What is the perception of security in the brave new 5G world? We asked this question to some CxOs in the cybertech arena. The overall picture is that a large part of the companies is making small investments in the specific area, while some of them think of it as a coming soon business and are readier than the competition.
This means that for a code master there is a very large space. IoT is the hottest place, but Industrial Control Systems could live a sudden change. And there is the need for trust.
“5G is a net positive”, assures Rohit Ghai, RSA President; “Any new technology asks new questions and makes people wonder about it”. The speed increase and the new threat landscape brought in by 5G has a natural outcome: “we need to address issues at the network level.”
There is much work to be done, but “our digital world deserves trust today.”
Rohit Ghai, RSA President
“Security is no longer the pursuit of attackers, but the rationalization center of corporate investments”, points out Gabriele Zanoni, Systems Engineer at FireEye.
Fireye uses network sensors to check flows and simulate in-menu or innovative attacks to find out if the company needs a simple software tuning or more important investments.
Multiple different solutions create a lack of homogeneity with low performance: “a careful analysis allows us to optimize the results and to verify if they are mapped on the business needs”.
Industry 4.0 and IoT
Security and automation are connected points for the future of the IoT, according to the vision shown by Claudio Squinzi, Country Sales Manager at CyberArk. “Looking at industry 4.0 in Italy you can see a rather tight knot: Industrial Control System, including SCADA systems, are very difficult to replace”. The automation vendor has such verticality that the lock-in often blocks everything. That’s where, most often, overnight revolutions happen.
What sectors will succeed in 2020? On everything, Cloud and DevOps will continue to run. Thinking of security, anyway, “DevOps should be framed with a higher level that handles secrets (credentials) correctly”.
“Talking about 5G, the number one concern is the number of devices; latency is important, but I’d put it in second place, along with speed”, fixes Marco Preuss is the German Head of Global Research & Analysis Team (GReAT) in Kaspersky.
Marco Preuss, German Head of Global Research & Analysis Team (GReAT) in Kaspersky
It’s the digital age: new attacks, faster attacks. “Speed and latency need a solution at the physical network layer“.
What about IPv6?
Marco Preuss brought in the conversation a very important subject that ICT tends to keep in the backyard: the migration to IPv6. Without that walk, there will be no IoT at all.
According to many analysts, the Internet of Things will interconnect tens of billions of devices. Using the Internet to connect them requires one network address for each device. The address field used in IPv4 is 32 bit large, so it can address roughly 4 billion devices.
That’s the first reason why this protocol needed an update. The new version, namely IPv6, has an address field 128 bit wide, to address more than 3×10^38 addresses; 340 undecillions, to be precise. Whoever knew the word “undecillion” before IPv6 please raise his hand!
Let’s tell an old story, in very short.
What happened to IPv5?
The first interconnection inside ArpaNET dates 1969, so at the end of 2019 the time machine says “50 years”. The Internet adopted the Internet Protocol version 4 (IPv4) in 1981, and publicly implemented it a few years later.
The incredible success of the public Internet in the ’90s asked for a complete revision of the protocol. The Internet Engineering Task Force, i.e. the protocol developers, completed the new version, IPv6, in 1998.
But what happened to IPv5? Well, it never existed!
The Internet Stream Protocol, or ST, was a companion standard to IPv4 developed in the ’70s and released first in 1979 (ST), then revised in 1990 (ST2), and finally upgraded to ST2+ in 1995. ST2+, published as RFC1819, calls its own packets with an Internet Protocol version number 5. The purpose of the stream protocol was not to improve the Internet protocol but to help streaming media to flow over the internet, so it became the foundation for Voice over IP and other technologies.
ST2+ was never called IPv5. To avoid any name problems, however, the new version of the Internet protocol after version 4, or IPv4, was labeled version 6, or IPv6.
Let’s go back to our IoT quandaries. “A huge problem will be the full compliance to IPv6“, anticipates Marco Kreuss, “still not 100% there”. Only a few percentage points are currently running on IPv6 systems. The new standard is incompatible with the old one, so still many systems run both stacks.
