5G network slicing: How to secure the opportunity

Network slicing is central to unlocking the 5G opportunity

There has understandably been a lot of talk and hype about 5G and network slicing in the telecoms industry. It promises to bring greater speeds, lower latency, greater capacity, ultra-reliability, greater flexibility in the network operations and more. It also pledges to support high device densities and to enable new services, new business and operational models as well as new vertical opportunities.

Given that the rollout of 5G networks is expected to involve a significant investment of hundreds of billions of dollars, there is a need to look at how it might address new business opportunities that previous generations of cellular networks could not. Many, including us, have argued that the consumer business case for 5G is limited, and that the enterprise segment is likely to represent the greater opportunity.

One highly anticipated aspect of 5G is that it will be built on virtualised infrastructure. Network functions will run as software in datacentres, rather than on dedicated appliances as in the past. This will mean that operators can deploy and make changes to functions with far greater flexibility than ever before. It also offers the promise of enabling multiple logical end-to-end networks – each intended to meet specific needs – to be “spun-up”, operated and retired as required, over the same shared hardware. Traditionally, achieving such a multi-service outcome would have required building dedicated stand-alone networks, which was rarely a viable proposition.  This capability is the essence of network slicing.

Figure 1: Diagram of network slicing

5G network slicing diagram

Source: STL Partners

This report will explore the concept of network slicing and what it means for enterprise customers. It will have a particular focus on one aspect of network slicing through the enterprise perspective, that being security. The first section will cover how we define network slicing whilst the second will dive into what the enterprise security-related concerns are. We will then assess the implications of these concerns in the third section, before identifying ways that telcos can address these concerns in order to accelerate the adoption of network slicing.

Our findings in this report are informed by a wider STL Partners research programme that STL Partners has conducted with telcos and enterprises across several verticals, including transport, defence, utilities, logistics and smart cities.

Enterprise security concerns with network slicing are rooted in the fear of the new and unknown

Network slicing is inherently complex. Multiple networks being created over common infrastructure, each serving different customers, use cases and devices means that management and orchestration of network slices is something that telcos are still grappling with. It not only represents a change in technology but also a shift in the way that the network lifecycle is managed, which is new and unfamiliar to telcos and their enterprise customers. Current security protocols will not necessarily be equipped to cover many of the new dimensions that network slicing brings. This new shift in the way things work will result in various enterprise security concerns. Changes in the network architecture with slicing, with multiple logical networks each having their own resources and sharing others, also poses questions of how the security architecture needs to evolve in order to address new risks.

Enterprise customers define security as not only about preventing services being compromised by intentional malicious attacks, but also about preventing service degradation or disruption due to unintentional operational or technical failures and/or negligence, unplanned breakdowns etc. Due to the interdependence of slices, even if a fault occurrence happens, it could consume resources in one slice, just like an attack would, which would affect the reliability or lifecycle of other network slices that share the same resources. Regardless of how the performance of a slice gets affected, whether it is by a malicious attack, a natural disaster, a bug or unintentional negligence, the consequences are ultimately the same. These are all, in some way, related to security. Therefore, when considering security, we need to think beyond potential intentional malicious attack but also unintentional negligence and unplanned events.

What if my network slice gets compromised? What if another slice gets compromised? What if another slice is eating up resources?

We outline these three key questions that enterprises have around their security concerns, as potential tenants of network slices, in the body of the report.

Table of contents

  • Executive summary
  • Introduction
    • Network slicing is central to unlocking the 5G opportunity
    • Dynamic, virtualised, end-to-end networks on shared resource
    • Slicing might come about in different ways
    • Slicing should bring great benefits…
  • Enterprise security concerns with network slicing are rooted in the fear of the new and unknown
    • What if my network slice gets compromised?
    • What if another network slice is compromised?
    • What if another network slice is eating up resources?
  • Security concerns will slow adoption if not addressed early and transparently
    • Concerns and misconceptions can be addressed through better awareness and understanding
    • As a result, enterprises project concerns about public networks’ limitations onto slicing
    • The way that network slicing is designed actually enhances security, and there are additional measures available on top.
  • Telcos must act early and work more closely with customers to drive slicing adoption
    • Ensure that the technology works and that it is secure and robust
    • Organise and align internally on what network slicing is and where it fits internally before addressing enterprise customers
    • Engage in an open dialogue with enterprise customers and directly address any concerns via a ‘hand holding’ approach
    • Don’t wait for maturity to start testing and rolling out pilots to support the transition and learning process
  • Conclusion

How telcos can win with SMBs: Strategies for success

SMB markets: An elusive opportunity for telcos

SMBs (small-to-medium-sized businesses) have been a challenging market for telcos historically. Despite this, it remains an attractive opportunity thanks to its sheer size and (potential) margins. Our interview programme, across 10 telcos globally and 100 SMBs in Europe and North America, revealed a feeling that telcos could see real rewards by focusing on this previously underserved market.

“SMB is now a high priority as a large part of our B2B strategy. We see it as a very big and growing opportunity,” noted a Western European Operator. A North American operator commented, “medium enterprises are now an area of great focus for us, there’s lots of potential there. We didn’t use to but are now investing lots of resources.” There are several key factors why telcos are looking to pursue this opportunity now:

  • As consumer average revenue per user (ARPUs) continue to decline, there remains a promise of stability and  growth with business customers.
  • SMBs are becoming more technologically mature and are increasingly embracing trends such as remote working and bring your own device, which can reduce their costs of operation. They have increased need and desire for digital and cloud services, which enable employees to access documents from any device, anywhere – they are often looking to their broadband providers to provide this.
  • Security and compliance are a high priority for SMBs. Previously they may have relied upon the belief that small businesses will not be targeted by cyberattacks, but increasingly SMBs will struggle to do business without being able to prove they are compliant. As this report will go on to highlight, security is an area of key potential telcos should be looking to pursue.
  • Technology such as artificial intelligence (AI) and SD-WAN can enable telcos to provide new services to SMBs while keeping cost of acquisition low.

SMB markets are attractive due to sheer size and (potential) margins

For SMBs, the potential untapped revenues, though relatively small per business, are sizeable when aggregated across SMBs. For example, companies with fewer than 250 employees made up 99% of all enterprises in the EU. But why do telcos often struggle in this space, and what should they do to succeed in this market?

First, it’s important to define what we mean by SMBs and how we should segment them. There is no one clear definition, and segmentation often differs across markets. For example, one operator we spoke to in Mexico pointed out that what they classify as relatively large enterprises would be considered SMBs by telcos in the United States. The definition varies, often dependent on the difference in average company size for each region.

For the purposes of this report, we define SMBs as enterprises with fewer than 100 employees. We also include the category of firms with 2-7 employees – often called SOHO (single office / home office) or VSE (very small enterprise) – in our definition. However, given their size and needs, telcos sometimes group SOHOs with consumers in their “mass-market” lines of business.

The number of potential SMB customers provides the telco with scale of service and large revenue opportunities. These opportunities come from both the acquisition of new customers, for whom operators provide connectivity and communications services (voice, conferencing, UC), and from upselling additional adjacent services to existing customers. These new services might include:

  • Enterprise mobility: management and security of mobile devices, including scenarios like bringyour-own-device (BYOD) and virtual desktops
  • Software-as-a-service: cloud-hosted enterprise software such as productivity software (e.g. Office 365), CRM software (e.g. Salesforce) or accounting packages (e.g. local accounting software)
  • Infrastructure-as-a-service: compute / storage resources and networking capabilities
  • Cybersecurity and disaster recovery: email backup and security services including firewalls, anti-phishing and DDOS attack prevention
  • IoT connectivity: bespoke connectivity solutions for IoT devices (though not the focus of this report, it is a major new area for telco enterprise services).

For most telcos, moving into new services is a crucial move to combat the commoditisation of connectivity. This move is critical in the SMB market, where cost of acquisition of new customers is relatively high, so telcos must offer value-add services to make it profitable.

Telcos’ key challenges in SMB markets: Fragmentation, heterogeneity, “high-touch” engagement

Disparity characterises the SMB market. The divergence of expectations, needs, and technological maturity of SMBs creates fragmentation. Additionally, SMB needs vary by vertical and region, both of which create additional elements of disparity. This market fragmentation has created two crucial challenges for telcos.

  1. It’s hard to understand the customers’ needs because they vary so greatly from one SMB to another.
  2. It’s expensive to serve them because of the time it takes to understand these needs and develop bespoke solutions to address them.

Both of the above challenges are complicated by SMBs’ relatively limited buying power and often limited understanding of their own IT requirements. Despite their smaller budgets, SMBs traditionally require a relatively large investment to win a sale. In comparison to the highly automated, self-service environment of many telcos’ consumer divisions, SMBs want and expect personalised, often dedicated (even face to face) sales and support. Along with knowledge of their product suite, sellers may need to help solve wider IT problems or offer technical guidance. Successful SMB sales teams require broad knowledge and time, making it a comparatively big investment for telcos.

It is not just the sales process that needs to be personalised and consultative; SMBs may also require bespoke product configuration and integration. This kind of service would be expected within a large enterprise but becomes prohibitively expensive within smaller businesses unless it is provided by channels with wider monetisation models (e.g. IT support or equipment sales). In short, SMBs have the engagement expectations of enterprises, with budgets closer to that of consumers. No wonder that few telcos made the effort with SMBs while their consumer businesses were still growing.

To seize this opportunity, telcos must find a way to bridge the gap between the entirely productised world of consumer, and the bespoke sales and services for larger corporates and enterprises.

Table of contents

  • Executive Summary
  • SMB markets: An elusive opportunity for telcos
    • SMB markets are attractive due to sheer size and (potential) margins
    • Telcos’ key challenges in SMB markets: Fragmentation, heterogeneity, “high-touch” engagement
    • There is a disconnect between what telcos think SMBs need and what they actually want
  • Untapped opportunities: Strategies for SMB market success
  • Channel strategies: Engaging SMBs to provide a “high-touch” experience
    • Short term channel strategies
    • Long term channel strategies
  • Product strategies: Where to win quick in a fragmented market
    • Short term product strategies
    • Long-term product strategies
  • Supporting capabilities: Where telcos should invest for success in the SMB market
    • Short-term supporting capabilities needed
    • Long-term supporting capabilities needed
  • Conclusion