3 Questions Enterprise Leaders Can Ask About Private 5G Security

Leonid Burakovsky, vice president of product management at Palo Alto Networks, recalls meeting with the leader of a car manufacturing company that wanted to move to a private 5G network. When asked if the company had a system to detect malware and ransomware, the leader and his team members were not sure and could only guess that the private 5G connection would offer enough security. 

Burakovsky stresses, however, that this is a common misconception when it comes to security for 5G. He answers three key questions to help enterprise leaders better guide their understanding of the rapidly adopted technology. 

1. What is a major misconception about 5G security for businesses? 

“The biggest misconception is that connectivity security does not ensure operational security. These are different definitions,” Burakovsky says. 

Recently, the European Telecommunications Standards Institute (ETSI) published a framework for implementing zero-trust security across networks, including 5G. In Technical Specifications TS 104-102 and 104-103, the organization has codified how service providers and network operators can secure their networks for a zero-trust model. 

Aligning 5G security with zero trust is critical, Burakovsky notes, because it is an established framework that most people already understand. Thus, 5G security is about understanding zero-trust implementation in a 5G environment, he says. 

WATCH: Discover the security issues demanding attention in 2026.

2. As businesses adopt different 5G use cases, how can they ensure that security controls do not degrade performance, or introduce unacceptable delays or failure modes? 

“You have to start with end-to-end continuous visibility, because you can’t secure what you can’t see,” Burakovsky says. After detection, the next step is prevention and automatic enforcement of security policies, he adds. 

He notes four pillars of fundamental functionalities that must be implemented: all layers, all locations, all attack vectors and a shift-left strategy. Overarching these pillars should be intelligent or identity-based security.

Click the banner below to read the CDW Cybersecurity Research Report.

“A huge advantage built into the 5G network is slicing, where one can ensure the quality of service and bandwidth across, end to end,” Burakovsky says. “Now, you can ensure different layers of security to different slices and put different groups of devices in different slices, or put different groups of hardware identity, operational technology or Internet of Things devices, grouping in different security slices or giving them different security policies.” 

This is where, again, setting standards with the help of governmental agencies or other organizing bodies can help enterprises define the architecture and build security into the network from day zero — not as an afterthought, but as soon as they start thinking about deploying private 5G networks. 

3. How can businesses plan for the next stages as 5G security evolves and introduces new models of network operations? 

Businesses should build security into their mobile network, Burakovsky notes, and consider the role automation and artificial intelligence can play in improving monitoring, detection and real-time protection. 

For example, he says, if malware or a remote code execution were detected, a team could block it in real time inline, in on-premises or cloud deployments with dedicated security equipment, or involve the policy mechanisms of a mobile network so that there aren’t any additional inline devices on that network. 

With the large number of zero-day vulnerabilities that exist, Burakovsky adds that detecting and blocking those threats manually, one by one, would fail. 

“You can't do it manually; there is no way to do it,” he says. “So, this is just one example of where we use AI and machine learning in our architecture and in our products.”

DIG DEEPER: How will AI, data and security reshape manufacturing in 2026?