A Security Gap Is Increasing As Private Networks For Enterprise IoT Grow In Popularity

1630

Global adoption of private networks, including 4G and 5G, is poised for a big ramp in investment as businesses across verticals invest in digital transformation plans with the goal of doing more with less. While private networks aren’t exactly new, the evolution of 4G and the impending arrival of 5G give up a slew of new possibilities for connecting the Internet of Things and extracting data from sensors and other devices.

Indeed, according to IDC, the market for private 4G/5G wireless network infrastructure would reach $8.3 billion by 2026. According to ABI Research, the total addressable market for private networks will grow from $3.7 billion in 2021 to more than $109.4 billion in 2030, encompassing radio access, multi-access edge compute, core, and related services. However, when businesses examine the importance of private networks and the Internet of Things, they face a number of issues, the most significant of which is enterprise-grade cellular network security.

“We provide enterprise-grade security for private cellular networks,” Dave Mor, co-founder and CEO of security specialist OneLayer, told RCR Wireless News. “The IoT revolution is here. More and more devices are being connected. We’re bringing the enterprise perspective to a new type of network.”

The startup, which recently came out of stealth mode, is laser-focused on enabling businesses to use private 4G and 5G networks without sacrificing security. This highlights what Mor referred to as the security chasm. When businesses that are used to employing security technologies designed for Ethernet/IP networks–vizibility, policy enforcement, zero-trust, device and network posture, and anomaly detection/response–move to a cellular protocol, a gap appears.

To put it another way, even if the network type changes, the security requirements remain the same. OneLayer wants to assist businesses in making the required modifications to close that gap and preserve the tools they’re used to while taking use of wireless technology.

Consider a typical company network where IT and OT environments are segregated from one another and from public networks in terms of an enhanced attack surface produced by the transition to private cellular. As traffic goes via the cellular core in a private cellular network, the IT and OT environments may merge; at the same time, and depending on the network architecture, the private network may share a core with a carrier’s public network.

Consider an IT equipment such as a security camera that communicates with an OT device such as a robotic arm. In this example, the objective of private 5G is to enable computer vision-type use cases such as automated quality checking. “Typically,” Mor said, “IT/OT network separation protects the operational environment. If you take a cellular camera communicating to an IT server and OT machine, without OneLayer, you’re using two different network devices but it’s the same core, the same route, so you disrupt separation. If a camera is compromised, it can attack the core and the IT/OT environments.”

OneLayer can do automatic, rules-based segmentation depending on policies such as device type, manufacturer, location, and IP destination. This means that a user might set a policy prohibiting cameras from communicating with autonomous guided cars, for example. Attempting to adapt business security technique to a cellular network, on the other hand, is a manual and insufficient. “Doing policy in a cellular network the way you’re used to doing policy in an enterprise network is not an efficient way to implement policy,” Mor added.

Bringing enterprise security to private 4G and 5G networks allows businesses to keep control of important security capabilities while employing existing domain expertise rather than investing in cellular domain expertise. Removing this roadblock is critical to encouraging company investment in private cellular in a way that users can trust the security, people, and processes.