The News: Last month Nokia conducted its Security & E2E Product Security Analyst Webcast. The event focused on how security is getting more important and critical throughout the telecom industry. The emerging complexities of the 5G network architecture requires dynamic and flexible security operations, and network slices must be optimally secured to enable different use cases.
Nokia is demonstrating leadership in fixed, mobile and 5G-IoT security, and has been involved in more than 500 security projects worldwide, offering various security capabilities ranging from software security solutions to Security as a Services. Nokia leverages its work in security standards forums to design solutions that address the security requirements of complex networks. Furthermore, through the expertise and insights of Nokia Bell Labs, Nokia offers security innovation and attestation to the market. Read the full press release about the NetGuard Adaptive Security Operations for 5G Era at Nokia.
Nokia Sharpens the Company’s Overall Security Proposition
Analyst Take: Nokia’s recent Security Webcast put emphasis on three major aspects of its security proposition:
- Nokia Security Promises and Nokia Design for Security
- Nokia Future X Security and Future X Security lab
- Nokia E2E Security Solution Portfolio and recent NetGuard Adaptive Security Operations launch
What are the key takeaways for each of Nokia’s three major security pillars?
Nokia Security Promises and Nokia Design for Security
In summary, Nokia posits five security promises in assuring customers that its portfolio meets the stringent requirements of fully protecting their information and interests, consisting of:
- Nokia protects customer information as rigorously as protecting its own
- Nokia is transparent in its security practices
- Nokia embed security into all of its products and services
- Nokia inform customers promptly of any serious product or service issues that affects them
- Nokia independently validates the company’s security practices
In addition, Nokia provides an end-to-end (E2E) approach geared toward the objective of ensuring network security and privacy are never compromised, as both are an intrinsic part of the product life cycle and fully integrated into the company’s design process at every level and stage. As such, it developed a Nokia Design for Security process that enables product security features and controls to identify, mitigate and manage security vulnerabilities.
Through its security promises program and design for security approach, Nokia provides customers the foundational assurances essential to considering and adopting Nokia security solutions. These E2E security assets and assurances are essential in countering the E2E security claims of rivals like Ericsson, Huawei, and Cisco who are putting increased portfolio development and marketing emphasis on their security capabilities to help offset limited growth potential and declines in traditional infrastructure hardware sales.
Nokia Future X Security and Nokia Design for Security
Integral to further bolstering its security credentials, Nokia sustains a long-standing commitment to developing secure products through its Design for Security (DFSEC) process. DFSEC ensures that security is designed into every Nokia product from inception, undergoing uncompromising security testing prior to general commercial availability. In June 2019, Nokia unveiled DFSEC 2.0, which concentrates on additional verification work in the areas of E2E identity management, network slicing and SDN security, virtualization, as well as operations, administration & management (OAM), including patch management.
To reinforce collaborative research and development across the DFSEC 2.0 program, Nokia launched the “Future X Security” (FXSec) Lab. Erected as an extension of Nokia’s Future X network lab in Nokia Bell Labs in Murray Hill, New Jersey (USA) the lab is available to operators and enterprises to expedite joint testing and verification of industrial automation solutions across public wide area networks (WANs) and in private local area networks (LANs).
In meeting emerging WAN/LAN environment security challenges, Nokia is leveraging research from Nokia Bell Labs to cultivate Network Slicing Security Solutions aimed at assuring security and trustworthiness throughout E2E network slices – the pivotal connectivity and service fabric for industrial vertical applications in the 5G era. These security solutions are based on seven critical research areas:
- “Accountable Security” that provides fail-proof identification of industrial IoT devices in mobile and dynamic environments
- “Physical and Virtual Device Integrity Protection” that provides scalable device attestation (hardware, firmware and software) across the supply chain
- Artificial Intelligence enabled “Threat Detection and Mitigation for Network Slices”
- “Fine-grained Security Policy Management” which dynamically tailors network slice elements to meet specified security requirements
- “Dynamic data protection” which addresses the issue of data isolation across mobile devices, applications and slices
- “Microservice Behavioral Fingerprinting” that is a unique machine learning based anomalous behavior detection of third party and open-source 5G services
- Paradigm shift in design for security that provides run-time mitigation of potential security concerns with rapid feedback into development cycle using DevSecOps models
The Future X Security portfolio’s ability to use Nokia Bell Labs security expertise provides an additional critical differentiator against rivals, since they lack the in-house lab equivalent that directly counters the prestige and heritage of Nokia Bell Labs. For example, Nokia Bell Labs plausibly asserts leadership for patent filings in key areas of E2E and 5G-IoT network security, including aspects of multi-tenancy, slicing, and industrial IoT, as well as for trust and patch management, remote attestation, security management and orchestration.
Nokia E2E Security Solution Portfolio and NetGuard Adaptive Security Operations
Indispensable to is E2E security solution portfolio, Nokia unveiled its NetGuard Adaptive Security Operations solution at MWC LA in Q4 2019. The solution is designed to provide operators the automated E2E system required to fulfill the emerging demands of 5G-IoT networks and to meet head-on the burgeoning cybersecurity threat posed by Internet-connected devices.
Already security teams are tasked with managing a wide-range of cybersecurity alerts, including more than 10,000 on a daily basis. To be sure, not all the alerts are security breaches; some are false alerts and others duplicate information. The sheer volume of alerts is overwhelming security teams, which warrants a better way to automatically prioritize alerts in order to focus on the most serious threats.
Nokia’s NetGuard Adaptive Security Operations is aimed at the growing market known as SOAR, or Security Orchestration, Automation, and Response. Tasked with helping operators collect data from multiple sources and respond to security operations rapidly, a SOAR platform integrates security solutions and automates multiple tasks while flexibly permitting human intervention. Needless to say organizations that fail to adopt a SOAR platform will be feeling sore from the lack of foresight in preventing preventable security breaches and lapses.
With operators identifying the unification of cybersecurity management as the top 5G edge implementation priority of their enterprise customers, the E2E portfolio, including Nokia NetGuard Adaptive Security Operations, fulfills this critical requirement. Moreover, the E2E capabilities further differentiates Nokia against security specialists that lack the portfolio resources to implement unified cybersecurity management.
Nokia Threat Intelligence Report: Immediate Credibility Booster
Nokia’s security credentials are further burnished by the annual publication of the company’s Threat Intelligence Report. One major takeaway from the 2019 report identified the expanding top-priority threat posed by IoT botnets:
IoT botnet activity has increased substantially since the introduction of Mirai in 2016. Many of these IoT botnets leverage the basic architecture and functionality of the Mirai source code that was released in October of that year. In 2018, IoT bot activity represented 78% of the malware network activity (detection events) that is seen in operator networks (more than double the rate seen in 2016, when IoT bot activity was first seen in meaningful numbers), with Mirai variants alone being responsible for 35%.
With that fact in mind in H1 2019 alone, over 100 million attacks occurred on IoT endpoints, confirming the continued threat to unsecured connected devices. Among the attacks, the most common malware types are Mirai (39%) and Nyadrop (38.6%), which itself often serves as a Mirai downloader. This ongoing perilous trend demonstrates the immense value the Threat Intelligence Report provides operators in providing them a tool in resolving the unique security challenges of the 5G-IoT era.
The combination of Nokia’s broad, E2E security portfolio and market influence, driven substantially via the Threat Intelligence Report, puts the onus on Nokia’s competitors to develop specific portfolio development and marketing strategies that counter its overall security proposition. This is especially urgent for players like Huawei and ZTE that are coming under increasing scrutiny from national governments due in large part to ongoing security concerns, particularly in 5G-IoT networks, that their equipment could be manipulated by China’s national intelligence apparatus.
Futurum Research provides industry research and analysis. These columns are for educational purposes only and should not be considered in any way investment advice.
Image Credit: Nokia
- For Major 5G Internet Breakthroughs — Look to the Skies - July 25, 2019
- Ericsson 5G Consumer Potential Report — Myth Busters! - May 10, 2019