{"id":96313,"date":"2025-12-03T15:24:51","date_gmt":"2025-12-03T15:24:51","guid":{"rendered":"https:\/\/www.gsma.com\/solutions-and-impact\/connectivity-for-good\/public-policy\/?p=96313"},"modified":"2026-01-15T16:10:40","modified_gmt":"2026-01-15T16:10:40","slug":"rethinking-cybersecurity-policy-and-regulation","status":"publish","type":"post","link":"https:\/\/www.gsma.com\/solutions-and-impact\/connectivity-for-good\/public-policy\/rethinking-cybersecurity-policy-and-regulation\/","title":{"rendered":"Rethinking cybersecurity policy and regulation"},"content":{"rendered":"\n<p>At MWC Doha last week, the GSMA welcomed government ministers, regulatory authorities, and industry leaders from around the world to the Ministerial Programme. We examined several policy areas, including mobile investment, digital governance, children&#8217;s rights, AI, and spectrum management. Platforms such as the Ministerial Stage and roundtables provided the perfect opportunity for public-private collaboration within and beyond the MENA region.<\/p>\n\n\n\n<p>We launched our global report, <em><a href=\"https:\/\/www.gsma.com\/solutions-and-impact\/connectivity-for-good\/public-policy\/gsma_resources\/the-impact-of-cybersecurity-regulation-on-mobile-operators\/\" target=\"_blank\" rel=\"noreferrer noopener\">The Impact of Cybersecurity Regulation on Mobile Operators<\/a>,<\/em> which outlines examples and best practices in existing cybersecurity policy frameworks. Mobile operators invest significantly in cybersecurity, spending between $15bn and $19bn on core activities, with costs expected to rise to over $40bn as threats increase. However, many markets face a patchwork of overlapping or conflicting laws and regulations, sector-specific policies, and mandates from multiple regulators. This often results in higher compliance costs, diverting resources away from making innovative and targeted improvements.<\/p>\n\n\n\n<figure class=\"wp-block-gallery has-nested-images columns-default is-cropped wp-block-gallery-1 is-layout-flex wp-block-gallery-is-layout-flex\">\n<figure class=\"wp-block-image size-large\"><img loading=\"lazy\" decoding=\"async\" width=\"1024\" height=\"683\" data-id=\"96318\" src=\"https:\/\/www.gsma.com\/solutions-and-impact\/connectivity-for-good\/public-policy\/wp-content\/uploads\/2025\/12\/OXY00009-1-1024x683.jpg\" alt=\"A group of people in business attire sit around a large white oval conference table in a spacious, modern room with wood-panelled walls. A presentation screen is on the far wall, and nameplates are on the table in front of each participant.\" class=\"wp-image-96318\" srcset=\"https:\/\/www.gsma.com\/solutions-and-impact\/connectivity-for-good\/public-policy\/wp-content\/uploads\/2025\/12\/OXY00009-1-1024x683.jpg 1024w, https:\/\/www.gsma.com\/solutions-and-impact\/connectivity-for-good\/public-policy\/wp-content\/uploads\/2025\/12\/OXY00009-1-500x333.jpg 500w, https:\/\/www.gsma.com\/solutions-and-impact\/connectivity-for-good\/public-policy\/wp-content\/uploads\/2025\/12\/OXY00009-1-768x512.jpg 768w, https:\/\/www.gsma.com\/solutions-and-impact\/connectivity-for-good\/public-policy\/wp-content\/uploads\/2025\/12\/OXY00009-1-1536x1024.jpg 1536w, https:\/\/www.gsma.com\/solutions-and-impact\/connectivity-for-good\/public-policy\/wp-content\/uploads\/2025\/12\/OXY00009-1-2048x1365.jpg 2048w\" sizes=\"(max-width: 1024px) 100vw, 1024px\" \/><\/figure>\n\n\n\n<figure class=\"wp-block-image size-large\"><img loading=\"lazy\" decoding=\"async\" width=\"1024\" height=\"683\" data-id=\"96317\" src=\"https:\/\/www.gsma.com\/solutions-and-impact\/connectivity-for-good\/public-policy\/wp-content\/uploads\/2025\/12\/OXY00063-1024x683.jpg\" alt=\"A group of professionals in business attire sit around a large, oval conference table in a modern boardroom with wood-panelled walls. A screen displays \u201cSix principles of best critical policy making.\u201d Nameplates and microphones are visible on the table.\" class=\"wp-image-96317\" srcset=\"https:\/\/www.gsma.com\/solutions-and-impact\/connectivity-for-good\/public-policy\/wp-content\/uploads\/2025\/12\/OXY00063-1024x683.jpg 1024w, https:\/\/www.gsma.com\/solutions-and-impact\/connectivity-for-good\/public-policy\/wp-content\/uploads\/2025\/12\/OXY00063-500x333.jpg 500w, https:\/\/www.gsma.com\/solutions-and-impact\/connectivity-for-good\/public-policy\/wp-content\/uploads\/2025\/12\/OXY00063-768x512.jpg 768w, https:\/\/www.gsma.com\/solutions-and-impact\/connectivity-for-good\/public-policy\/wp-content\/uploads\/2025\/12\/OXY00063-1536x1024.jpg 1536w, https:\/\/www.gsma.com\/solutions-and-impact\/connectivity-for-good\/public-policy\/wp-content\/uploads\/2025\/12\/OXY00063-2048x1365.jpg 2048w\" sizes=\"(max-width: 1024px) 100vw, 1024px\" \/><\/figure>\n\n\n\n<figure class=\"wp-block-image size-large\"><img loading=\"lazy\" decoding=\"async\" width=\"1024\" height=\"683\" data-id=\"96316\" src=\"https:\/\/www.gsma.com\/solutions-and-impact\/connectivity-for-good\/public-policy\/wp-content\/uploads\/2025\/12\/OXY00115-1024x683.jpg\" alt=\"A group of 17 formally dressed people stand in a line against a modern wood-panelled conference room wall. In front of them is a curved conference table with white chairs and microphones. A large screen on the wall displays a blue welcome message.\" class=\"wp-image-96316\" srcset=\"https:\/\/www.gsma.com\/solutions-and-impact\/connectivity-for-good\/public-policy\/wp-content\/uploads\/2025\/12\/OXY00115-1024x683.jpg 1024w, https:\/\/www.gsma.com\/solutions-and-impact\/connectivity-for-good\/public-policy\/wp-content\/uploads\/2025\/12\/OXY00115-500x333.jpg 500w, https:\/\/www.gsma.com\/solutions-and-impact\/connectivity-for-good\/public-policy\/wp-content\/uploads\/2025\/12\/OXY00115-768x512.jpg 768w, https:\/\/www.gsma.com\/solutions-and-impact\/connectivity-for-good\/public-policy\/wp-content\/uploads\/2025\/12\/OXY00115-1536x1024.jpg 1536w, https:\/\/www.gsma.com\/solutions-and-impact\/connectivity-for-good\/public-policy\/wp-content\/uploads\/2025\/12\/OXY00115-2048x1365.jpg 2048w\" sizes=\"(max-width: 1024px) 100vw, 1024px\" \/><\/figure>\n<\/figure>\n\n\n\n<p><\/p>\n\n\n\n<p>Discussions between the public and private sectors in the Ministerial Programme highlighted that there is no \u2018one-size-fits-all\u2019 model for cybersecurity policy and regulation, and that collaboration is key. Not only between mobile operators and regulatory bodies, but for all those involved in the mobile ecosystem, and across other sectors such as technology, payment and financial services.<br \/><br \/>Through in-depth interviews, the report draws on the experience of mobile operators from Africa, Asia-Pacific, Europe, Latin America, the Middle East and North America, highlighting the challenges that they face within their markets. It contains six core principles for governments and regulators to consider when shaping cybersecurity policy.<\/p>\n\n\n\n<p><strong>The six principles for best practice cybersecurity policy<\/strong><\/p>\n\n\n\n<p><strong>Harmonisation:<\/strong> Align cybersecurity policy with international standards wherever possible, to reduce regulatory fragmentation and inconsistency.<\/p>\n\n\n\n<p><strong>Consistency:<\/strong> Ensure new policies and frameworks are consistent with existing policy to avoid duplication or conflict.<\/p>\n\n\n\n<p><strong>Risk- and outcome-based:<\/strong> Adopt risk-based and outcome-based approaches in the design and implementation of cybersecurity regulation, giving operators flexibility to innovate and deploy effective solutions.<\/p>\n\n\n\n<p><strong>Collaboration:<\/strong> Promote a collaborative regulatory culture with industry, supported by secure threat intelligence sharing to strengthen resilience, increase awareness of cyber threats, enable constructive enforcement, and foster a joint approach to combating cybercrime.<\/p>\n\n\n\n<p><strong>Security-by-design:<\/strong> Encourage a proactive, security-by-design approach to mitigating cyber risks.&nbsp;<\/p>\n\n\n\n<p><strong>Capacity-building:<\/strong> Strengthen the institutional capacity of cybersecurity authorities to ensure a whole-of-government approach and effective application of policy and regulation.<\/p>\n\n\n\n<p>The principles aim to encourage more collaboration, increase trust, and share responsibility more widely. By adopting them, governments, regulators and policymakers can help ensure that mobile networks remain secure, resilient, and support the digital services that consumers and wider society increasingly rely on.<\/p>\n\n\n\n<p>A huge thanks to all participants for engaging in open and frank dialogue and sharing their knowledge and experience. We look forward to further engagement with policymakers and regulators to address challenges in their markets and remain ready to inform discussions and shape policy in ways that benefit their citizens. &nbsp;<\/p>\n\n\n\n<p><\/p>\n","protected":false},"excerpt":{"rendered":"<p>Discussions at MWC Doha highlighted that there is no \u2018one-size-fits-all\u2019 model for cybersecurity regulation, and that collaboration is key.<\/p>\n","protected":false},"author":95,"featured_media":96319,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_oasis_is_in_workflow":0,"_oasis_original":0,"_oasis_task_priority":"","footnotes":""},"categories":[12179,12183,1148],"tags":[12178],"algolia_discover_type":[12147],"class_list":["post-96313","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-cybersecurity","category-cybersecurity-topic","category-online-safety","tag-cybersecurity","algolia_discover_type-article"],"yoast_head":"<!-- This site is optimized with the Yoast SEO Premium plugin v23.7 (Yoast SEO v25.6) - https:\/\/yoast.com\/wordpress\/plugins\/seo\/ -->\n<title>Rethinking cybersecurity policy and regulation - Public Policy<\/title>\n<meta name=\"description\" content=\"Discussions at MWC Doha highlighted that there is no \u2018one-size-fits-all\u2019 model for cybersecurity regulation, and that collaboration is key.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.gsma.com\/solutions-and-impact\/connectivity-for-good\/public-policy\/rethinking-cybersecurity-policy-and-regulation\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Rethinking cybersecurity policy and regulation\" \/>\n<meta property=\"og:description\" content=\"Discussions at MWC Doha highlighted that there is no \u2018one-size-fits-all\u2019 model for cybersecurity regulation, and that collaboration is key.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.gsma.com\/solutions-and-impact\/connectivity-for-good\/public-policy\/rethinking-cybersecurity-policy-and-regulation\/\" \/>\n<meta property=\"og:site_name\" content=\"Public Policy\" \/>\n<meta property=\"article:published_time\" content=\"2025-12-03T15:24:51+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2026-01-15T16:10:40+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/www.gsma.com\/solutions-and-impact\/connectivity-for-good\/public-policy\/wp-content\/uploads\/2025\/12\/Cybersecurity_roundtable-1024x379.png\" \/>\n\t<meta property=\"og:image:width\" content=\"1024\" \/>\n\t<meta property=\"og:image:height\" content=\"379\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/png\" \/>\n<meta name=\"author\" content=\"iivanov@gsma.com\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"iivanov@gsma.com\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"3 minutes\" \/>\n<!-- \/ Yoast SEO Premium plugin. -->","yoast_head_json":{"title":"Rethinking cybersecurity policy and regulation - Public Policy","description":"Discussions at MWC Doha highlighted that there is no \u2018one-size-fits-all\u2019 model for cybersecurity regulation, and that collaboration is key.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.gsma.com\/solutions-and-impact\/connectivity-for-good\/public-policy\/rethinking-cybersecurity-policy-and-regulation\/","og_locale":"en_US","og_type":"article","og_title":"Rethinking cybersecurity policy and regulation","og_description":"Discussions at MWC Doha highlighted that there is no \u2018one-size-fits-all\u2019 model for cybersecurity regulation, and that collaboration is key.","og_url":"https:\/\/www.gsma.com\/solutions-and-impact\/connectivity-for-good\/public-policy\/rethinking-cybersecurity-policy-and-regulation\/","og_site_name":"Public Policy","article_published_time":"2025-12-03T15:24:51+00:00","article_modified_time":"2026-01-15T16:10:40+00:00","og_image":[{"width":1024,"height":379,"url":"https:\/\/www.gsma.com\/solutions-and-impact\/connectivity-for-good\/public-policy\/wp-content\/uploads\/2025\/12\/Cybersecurity_roundtable-1024x379.png","type":"image\/png"}],"author":"iivanov@gsma.com","twitter_card":"summary_large_image","twitter_misc":{"Written by":"iivanov@gsma.com","Est. reading time":"3 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"WebPage","@id":"https:\/\/www.gsma.com\/solutions-and-impact\/connectivity-for-good\/public-policy\/rethinking-cybersecurity-policy-and-regulation\/","url":"https:\/\/www.gsma.com\/solutions-and-impact\/connectivity-for-good\/public-policy\/rethinking-cybersecurity-policy-and-regulation\/","name":"Rethinking cybersecurity policy and regulation - Public Policy","isPartOf":{"@id":"https:\/\/www.gsma.com\/solutions-and-impact\/connectivity-for-good\/public-policy\/#website"},"primaryImageOfPage":{"@id":"https:\/\/www.gsma.com\/solutions-and-impact\/connectivity-for-good\/public-policy\/rethinking-cybersecurity-policy-and-regulation\/#primaryimage"},"image":{"@id":"https:\/\/www.gsma.com\/solutions-and-impact\/connectivity-for-good\/public-policy\/rethinking-cybersecurity-policy-and-regulation\/#primaryimage"},"thumbnailUrl":"https:\/\/www.gsma.com\/solutions-and-impact\/connectivity-for-good\/public-policy\/wp-content\/uploads\/2025\/12\/Cybersecurity_roundtable.png","datePublished":"2025-12-03T15:24:51+00:00","dateModified":"2026-01-15T16:10:40+00:00","author":{"@id":"https:\/\/www.gsma.com\/solutions-and-impact\/connectivity-for-good\/public-policy\/#\/schema\/person\/ff73818d3114c64beb9af21ec218a707"},"description":"Discussions at MWC Doha highlighted that there is no \u2018one-size-fits-all\u2019 model for cybersecurity regulation, and that collaboration is key.","breadcrumb":{"@id":"https:\/\/www.gsma.com\/solutions-and-impact\/connectivity-for-good\/public-policy\/rethinking-cybersecurity-policy-and-regulation\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.gsma.com\/solutions-and-impact\/connectivity-for-good\/public-policy\/rethinking-cybersecurity-policy-and-regulation\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.gsma.com\/solutions-and-impact\/connectivity-for-good\/public-policy\/rethinking-cybersecurity-policy-and-regulation\/#primaryimage","url":"https:\/\/www.gsma.com\/solutions-and-impact\/connectivity-for-good\/public-policy\/wp-content\/uploads\/2025\/12\/Cybersecurity_roundtable.png","contentUrl":"https:\/\/www.gsma.com\/solutions-and-impact\/connectivity-for-good\/public-policy\/wp-content\/uploads\/2025\/12\/Cybersecurity_roundtable.png","width":4608,"height":1704,"caption":"A group of 18 professionally dressed people stand side by side behind a curved conference table in a modern meeting room. The table has nameplates, microphones, and papers. A large screen behind them displays \"Closing Remarks\" with additional text."},{"@type":"BreadcrumbList","@id":"https:\/\/www.gsma.com\/solutions-and-impact\/connectivity-for-good\/public-policy\/rethinking-cybersecurity-policy-and-regulation\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/www.gsma.com\/solutions-and-impact\/connectivity-for-good\/public-policy\/"},{"@type":"ListItem","position":2,"name":"Rethinking cybersecurity policy and regulation"}]},{"@type":"WebSite","@id":"https:\/\/www.gsma.com\/solutions-and-impact\/connectivity-for-good\/public-policy\/#website","url":"https:\/\/www.gsma.com\/solutions-and-impact\/connectivity-for-good\/public-policy\/","name":"Public Policy","description":"","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.gsma.com\/solutions-and-impact\/connectivity-for-good\/public-policy\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Person","@id":"https:\/\/www.gsma.com\/solutions-and-impact\/connectivity-for-good\/public-policy\/#\/schema\/person\/ff73818d3114c64beb9af21ec218a707","name":"iivanov@gsma.com","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.gsma.com\/solutions-and-impact\/connectivity-for-good\/public-policy\/#\/schema\/person\/image\/","url":"https:\/\/secure.gravatar.com\/avatar\/9700160786b1a2de0fc3b875f0570ffd?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/9700160786b1a2de0fc3b875f0570ffd?s=96&d=mm&r=g","caption":"iivanov@gsma.com"}}]}},"featured_image_url":"https:\/\/www.gsma.com\/solutions-and-impact\/connectivity-for-good\/public-policy\/wp-content\/uploads\/2025\/12\/Cybersecurity_roundtable.png","_links":{"self":[{"href":"https:\/\/www.gsma.com\/solutions-and-impact\/connectivity-for-good\/public-policy\/wp-json\/wp\/v2\/posts\/96313"}],"collection":[{"href":"https:\/\/www.gsma.com\/solutions-and-impact\/connectivity-for-good\/public-policy\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.gsma.com\/solutions-and-impact\/connectivity-for-good\/public-policy\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.gsma.com\/solutions-and-impact\/connectivity-for-good\/public-policy\/wp-json\/wp\/v2\/users\/95"}],"replies":[{"embeddable":true,"href":"https:\/\/www.gsma.com\/solutions-and-impact\/connectivity-for-good\/public-policy\/wp-json\/wp\/v2\/comments?post=96313"}],"version-history":[{"count":2,"href":"https:\/\/www.gsma.com\/solutions-and-impact\/connectivity-for-good\/public-policy\/wp-json\/wp\/v2\/posts\/96313\/revisions"}],"predecessor-version":[{"id":96321,"href":"https:\/\/www.gsma.com\/solutions-and-impact\/connectivity-for-good\/public-policy\/wp-json\/wp\/v2\/posts\/96313\/revisions\/96321"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.gsma.com\/solutions-and-impact\/connectivity-for-good\/public-policy\/wp-json\/wp\/v2\/media\/96319"}],"wp:attachment":[{"href":"https:\/\/www.gsma.com\/solutions-and-impact\/connectivity-for-good\/public-policy\/wp-json\/wp\/v2\/media?parent=96313"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.gsma.com\/solutions-and-impact\/connectivity-for-good\/public-policy\/wp-json\/wp\/v2\/categories?post=96313"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.gsma.com\/solutions-and-impact\/connectivity-for-good\/public-policy\/wp-json\/wp\/v2\/tags?post=96313"},{"taxonomy":"algolia_discover_type","embeddable":true,"href":"https:\/\/www.gsma.com\/solutions-and-impact\/connectivity-for-good\/public-policy\/wp-json\/wp\/v2\/algolia_discover_type?post=96313"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}