Voice&Data Talkies #8: Anuj Malhotra, VP & Sr. Partner, Growth Platforms - IBM India Client Innovation Centre

IBM has been around for more than a century now and is one of the world's most well-known IT companies. It has business across 171 countries and has been an innovator across multiple technologies, including telecommunications. In India, IBM has partnered with Bharti Airtel and Vodafone Idea for various cloud-based network services, such as hybrid cloud, big data, and so on.

Leading the charge at Growth Platforms - IBM India Client Innovation Center is Anuj Malhotra, Vice-President and Senior Partner there. Anuj has over three decades of experience in IT, networking, customer acquisition, and cloud. In the eighth edition of Voice&Data Talkies, Anuj talked about India's impending 5G revolution, the importance of data and cybersecurity, and what is IBM doing for the same.

Q1. Data has been touted as the next oil. How important a role does data play in today’s connected world?

Oil drove the engines of history and it still does. But in today’s world, data is driving the engine of growth – it is the new oil.  If we consider the connected environment around us, all the devices spew one thing that is common – tons of data.

Consider the example of a car running through a state highway. The vast amount of data that it generates can today be continuously tapped, diagnosed, analyzed, and fast insights can be drawn and acted upon in real-time to ensure the safety of the vehicle and its passengers. The same set of data when used in the context of traffic management helps monitor highway congestion, accidents, average speed of travel, predicted times of arrival, pollution levels, and much more. In the context of an oil or electric company, it can point to gas fills or Electric Vehicle (EV) battery charging.  For an insurance company, the data helps understand driving patterns, behavior, and the driver's risk appetite, ultimately determining insurance coverage or premium calculation.

And this is just one of the thousands and thousands of use cases that are possible today. Thanks to the connected devices and the ubiquitous oil – ‘Data’ – flowing between them. The speed at which this happens today, the sensor and compute power available on the edge, and the amazing advances in AI allow us to generate and monetize a 720-degree view of virtually any persona or entity you can think about.

Data is truly the ultimate renewable energy source today around which most of the modern evolution is happening.

Q2. Since we have talked about how 5G is faster and has more network capacity than 4G, does that also mean that cyberattacks will evolve as well?

The 5G evolution is the functional redesign of mobile networks to support much greater agility/speed, efficiency, and openness. The higher data speeds and latency improvements will lead to greater adoption of the connected solutions and extensive use of edge devices leveraging 5G.

This also means the hybrid spread of network devices, and the variety of edge devices that will get connected and start leveraging the network (including low-cost, low-power, unsecured IoT/sensors) will potentially open gateways and pose increased security risks for both operators and end-users. A recent IBM Security study, “The Annual Cost of a Data Breach,” indicated that 75% of responding global operators have personally experienced incidences of fraud, and 61% said that given the expanded remote connectivity since the beginning of the pandemic, network security threats have increased.

As 5G starts to scale and businesses start leveraging its power to extend networks into new Edges, CISOs of Telecom Service Providers have to look into how they will still ensure client privacy, maintain the required regulatory compliance, and address the new threat of attacks via the complex maze of additional Edge/IoT gateways. It is becoming increasingly important to modernize security orchestration and automate capabilities in Security Operations Centers  (SOCs) to elevate the network’s security stature.

IBM Security is already working with customers and using its expertise to build industry-leading security capabilities for service providers deploying 5G/Edge Networks. It imbibes ‘Secure by Design’ to protect the network cloud, 5G, and edge and implements a Zero Trust approach that can help the telecom CISOs with the emerging challenges. IBM QRadar XDR Suite, powered by AI & machine learning, plays a central role in modernizing threat detection and response and provides threat intelligence that has been accurately correlated from across the network.

Q3. One of the most interesting technologies coming up as a result of 5G is network slicing. How does slicing help with ensuring network security?

5G network slicing helps portion out the physical network into logical segments, with each segment being provisioned for a different set of users, devices, and applications. Each slice is logically isolated and has its own arch, management, and security. Because each slice is self-contained and virtualized, the network security is more resilient to threats. Even if one slice is compromised, it will not affect the others around it or the network as a whole. Segmentation of user traffic and access may help protect the system from cybersecurity threats.

Interestingly, while functional components and resources may be shared across network slices, capabilities such as data speed, capacity, quality, latency, reliability, and services can be defined specifically for each slice.

Q4. With 5G being deployed with the help of distributed cloud and virtualized RANs, does that help shore up data security on 5G networks?

Virtualized RANs or vRANs represent a key feature in 5G where multiple vendors come together to provide an interoperable, disaggregated, and virtualized network.  But this can also mean increased “threat surface” – new and additional touchpoints in the architecture along with decoupling of hardware and software expands the surface exposed to the threat of attack. The security solutions that need to be put in place thus become very critical. O-RAN (Open Radio Access Network) Alliance is pushing for standards in the design of gear used for RAN to address this.

However, the advantages of vRANs far outweigh the above security threat. vRAN immensely increases the flexibility around the choice of hardware, software, and systems integration options – it also provides immense dynamic capacity and flexibility in the delivery of services that are typically associated with cloud services. It is here to stay. Thankfully, modern-day vRAN architectures offer a set of tools and processes that can help address data security challenges on the 5G network.

Q5. How important is the decentralization of the network for the telcos, as 5G will be the first generation of mobile networks to use virtual RAN?

Decentralization of the network through 5G is an extremely critical milestone because of the possibilities it has enabled us to achieve.

• Proprietary and expensive hardware is replaced: Disaggregates the RAN architecture and provides open interfaces and an ecosystem in which many vendors and solution providers can innovate.
• vRAN applies the principles of network function virtualization (NFV): RAN network functions are virtualized and deployed on cloud platforms. vRAN brings the benefits of cloud and the ability to take a platform-centric approach by deploying RAN network functions on an agile, scalable, and hybrid platform on common-off-the-shelf (COTS) hardware. This breaks down silos and minimizes CAPEX and OPEX.
• Network functions can be flexibly deployed: It is crucial to support higher cell and device density, and a wide variety of use cases not limited to physical network functions.
• vRAN enables cloud automation: Automation software can monitor key performance metrics, rebalance the workload and simplify maintenance. This helps CTOs make time for brilliance (i.e., spend more time on innovation).

Q6. How do you think the 5G era will shape the technology concerned with data privacy and security?

As telecom operators upgrade their networks for 5G and Edge, they can create digital platform businesses that are better positioned for innovation. Operators now have an opportunity to become providers of managed security services, helping secure end-to-end service (device to the application). Although 5G can expand the attack surface of telecom operators and their customers, the distinctly new architecture and capabilities of 5G networks are being designed to give operators opportunities to detect and address cyber threats more efficiently than ever before.

As mobile networks increasingly evolve towards a hybrid cloud platform, we believe automated security orchestration and management will be vital in 5G networks. Additionally, xNF security posture will need to be maintained at every stage of the lifecycle, from onboarding to operations. End-to-end security will require management through a central point of control, and smart security controls will be required to cope with unpredictable threats.

How operators architect security into their 5G networks and adopt a Zero Trust strategy is essential, and the following factors should be considered:

• An industry-standard framework that can help reduce integration risk and cost
• Building security policies into the CI/CD process to aid innovation, speed, improved quality
• Threat management assessments help expose potential areas of vulnerability
• A Zero Trust strategy can institutionalize the right policies in the journey to cloud-native

Q7. 5G will see more and more edge computing deployed, and therefore, data security will become more of a priority for MNOs. How do IBM’s solutions enable the same?

As part of the Privacy by Design goal, it is important to have capabilities in edge computing complementing 5G. The end-to-end application of 5G involves IT applications, cloud providers, and network providers coming together in a joint effort. IBM’s focus is on addressing the security issues holistically, so the solution is secure as a whole. There are multiple IBM solutions already in existence and are continually evolving with insights/ learning from the ground. A few of these solutions are housed under Cloud Pak for Network Automation, IBM Edge Application Manager, and Collaborative 5G security solutions with Palo Alto Network.

IEAM: IBM Edge Computing® Manager is an intelligent and flexible application that provides autonomous management for edge computing. A single administrator can manage the scale, variability, and rate of change of application environments across end-points simultaneously.

IBM Telco Cloud Manager/ IBM Cloud Pak for Network Automation enables the automation of network operations so CSPs can transform their networks, evolve to zero-touch operations, reduce OPEX, and deliver services faster. CSPs gain a range of enhanced capabilities, such as normalized lifecycle modeling, intent-driven orchestration, service design, and testing, dynamic service assurance, and closed-loop operations.

IBM Cloud Satellite, an extension of IBM Public Cloud, can run inside the customer's data center or out at the edge. It enables deploying and running apps consistently across locations from any cloud vendor by delivering cloud services, APIs, access policies, security controls, and compliance. IBM Cloud Satellite can be used as a secure solution for connecting resources in a protected on-premises environment to cloud resources.