Until now, 5G hasn’t changed the security experience for mobile operators or any of their customers. That’s because the first 5G services all leverage the Non Stand Alone (NSA) 5G architecture that connects 5G radios to a 4G core. That’s about to change. With 5G SA, the security landscape changes fundamentally. This is due to the way 3GPP ‘explodes’ the traditional mobile core architecture. The new 5G Core (5GC) is based on a Service Based Architecture (SBA) or applications services mesh. While this is critical to unlocking a lot of 5G’s potential – rapid time to market with new services, network slicing, unprecedented scalability – the new 5G core also introduces some potentially major vulnerabilities. These are common in enterprise IT and public cloud environments but telcos have little experience in addressing them. This White Paper describes how 3GPP’s specifications addresses longstanding flaws in the 4G security model as still used in 5G NSA networks. It highlights key vulnerabilities in the new 5GC, identifying 3GPP fixes where they exist and recommending them where they don’t. It also provides guidance on key aspects of customer communications on 5G security and best practise security in day-to-day telco operations.