Need to rethink AppSec with 5G?

Need to rethink AppSec with 5G?

It’s not everywhere yet, but 5G connectivity is growing fast. That’s a great thing for remote workers and anyone who relies on a fast connection, but what kind of impact will 5G have on application security?

“The explosion of 5G will only put more pressure on teams to strengthen their application security practices,” Mark Lambert, vice president of products at ArmorCode, said by email. The reason is the increased attack surface.

Cyber ​​Security Live - Boston

More high-bandwidth devices will connect to your network systems and services. At the same time, Lambert noted, business leaders are demanding an increase in the pace of software delivery. As the use of 5G becomes the norm, so does the risk of applications without the security to support faster connectivity.

“Application security teams need ways to quickly identify vulnerabilities within the DevSecOps pipeline and collaborate with development teams to scale remediation,” said Lambert.

The IoT Dilemma

5G will accelerate the use of IoT devices, which in turn will accelerate the development of applications for IoT devices. Based on the lack of priority for security in the current application development process, there is no indication that IoT software will be designed to handle 5G security challenges in the future. And there will be challenges.

5G systems will not only connect phones, sensors and software to the Internet. “At a high level, a 5G system comprises a device connected to a 5G access network which, in turn, is connected to the rest of the system called the 5G core network,” according to a White paper of Ericson.

So it won’t just be all the new connections that are expanding the attack surface and creating a higher application security risk, but also the change in how 5G connects to the network. Instead of the one-way network that existed with 4G, 5G provides two-way communication capability, and according to Cyrex blog postit would be “linked in this two-way network and would effectively be public to those with the skills to exploit the link.”

5G, AppSec and the cloud

Expect to see 5G lead to increased adoption of cloud apps, Kevin Dunne, president of Pathlock, said in an email interview.

“Increased connectivity and anywhere connection speeds will drive companies to invest in infrastructure that can be accessed from anywhere,” Dunne said. “Providing accessible applications will increase employee productivity, but it will also introduce new threats. With critical resources now on the public network, bad actors can access them from anywhere, increasing the number of threats to sensitive data and business processes.”

IT security teams will need to shift their focus from network-based perimeter protection to more modern approaches that look beyond what users can do in an app to what they’re doing, Dunne added. “This helps defend against modern attacks like phishing and ransomware, which are becoming more common in cloud environments.”

It’s not all doom and gloom for 5G and app security. 5G can improve application security, allowing developers to build smarter software and allowing them to use virtual hardware. 5G can also improve identity management and authentication, making it harder for threat actors to infiltrate applications.

5G is expected to transform business reliance on IoT devices and cloud applications. Expect new threats and risks to go hand in hand with the innovations that 5G brings. Those responsible for the security of applications must be prepared with cybersecurity systems that adapt to these threats.

Leave a Comment