The National Security Agency (NSA) and the Cybersecurity and Infrastructure Security Agency (CISA) published the fourth installment on securing the integrity of 5G cloud infrastructures.
The fourth installment, titled Ensure Integrity of Cloud Infrastructure, provides cybersecurity guidance addressing high-priority threats to the nation’s critical infrastructure. As 5G networks and devices continue to increase in popularity, the importance of platform security to shelter systems against malicious cyber activity and persistence is apparent.
“A secure 5G core requires cybersecurity mitigations that are implemented at the foundation level and carried forward,” NSA Project Director for ESF, Jorge Laurel, said in a press release. “A secure underlying foundation ensures the services deployed on the network are done so on a secure infrastructure, which further strengthens the security of data across the network.”
This document provides guidance on platform integrity, build time security, launch time integrity, and microservices infrastructure integrity. It also gives actionable advice for 5G operators:
- Identify and assess threats posed to 5G;
- Determine what standards and implementations can achieve a higher baseline of 5G security;
- And identify risks inherent to the cloud that affect 5G security.
“The fourth installment in the series covers an essential topic: integrity. Integrity is the most fundamental security property, and ensuring integrity from base hardware up through the software stack is critical for maintaining trustworthy 5G services,” NSA Cybersecurity Technical Director Neal Ziring said in the release.
This guidance, created by the Critical Infrastructure Partnership Advisory Council (CIPAC) Cross-Sector Enduring Security Framework (ESF) Working Group, is part of a more extensive series titled Security Guidance for 5G Cloud Infrastructures. The series has published a total of four guidance’s this year.