NSA Security Guidelines for 5G
NSA is focusing on 5G cloud security guidelines. They have published the first of the four guidelines and best practices documents.
Part 1 - Prevent and Detect Lateral Movement
Cloud computing plays a pivotal role in the use and success of cloud 5G networks. As with all new technology adoption raises security concerns, and 5G’s use of cloud is no different. That’s why the US National Security Agency (NSA) and the Cybersecurity and Infrastructure Security Agency (CISA) released the first of a four part series titled Security Guidance for 5G Cloud Infrastructures.
Zero Trust Defined
Zero Trust is the concept that perimeter defenses are no longer sufficient to secure a network. There should always be an assumption that a cyber attacker has established a foothold in the network. The series of guidelines will document best practices to bring a Zero Trust mindset into 5G cloud infrastructure and endpoints architecture design and implementation.
As a base point, all actions should be explicitly verified and monitored. Although the best practices documented in this series will not constitute a complete Zero Trust template for securing 5G cloud infrastructures. When best practices are applied, a 5G cloud environment will have made significant strides toward the implementation of Zero Trust principles.
Guideline and Best Practices as defined by the NSA
The series of four guidelines will include:
Preventing and Detecting Lateral Movement: Detecting malicious cyber attacker activity in 5G clouds and preventing attackers from leveraging the compromise of a single cloud resource to compromise the entire network. (https://bit.ly/3CKARjj)
Securely Isolating Network Resources: Ensure that there is secure isolation among customer resources with emphasis on securing the container stack that supports the running of virtual network functions.
Protecting Data in Transit, In-Use, and at Rest: Ensure that network and customer data is secured during all phases of the data lifecycle (at-rest, in transit, while being processed, upon destruction).
Ensuring Integrity of Infrastructure: Ensure that 5G cloud resources (e.g., container images, templates, configuration) are not modified without authorization.)