5G Forges Wider Collaboration, Move to Zero Trust Security

5G networking promises high-bandwidth and low latency, offering government and defence agencies the ability to transfer massive amounts of data, with greater speed across wired and wireless networks. CommScope’s Bryan Kennedy blogs on why stakeholders across government and industry are collaborating in unique ways to solve challenges.

Fifth generation (5G) networking technology is prompting the convergence of different types of technologies—infrastructure, applications, and telecommunications – all onto a single platform. As a result, stakeholders across government and industry are coming together in unique ways to solve the implementation and security challenges, according to top government executives at the forefront of 5G adoption.

“We haven’t had something that has challenged our cultures to come together in such a way,” said Dwayne Florenzie, Senior Strategy Executive, Office of Commercial & Economic Analysis, U.S. Air Force.

5G combines information technology and operational technology, forcing defense industries to collaborate closer with one another, as well as government. “These industries have operated as separate cultures and separate security protocols. 5G is forcing all of us to come together in unique ways that is healthy and has a huge benefit much broader than 5G itself,” Florenzie said.

Florenzie contributed his insights on 5G rollout within the Air Force – along with a number of other subject matter experts – during a webinar “5G Strategies in Government 2021 Progress & Best Practices,” a part of Federal News Network’s Federal Executive Forum series. I was also a member of the panel discussion.

Fifth-generation or 5G networking promises high-bandwidth and low latency, offering government and defense agencies the ability to transfer massive amounts of data, with greater speed across wired and wireless networks.

The DoD is heavily involved in investigating how 5G technology will best serve command operations and the warfighter. Experimentation is ongoing at 12 military installations across the United States. Test beds at the installations include the evaluation of ship-wide and pier connectivity, the enhancement of aircraft mission readiness, augmented reality support of maintenance and training, and wireless connectivity for forward operating bases and tactical operations centers, to name a few.

Marine Corp Air Station Miramar is the first U.S. military base to test a commercial 5G Ultra Wideband service, said Bryan Schromsky, Director of Federal Mobile & Connected Solutions, Verizon during the webinar. The Marine Corps is exploring how 5G can transform communications, energy management, connected vehicles, drones, and base security.

Zero Trust: A Top Priority

The U.S Army is evaluating the use of 5G at command posts, where there is a conglomeration of systems—logistics, fire control, personnel systems—that must come together in real time to give commanders situational awareness, according to Matthew Easley, Director of Cybersecurity, Office of the Army Chief Information Officer, who was also part of the roundtable. The addition of robotic ground and aerial systems bring even more complexity to the network.

“There is a lot of work we have to do to make systems talk to each other.  We see Zero Trust as the way to go to dynamically switch between the military provided network and commercial networks,” Easley said. “So, when the soldier has a 5G endpoint it will find the best route to send data to the system.”

Bryan Wenger, 5G Solutions Architect with cybersecurity company Palo Alto Networks, said his company is developing a Zero Trust approach that is specific to 5G networking.

“Zero Trust is about contextual information driving access for the user, network devices or the massive Internet of Things devices connecting to networks,” Wenger said. As a result, Palo Alto Networks is looking at “how can we grab contextual information that is relevant for 5G-like subscriber IDs and network slice IDs- and apply access, rights, network functions and policies based off of that, instead of relying on legacy technologies such as IP (addresses) or usernames.”

Supply Chain Risk

5G will bring better connectivity to the government workforce, especially as more people work from home, but the risk is an increase in the attack surface malicious actors can exploit--5G is dynamic, said Dan Dagher, Supply Chain Risk Management Initiative Lead, National Risk Center, Cybersecurity and Infrastructure Security Agency (CISA).

Threat actors are trying to influence the design of 5G through international standards. In addition, “we are seeing how leveraging legacy infrastructure and untrusted components brings its own set of vulnerabilities,” Dagher said. Plus, “we are learning limited competition in the 5G marketplace results in more proprietary solutions from untrusted vendors.”

CISA is focused on secure and resilient 5G implementations worldwide. “Secure and resilient is key and that is where we are trying to take our region and the rest of the world.” CISA will keep information sharing going, building on collaboration with international partners and throughout federal, state, local and tribal government. Industry will need to improve software supply chain for 5G. Prime contractors, software developers and vendors need greater visibility into their software, he said.

The government won’t get there this year because implementing 5G is a journey, Dagher added.

5G is an Evolution

5G is an evolution not a revolution.  5G will stabilize, but the 4G backbone will be around for a long time to come.  

We need to evaluate current infrastructure and its support capabilities and implement appropriate upgrades. While the development of other wireless technologies occurred in phases, 5G seems to be happening in parallel. Virtualization and the move to the cloud adds more complexity to 5G. Therefore, government and the private sector need solutions that help today but are forward looking enough to address the challenges of tomorrow.

To view clips or the complete webinar, click here.