5G will provide significant societal value as it is used for critical infrastructure, mission critical applications, smart manufacturing, connected car, and other use cases. As a result of this new usage, our risk tolerance must be decreased because of the increased impact of cyberattacks on the 5G network. This requires a risk-based approach to securing Radio Access Networks (RAN) as it evolves to Open RAN that is virtualized, disaggregated, cloud-native, automated, and intelligent. Along with new secure use cases, there is an emerging requirement for Open RAN which can be implemented using the approaches of virtual RAN, Cloud RAN, and O-RAN. These new technologies in the wireless cellular space bring inherent security benefits while also introducing new security risks. This presentation will address the Open RAN approaches and the security risks for each. Open RAN security topics that will be discussed include 3GPP 5G security, cloud security, security-by-design, and secure use of open source software. ORAN’s expanded threat surface, with additional interfaces and functions, introduces additional security risks that will also be discussed. The presentation will also introduce concepts to achieve a zero-trust architecture for Open RAN that can be implemented in Cloud RAN and O-RAN. The multi-party relationship between the operator, cloud provider, and system integrator requires security roles and responsibilities are clearly defined in this presentation.