AT&T has released its annual Cybersecurity Insights Report, with several key takeaways from 2021 and predictions for the year ahead. Edge computing is a key focus of the report, as AT&T goes into detail about the state of edge, as well as the company outlining the risks and security based on survey data and interviews of over 1,500 IT executives.
“The data we found in the AT&T Cybersecurity Insights Report indicates that the edge has surprisingly strong momentum, even though many security leaders acknowledge a substantial perceived risk surrounding deploying and securing edge computing,” said Theresa Lanowitz, Head of Cybersecurity Evangelism at AT&T Business. “The findings show that 75% of our survey respondents are either planning, have partially implemented, or have fully implemented an edge use case. This reveals that many more edge network projects are underway than we had anticipated – and they range across industries and geographies using diverse network environments and security controls.”
Edge computing and its uses
The report analyzes several key aspects of edge computing, including why it is important to think of the edge computing as a set of essential characteristics to a network. AT&T defines edge as a distributed architecture made up of applications, workloads, connectivity and networking. The company also detailed that integration with 5G, legacy cellular, wireless and cloud computing all make sense moving forward into the future.
The reasons for many industries moving towards edge computing were detailed by AT&T:
- Stiff competition in a global marketplace
- Changing business models
- Rethinking operating and infrastructure strategies
- Use case commonalities and variabilities by industry
- Managing stakeholder expectations
Some cases for adopting edge networks according to the report, industrial IoT or OT functions were the largest amount of general use cases expected in production over the next three years, followed by enterprise IoT and industry oriented consumer IoT functions. AT&T’s data in the report says “[these] findings make sense because IoT in a broad sense is the application or use case that generates the data that’s moving around the edge.”
SEE: Artificial Intelligence Ethics Policy (TechRepublic Premium)
“We are well on the way to an edge journey, a new era of computing underpinned by 5G,” said Lanowitz. “It will undoubtedly take time to see widespread implementation, especially as business leaders come to understand more about the edge, as well as its costs and benefits. Our report data reveals that while there is a perceived risk with edge use cases, organizations are moving ahead. The investment in security is happening early. Our survey responses indicate that on average organizations are planning to invest in the range of 11 to 20% of their total project budget on security.”
In addition, other industries such as healthcare and financial services were brought forth as burgeoning areas where edge will be implemented in the future. Of the respondents to the survey in the healthcare industry, 74% are planning or have begun implementing an edge use case, with the ability to provide care in remote locations and virtual care services being cited as two of the potential advantages for edge use in that industry. In finance, 73% of respondents said they have implemented or begun to implement these edge use cases, with concierge services able to provide personalized experiences for customers and enabling the delivery of real-time data to clients to build relationships.
However, the largest planned edge network environment detailed in the report is private 5G. With several enterprises launching private 5G networks, this comes as little surprise that as 5G continues to grow these use cases will become more broadly available and beneficial. While autonomous driving vehicles and robots are further into the future for these private 5G utilization, once private 5G has become the standard AT&T says it expects general purpose computers, individual devices and multi-access edge (MEC) to become the top use cases.
While edge has its benefits, it is still in the process of being adopted by many industries, with some enterprises moving forward with edge use cases despite the risks associated with doing so. Edge computing makes cloud part of the equation, opening many industries up to security risks, and that shared security responsibility must become more of a focus. In addition, AT&T says that cloud providers need to solve more security requirements. In these cases, ransomware and sniffing attacks become more of a concern across edge users.
Each industry has multiple edges, such as enterprise, industrial, device, telecommunications and tactical edge. The security needed to protect these different kinds of edge strategy can differ due to the varying types of workloads and the types of data flow activity. The risk comes when stress is placed upon edge resources, opening up potential cracks in service and downtime. Respondents from the energy, finance, healthcare, manufacturing, public sector and retail industries all noted greater than average risk when it came to the move towards edge computing, according to the study. Retail along with energy and utilities were the two industries with the highest noted risk of the six that were included in the report.
SEE: Metaverse cheat sheet: Everything you need to know (free PDF) (TechRepublic)
Retail’s perceived risk stems from the number and impact of cyber threats faced each day due to the publicity of large attacks on the industry’s systems. The pandemic put an even heavier strain on the systems of the retail industry due to the move towards virtual shopping, and the need for a better online presence and customer experience. The industry with the lowest perceived risk was noted as being healthcare, but still saw its fair share of cyberattacks through ransomware over the past few years.
The least concerning type of attacks were on supply chains, and attacks against 5G core (telecommunications), physical attacks, DDoS attacks against the RAN and attacks against MEC. While supply chains were of the least worrisome variety, if these are attacked it could cause a trickle down effect to other industries but is not typically thought of as a standalone target for cyberattacks. The areas of the world most concerned with this cyber risk were Asia and specifically South Korea due to ransomware being the most likely form of attack on systems. Elsewhere, Latin America noted concern due to attacks on servers, while North America’s focus was on servers and data at the network edge.
“Edge can, and will, bridge network and security more than ever before,” Lanowitz said. “Especially when taking into account the typical legacy security controls, edge security controls cast a wider net, offering a broader and more centralized view of the entire attack surface. This is crucial as those attack surfaces get increasingly larger as networks expand. Threat intelligence and threat detection and response capabilities also provide that necessary macro view.”
As enterprises look to secure its data centers from cyber threats, edge computing may be an emerging option for IT decision-makers. One potential downside is it is still early for edge as it is an immature computing market, but executives may want to start exploring their options. Companies looking to implement edge computing may want to consider a proactive and preventative approach according to AT&T, as these decision makers weigh factors such as familiarity with the system and potential benefit cost.