious activity. And its ability to scour third-party sources like social media, dark web forums and malware repositories to surface highly actionable, predictive threat intelligence. Specifically, they point to:

  • Monitoring and threat detection
  • Network traffic analysis
  • Predictive analysis for proactive threat mitigation
  • Anomaly detection and response automation
  • AI-powered malware and ransomware detection
  • Automated incident response and remediation
  • User and entity behaviour analytics (UEBA)

AI for incident response is particularly useful, analyzing vast data sets to spot patterns human eyes might miss and flaganomalies indicative of risks. AI can also contextualise threat data and prioritise alerts for time-challenged SOC analysts, shortening response times, reducing false positives and minimising alert overload. These capabilities are even more important considering only 30% of respondents are very confident in their current threat detection and response capabilities. And just half (51%) have an incident response plan customised for private 5G environments.

Yet AI-powered security can go beyond incident response. Respondents view the following capabilities as essential for private 5G network security:

  • Predictive threat intelligence (58%)
  • Continuous, adaptive authentication (52%)
  • Zero trust enforcement (47%)
  • Self-healing networks featuring AI automation (41%)

AI adoption challenges

However, while awareness and adoption levels appear to be high, when it comes to actually embracing AI-powered security in private 5G networks there are several challenges. In fact, almost all (92%) respondents have some issues here. They include:

  • High cost of implementation (47%)
  • Concerns over false positives / negatives (44%)
  • Lack of internal expertise (37%)
  • Integration with existing environments/tools (36%)
  • Regulatory/compliance concerns (35%)
  • Scalability challenges (31%)

Nearly two-thirds (64%) of organizations we spoke to are also concerned about potential vulnerabilities in AI tools used for private 5G security.

A lack of in-house resources

Some, if not all, of these concerns could be linked to the way that communications technology (CT) is treated in many global organisations.

A lack of internal CT expertise is reflected in the fact that just a fifth (20%) of respondents have a dedicated team for securing their communications networks. Half hand the job to their IT security team, although there’s no guarantee these practitioners have the required skills to manage complex private 5G network security. In many other cases, responsibility for CT security lies with the CTO (43%) or CIO (32%) rather than the CISO (35%).

Reflecting the apparently low priority given to CT security in many enterprises is how much money they are allocating to it. On average, less than a fifth (18%) of respondents’ security budget is currently allocated to private 5G networks. That’s in spite of the potentially critical services they support and the highly sensitive data flowing through such networks.

These resource and skills shortages may even be actively exposing organizations to compliance and cyber-related business risk. When using AI for traffic monitoring and analysis inside private 5G networks, only around half or fewer respondents say that they:

  • Ensure compliance with data privacy regulations like GDPR (54%)
  • Encrypt data at rest and in transit (51%)
  • Deploy strict access controls for AI models (50%)
  • Use data anonymization techniques (44%)

The truth is that AI can expand the enterprise attack surface and thereby risk exposure, with models representing a potentially attractive target for sabotage, disruption, data theft and extortion. Strict access controls and some form of data anonymization such as strong encryption should be a given if organizations want to keep privacy regulators onside.

A better way to optimize private 5G security

It’s concerning that organizations may be putting themselves in harm’s way due to a lack of in-house know how and predominantly reactive security solutions. So how can they close security, funding and skills gaps to ensure private 5G risks are suitably managed? Although respondents claim that, on average, a quarter (25%) of their security budget will be devoted to these environments in the next 12-24 months, how it is spent will be critical. This Top 10 list of things to consider is a must read for any organization:

  1. Manage your cyber risk exposure by working with a trusted, infrastructure-agnostic technology partner with private 5G expertise
  2. Adopt a proactive security approach supported by a platform that can help identify, prioritise and mitigate threats before they exploit vulnerabilities in a private 5G network
  3. Make the business case for investments in CT security/skills to the board, using business-friendly language and metrics
  4. Close visibility gaps, reduce costs and ease the CT management burden by consolidating CT, IT and OT security onto a single platform
  5. Take a Zero Trust approach to mitigate risk on a continuous basis. Just 35% of respondents are currently doing so
  6. Protect infrastructure components, including base stations, edge computing, 5G core, and network slicing
  7. Reduce skills gaps with generative AI technology that serves as an “assistant” to security operations (SecOps) analysts
  8. Consider managed detection and response (MDR) as another way to mitigate CT security skills shortages
  9. Minimise false positives by ensuring any extended detection and response (XDR) system is built on a broad range of sensors and comprehensive global threat intelligence
  10. Conduct a data protection impact assessment (DPIA) on any new AI technology to ensure compliance with GDPR or other data privacy regulations.

See how CTOne and Trend Vision One can help you proactively protect your private 5G network.

Advantech

Advantech's LTE and 5G NR industrial routers meet regional frequency and certification standards, supporting cloud management (WebAccess/DMP) and zero-touch deployment. With ICR-OS, we provide ready-to-use apps, programmable features, and an open SDK for custom applications. In partnership with CTOne’s security solution, we enhance our service offerings, provide enterprise-grade security for CIoT devices, while reducing TCO and simplifying maintenance

Proscend

Proscend Communications is the leading brand of industrial 4G/5G gateway in Taiwanese Smart City market, focusing on CT (communication technology) solution for various Industrial IoT (IIoT) applications.

By integrating Proscend’s 4G/5G gateways with CTOne’s public mobile network security solution, we effectively address cyber threats in wide-area networks. Our joint solution ensures secure connectivity and protection for numerous IIoT sites operating on 4G/5G public networks without fixed IP addresses.

O'Prueba

O'Prueba specializes in Edge AI Service Gateway solutions. In collaboration with CTOne, its security features can be seamlessly deployed to numerous edge IoT endpoints with a single click via the O'Prueba OOS platform. This integration enables businesses to accelerate deployment, enhance data protection, and drive innovation toward digital transformation.

Clarity

Together with Claroty, we enhance enterprise operational & cyber resiliency for critical infrastructure and secure Cyber-Physical Systems in traditional and hybrid private cellular (5G/LTE) environments.

Netcube Inc.

Netcube is a leader in mobility management solutions for enterprise networking, renowned for its acclaimed authentication and IP automation technologies. Netcube also specializes in implementing 5G connectivity across various industry applications. As an official sales channel partner of CTOne in Korea, we collaborate to offer private 5G enabler solutions with comprehensive security measures. These solutions leverage network slicing-based security controls and ensure industry-specific guaranteed mobility networking.

SpectrEdge

As a professional 5G telecommunication networking solution vendor,  SpectrEdge and CTOne combined solution delivers rapidly deployable 5G Networking with Industry-Leading Security designed for financial, defense, and public safety markets.

Neutroon

Neutroon and CTOne revolutionize wireless management and cybersecurity, offering 'API First' network control, security, and edge orchestration. Neutroon's unified management spans radio, core, devices, and applications, while CTOne enhances end-to-end security. This collaboration empowers CSPs and enterprises with a scalable, intelligent platform for 5G/LTE.

Pegatron

With a strong focus on operational security, the combination of Pegatron`s end-to-end private 5G offerings and CTOne`s cybersecurity solution enables a more effective approach to enabling smart factories. By addressing critical operational and cybersecurity needs, the joint solution enables modern enterprises to realize the true value of next-generation wireless deployment in their smart factories.

Nexcom

As a certified hardware platform partner, NEXCOM’s hardware appliances have been tested and certified as compatible with CTOne's virtualized private 5G security solution. As a certified solution, global organizations are able to confidently harness the power of CTOne’s leading cybersecurity capabilities in combination with NEXCOM's extensive capabilities in Edge AI, Fixed Wireless Access (FWA), private 5G, and secure IoT connectivity.

Saviah

The joint Saviah-CTOne solution leverages Saviah's cost-effective, high-performance, reliable, and interoperable industrial-grade 5GC service and CTOne's proven end-to-end security. The result: a more secure and easier to manage private mobile network environment for enterprises with the ability to leverage the major features and versatility of 5G.

Inventec

Securing OT environments connected to CT networks, the integration of Inventec's Smart Factory DX solution with CTOne extends our security capabilities beyond CT into OT. With our joint solution, we offer enterprises an end-to-end service encompassing IT, OT, and CT, complete with a holistic cybersecurity strategy to support enterprises during digital transformation.

Ataya

The integration of Ataya’s Harmony solution with CTOne provides enterprises with comprehensive connectivity and security visibility across 5G, Wi-Fi, and wired networks. With this joint solution for hybrid networks, enterprises gain full security visibility into Ataya’s Universal Connectivity Platform while supporting a zero-trust strategy and reducing the effort and cost associated with security management.

This website uses cookies for website functionality, traffic analytics, personalization, social media functionality and advertising. Our Cookie Notice provides more information and explains how to amend your cookie settings. Learn more