5G Security News

NSA and CISA Release Part I of Guidance on Securing 5G Cloud Infrastructures

Photo of Marin Ivezic Marin IvezicOctober 28, 2021
1 minute read
NSA CISA Securing 5G

The US National Security Agency (NSA) and the Cybersecurity and Infrastructure Security Agency (CISA) recently released the first of a four part series titled Security Guidance for 5G Cloud Infrastructures. This series of four action-oriented documents is intended to provide guidance on how to move toward zero trust in support of securing 5G. It’s been created as a joint industry and government effort with the support of several large contributors through the NSA’s Enduring Security Framework (ESF).

This first release in the series is titled Security Guidance for Cloud Infrastructures Part I: Prevent and Detect Lateral Movement [PDF] and is focused on detecting malicious cyber actor activity in 5G clouds and prevent actors from leveraging a single compromised cloud resource to compromise the entire network. It is recommended for service providers and system integrators who are involved in building and configuring 5G cloud infrastructures.

It should come as no surprise that the guidance for preventing and detecting lateral movement in 5G cloud environments revolves around the concept of zero trust. To learn more about zero trust, check out NIST SP 800-207 along with guidance from NSA and CISA.

The guidance for 5G cloud environments involves robust perimeter protections as well as secure internal controls coupled with sufficient logging, monitoring, and automation. Cloud environments present myriad entry points and vulnerable interfaces where malicious actors could attempt to compromise environments including software, APIs and networks.

  • Implement secure identity and access management
  • Keep 5G cloud software updated and free from known vulnerabilities
  • Securely configure 5G cloud networks
  • Lock down communications among isolated network functions
  • Monitor for adversary lateral movement
  • Use analytics to detect sophisticated adversarial presence

For more information see the release on the CISA website: https://www.cisa.gov/uscert/ncas/current-activity/2021/10/28/nsa-cisa-series-securing-5g-cloud-infrastructures

The guidance is available here [PDF]: Security Guidance for 5G Cloud Infrastructures – Part I: Prevent and Detect Lateral Movement

All the guidance papers and other useful information will be available at the CISA’s 5G Security and Resilience page or at the NSA’s Enduring Security Framework (ESF) page.

Avatar of Marin Ivezic
Marin Ivezic
Website | Other articles

For over 30 years, Marin Ivezic has been protecting critical infrastructure and financial services against cyber, financial crime and regulatory risks posed by complex and emerging technologies.

He held multiple interim CISO and technology leadership roles in Global 2000 companies.

Photo of Marin Ivezic Marin IvezicOctober 28, 2021
1 minute read

Related Articles

mobileuk-5g-report

£6.8bn impact to UK if Huawei 5G banned

April 5, 2019
uk-5g-huawei

Huawei Greenlit for U.K.’s 5G Network

January 28, 2020
RAND Securing 5G

RAND publishes “Securing 5G – A Way Forward in the U.S. and China Security Competition”

April 30, 2022
gsma-north-america-5g

GSMA Report Highlights North America’s Global 5G Leadership

October 23, 2019
© Copyright 2024, All Rights Reserved Marin Ivezic
Back to top button
Share via
Facebook
X (Twitter)
LinkedIn
Mix
Pinterest
Tumblr
Skype
Buffer
Pocket
VKontakte
Parler
Xing
Reddit
Line
Flipboard
MySpace
Delicious
Amazon
Digg
Evernote
Blogger
LiveJournal
Baidu
MeWe
NewsVine
Yummly
Yahoo
WhatsApp
Viber
SMS
Telegram
Facebook Messenger
Like
Email
Print
Copy Link
Powered by Social Snap
Copy link
CopyCopied
Powered by Social Snap