An overwhelming majority of cyber security and risk management leaders believe that developments in 5G wireless technology will create cyber security challenges for their organisations. Their top three 5G-related concerns are greater risk of attacks on Internet of Things (IoT) networks, a wider attack surface and a lack of security by design in 5G hardware and firmware.
These are among the findings of a new report released by Information Risk Management (IRM), a UK-based cyber security company of Altran, a specialist in engineering and R&D services.
The report, titled ‘Risky Business’, is based on a survey of senior cyber security and risk management decision makers at 50 global companies across seven major industry sectors: automotive, communications, energy, finance/public sector, software/internet, transport and pharmaceuticals. The study was conducted between July and September of this year.
Eighty-three percent of survey respondents said 5G developments will create cyber security challenges for their organisations, suggesting that the new technology will bring heightened risks. “The acceleration to market of 5G and lack of security considerations are causing concern,” the report states. “The vulnerabilities in 5G appear to go beyond wireless, introducing risks around virtualised and cloud native infrastructure.”
The study also found that 86% of respondents expect artificial intelligence (AI) to have an impact on their cyber security strategy over the next five years, as AI systems are integrated into core enterprise security functions. The top three AI applications that respondents said they would consider implementing as part of their cyber security strategy are network intrusion detection and prevention, fraud detection and secure user authentication.
“AI in cyber security is a double-edged sword,” the report explains. “It can provide many companies with the tools to detect fraudulent activity on bank accounts, for example, but it is inevitably a tool being used by cyber criminals to carry out even more sophisticated attacks.”
In late August, for example, The Wall Street Journal reported that criminals using AI-based software had successfully mimicked a German CEO’s voice and had duped the head of a UK subsidiary into sending €220,000 ($243,000) to a fraudulent account. It is being dubbed one of the world’s first publicly known cyber attacks using AI. “We are likely to see more of this as the technology develops,” the report warns.
Commenting on the potential impact of 5G and AI on cyber security, Charles White, CEO of IRM, cautioned: “A lack of awareness of these technologies’ security implications can have far reaching consequences. At best an embarrassing fine and at worst a fatal blow to the bottom line. Now is the time for enterprises to work closely with their cyber security teams to design and develop 5G and AI products that place cyber security front and centre.”
The study also found:
IRM is at the heart of Altran’s recently formed World Class Center for Cybersecurity, which offers an extended portfolio of global solutions to protect next-generation networks and systems. With sites in North America, France, the UK and Portugal, the WCC for cyber security specialises in working with some of the world’s largest organisations to combat cyber challenges introduced by Industry 4.0.