{"id":14258,"date":"2026-04-09T10:58:00","date_gmt":"2026-04-09T09:58:00","guid":{"rendered":"https:\/\/www.gsma.com\/solutions-and-impact\/technologies\/security\/?p=14258"},"modified":"2026-04-09T11:35:19","modified_gmt":"2026-04-09T10:35:19","slug":"mobile-network-security-requires-resilience-as-well-as-defence","status":"publish","type":"post","link":"https:\/\/www.gsma.com\/solutions-and-impact\/technologies\/security\/general\/mobile-network-security-requires-resilience-as-well-as-defence\/","title":{"rendered":"Mobile network security requires resilience as well as defence"},"content":{"rendered":"\n<p>\u201cCompliance is smoke detectors and fire extinguishers. If you stay in this business long enough, you\u2019re going to have a fire.\u201d That message from <a href=\"https:\/\/www.interpol.int\/en\/Crimes\/Cybercrime\">INTERPOL\u2019s<\/a> Darrin Jones, Executive Director for Partnerships and Planning, pointed to a more hard-headed philosophy of security at the MWC26 Barcelona <a href=\"https:\/\/www.mwcbarcelona.com\/agenda\/sessions\/5987-security-summit\">Security Summit<\/a>. Protecting mobile networks now requires thinking beyond traditional cyber defences. The evolving role of AI in mobile network security cuts both ways. It is reshaping cyber threats on one hand, while transforming how operators detect and respond on the other. Geopolitical tensions are affecting supply chains and technology ecosystems. In addition, natural disasters are creating new digital risks. For operators, this means the perimeter has expanded well beyond the digital realm. Supply chains, physical infrastructure and AI-accelerated threats now all demand attention simultaneously.<\/p>\n\n\n\n<p>This requires the industry to adapt. Mobile network security is no longer only about detecting threats faster. The crucial point is this: security is about resilience. Networks must remain trusted, available and recoverable even when multiple forms of risk hit at once. For operators, that means moving beyond siloed cyber defence and preparing for constant disruptions such as AI-powered cyberattacks, ransomware and physical outages caused by natural disasters. At the same time, cybercrime is becoming more industrialised, with AI tools lowering the barrier to entry for attackers.<\/p>\n\n\n\n<p><strong>Security in an era of compounding crises<\/strong><\/p>\n\n\n\n<p>For the wider mobile industry, the threat landscape is widening in less obvious ways as digital dependence grows and natural disasters become more frequent and more disruptive. Natural disasters can create cybersecurity risks that are not always immediately visible. When infrastructure is damaged, operators focus first on restoring connectivity. However, networks often operate in temporary configurations during recovery. Temporary equipment is deployed quickly. Authentication controls may be relaxed. Monitoring gaps can open up. As a result, cyber exposure can increase significantly, sometimes persisting for weeks after physical connectivity has been restored.<\/p>\n\n\n\n<p>Nagendra Bykampadi, Vice President for Security Research and Standards at <a href=\"https:\/\/corp.mobile.rakuten.co.jp\/english\/\">Rakuten Mobile<\/a>, explained this dynamic during the Security Summit. \u201cDisasters like an earthquake create the perfect conditions for cyberattacks,\u201d he told attendees. When the Noto Peninsula earthquake struck Japan in January 2024, the disaster caused severe infrastructure damage across the Ishikawa region, including power outages and damaged fibre routes which disrupted connectivity. Mobile network operators deployed temporary base stations and emergency communications systems while engineers repaired the damaged network. Rakuten restored major network areas within two weeks. However, parts of the network remained unpatched for almost two months. This created a prolonged window of vulnerability that attackers could have exploited at any point during recovery.<\/p>\n\n\n\n<p>Cyber threats appeared during the recovery phase. Attackers launched misinformation campaigns, phishing scams and fake websites targeting people responding to the disaster. Bykampadi added that in previous earthquakes and natural disasters, attackers have also targeted emergency systems or launched ransomware campaigns during recovery periods.<\/p>\n\n\n\n<p>Operators must therefore manage two challenges simultaneously. \u201cOperators fight the war on two fronts,\u201d Bykampadi said. \u201cOn one side you have physical destruction and on the other side attackers probing the weakened defences. What saves you during a disaster is what you do before the disaster.\u201d In this respect, resilience planning and AI in mobile network security strategies will become increasingly connected.<\/p>\n\n\n\n<p><strong>AI in mobile network security<\/strong><\/p>\n\n\n\n<p>Artificial intelligence is also reshaping the economics of cyberattacks. In the past, launching sophisticated attacks required specialised expertise and preparation. However, AI is lowering those barriers. Automated tools can generate phishing campaigns, analyse vulnerabilities and adapt malware quickly.<\/p>\n\n\n\n<p>Dan Beaman, Global Director for 5G, IoT and MEC Security at <a href=\"https:\/\/www.paloaltonetworks.com\/\">Palo Alto Networks<\/a>, highlighted this shift during the Security Summit. \u201cWhile we\u2019re gaining efficiencies, attackers are also gaining efficiencies,\u201d he said. As a result, organisations including operators may face a sharp rise in attack volume. When the cost of launching cyberattacks falls, more actors can participate.<\/p>\n\n\n\n<p>However, operators also hold an important advantage. Mobile networks generate large volumes of operational data. This telemetry reveals traffic behaviour, network performance and device activity. When analysed effectively, it can help identify anomalies across complex infrastructure environments.<\/p>\n\n\n\n<p>Geri Revay, Principal <a href=\"https:\/\/www.fortiguard.com\/\">FortiGuard Labs<\/a> Consultant for EMEA at <a href=\"https:\/\/www.fortinet.com\/\">Fortinet<\/a>, described how AI strengthens defensive capabilities. \u201cUltimately, AI gives us better visibility, deeper insights, faster reaction times and smarter automation,\u201d he said.<\/p>\n\n\n\n<p>AI is therefore creating a technological arms race. Both attackers and defenders rely on automation to scale their capabilities. In the long term, success will depend on which side can use intelligence and data more effectively. For this reason, investment in AI in mobile network security is now an essential priority for operators.<\/p>\n\n\n\n<p><strong>The human dimension of cybersecurity<\/strong><\/p>\n\n\n\n<p>Despite advances in automation, cybersecurity still depends heavily on human expertise. Artificial intelligence can accelerate detection and response. However, it cannot replace the judgement required to understand complex systems or anticipate emerging risks.<\/p>\n\n\n\n<p>Anton Bonifacio, Chief AI Officer and Chief Information Security Officer at <a href=\"https:\/\/www.globe.com.ph\/\">Globe Telecom<\/a>, emphasised the speed of technological change. \u201cWe can\u2019t even catch up with the pace that AI development and technology is happening,\u201d he said.<\/p>\n\n\n\n<p>Security teams must now protect systems that evolve faster than traditional frameworks were designed to handle. As a result, many organisations are rethinking how they structure their security teams.<\/p>\n\n\n\n<p>Increasingly, companies recruit software engineers and data scientists alongside security specialists. These professionals help build automated protection systems and integrate security directly into development processes.<\/p>\n\n\n\n<p>However, the industry still faces a major workforce challenge. Akshay Joshi, Head of the World Economic Forum\u2019s <a href=\"https:\/\/centres.weforum.org\/centre-for-cybersecurity\/home\">Centre for Cybersecurity<\/a>, noted that millions of cybersecurity roles remain unfilled worldwide. \u201cThe cybersecurity industry hasn\u2019t done as good a job in making it an aspirational career option,\u201d he said.<\/p>\n\n\n\n<p>Consequently, the future cybersecurity workforce will require a broader mix of expertise. Network engineering, software development and data science are becoming closely connected. Discussions about AI in mobile network security therefore focus not only on technology but also on skills and workforce development.<\/p>\n\n\n\n<p><strong>The industrialisation of cybercrime<\/strong><\/p>\n\n\n\n<p>Cybercrime has evolved into a structured digital marketplace. Activities that once required specialised technical knowledge can now be carried out using rented tools and services. Darrin Jones described this change during the Security Summit. \u201cToday all of that is instantly available for rent online on the dark web,\u201d he said.<\/p>\n\n\n\n<p>This cybercrime-as-a-service model changes the economics of cyberattacks. Malware kits, phishing platforms and attack infrastructure can be purchased or rented in modular form. As a result, the barrier to entry falls while the scale of activity increases.<\/p>\n\n\n\n<p>Consequently, cybercrime increasingly resembles organised business operations. Fraud networks, ransomware campaigns and phishing groups often operate through affiliate programmes and revenue sharing models. These structures allow criminal groups to scale quickly and reach global targets.<\/p>\n\n\n\n<p>For operators, this shift has important implications. Cyber risk is no longer defined only by highly sophisticated attackers. Instead, large numbers of less skilled actors can launch attacks using shared infrastructure.<\/p>\n\n\n\n<p>Survey findings cited during the Security Summit suggested that cyber fraud has become widespread. Therefore, law enforcement agencies must work closely with operators and technology providers. Strengthening AI in mobile network security capabilities may help detect and disrupt large volumes of automated cyberattacks.<\/p>\n\n\n\n<p><strong>Collaboration as the foundation of cybersecurity<\/strong><\/p>\n\n\n\n<p>If cybercrime is becoming more organised, defence must also become more coordinated. Modern network infrastructure spans operators, equipment vendors, cloud providers, governments and standards bodies. As a result, no single organisation has full visibility into the threat landscape.<\/p>\n\n\n\n<p>Operators observe network behaviour and traffic patterns. Security vendors analyse malware and attack techniques. Meanwhile, law enforcement agencies track criminal networks and financial flows.<\/p>\n\n\n\n<p>Each actor therefore holds only part of the picture. Effective cybersecurity increasingly depends on connecting these perspectives. Information sharing between operators, vendors and government agencies allows threats to be identified earlier and mitigated faster.<\/p>\n\n\n\n<p>Speakers emphasised this point repeatedly at the Security Summit. As networks become more software driven, vulnerabilities in one system can affect others across the ecosystem. For this reason, protecting mobile networks requires collective action that strengthens the resilience of the entire infrastructure environment. As chair of the <a href=\"https:\/\/www.gsma.com\/get-involved\/working-groups\/fraud-security-group\/\">GSMA Fraud and Security Group<\/a>, Eugene Liderman, Senior Director of Android Security and Privacy at <a href=\"https:\/\/developers.google.com\/android\/security\">Google<\/a>, highlighted the value of the GSMA\u2019s working group, which spans fraud management, cybersecurity specifications and intelligence sharing.<\/p>\n\n\n\n<p><strong>The road ahead for mobile network security<\/strong><\/p>\n\n\n\n<p>Cybersecurity will shape the design of future mobile networks as much as speed, capacity or coverage. Kevin Adams, Director for Digital Infrastructure at the UK <a href=\"https:\/\/www.gov.uk\/government\/organisations\/department-for-science-innovation-and-technology\">Department for Science, Innovation and Technology<\/a>, pointed to new international principles for resilient mobile infrastructure, including protection from cyber and physical threats, strong supply chains and continuous service.<\/p>\n\n\n\n<p>These are crucial because future mobile networks will underpin essential services such as healthcare, transport and emergency response. As such, resilience cannot be treated as an extra layer added later. It has to be built into network architecture from the outset. Gabriela Styf Sj\u00f6man, Managing Director of Research and Network Strategy at <a href=\"https:\/\/www.bt.com\/about\">BT Group<\/a>, likewise stressed the need for closer cooperation across the industry. Yargin Xiao, Vice President of Cybersecurity and Privacy Protection at <a href=\"https:\/\/www.huawei.com\/eu\">Huawei<\/a>, made that call explicit: &#8220;No one company can handle this alone. We should work together \u2014 vendors, suppliers, customers and ecosystem partners \u2014 to build AI-driven capabilities to share threat intelligence. Together, we can build a collaborative, AI-driven defence network.&#8221;<br><br><\/p>\n\n\n\n<p>This collaboration is crucial as we enter an era where AI will not make mobile network security simpler. It will make the challenge faster, broader and harder to manage. Attackers are already using AI to scale fraud, phishing and malware. Conversely, defenders are using it to improve detection, response and automation. The deeper shift, however, is that mobile network security now depends not only on preventing attacks, but on building networks that can absorb disruption, recover quickly and continue supporting critical services under pressure.<\/p>\n\n\n\n<p>For more information on the GSMA\u2019s work on fraud and security, please visit: <a href=\"https:\/\/www.gsma.com\/solutions-and-impact\/technologies\/security\/\">GSMA Security<\/a><br>\u00a0\u00a0<br>To explore the latest threat trends shaping the mobile industry in depth, download our latest Landscape Report: <a href=\"https:\/\/www.gsma.com\/solutions-and-impact\/technologies\/security\/gsma-mobile-telecommunications-security-landscape-2026\/\">2026 GSMA Security Landscape Report<\/a><\/p>\n\n\n\n<p><\/p>\n","protected":false},"excerpt":{"rendered":"<p>\u201cCompliance is smoke detectors and fire extinguishers. If you stay in this business long enough, you\u2019re going to have a fire.\u201d That message from INTERPOL\u2019s Darrin Jones, Executive Director for Partnerships and Planning, pointed to a more hard-headed philosophy of security at the MWC26 Barcelona Security Summit. Protecting mobile networks now requires thinking beyond traditional [&hellip;]<\/p>\n","protected":false},"author":66,"featured_media":14166,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_oasis_is_in_workflow":0,"_oasis_original":0,"_oasis_task_priority":"","footnotes":""},"categories":[1],"tags":[],"algolia_discover_type":[1549],"class_list":["post-14258","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-general","algolia_discover_type-article"],"yoast_head":"<!-- This site is optimized with the Yoast SEO Premium plugin v24.3 (Yoast SEO v24.3) - https:\/\/yoast.com\/wordpress\/plugins\/seo\/ -->\n<title>Mobile network security requires resilience as well as defence - Security<\/title>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.gsma.com\/solutions-and-impact\/technologies\/security\/general\/mobile-network-security-requires-resilience-as-well-as-defence\/\" \/>\n<meta property=\"og:locale\" content=\"en_GB\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Mobile network security requires resilience as well as defence - Security\" \/>\n<meta property=\"og:description\" content=\"\u201cCompliance is smoke detectors and fire extinguishers. If you stay in this business long enough, you\u2019re going to have a fire.\u201d That message from INTERPOL\u2019s Darrin Jones, Executive Director for Partnerships and Planning, pointed to a more hard-headed philosophy of security at the MWC26 Barcelona Security Summit. Protecting mobile networks now requires thinking beyond traditional [&hellip;]\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.gsma.com\/solutions-and-impact\/technologies\/security\/general\/mobile-network-security-requires-resilience-as-well-as-defence\/\" \/>\n<meta property=\"og:site_name\" content=\"Security\" \/>\n<meta property=\"article:published_time\" content=\"2026-04-09T09:58:00+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2026-04-09T10:35:19+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/www.gsma.com\/solutions-and-impact\/technologies\/security\/wp-content\/uploads\/2026\/03\/sec-con.jpeg\" \/>\n\t<meta property=\"og:image:width\" content=\"1280\" \/>\n\t<meta property=\"og:image:height\" content=\"853\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/jpeg\" \/>\n<meta name=\"author\" content=\"ehenderson@gsma.com\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"ehenderson@gsma.com\" \/>\n\t<meta name=\"twitter:label2\" content=\"Estimated reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"8 minutes\" \/>\n<!-- \/ Yoast SEO Premium plugin. -->","yoast_head_json":{"title":"Mobile network security requires resilience as well as defence - Security","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.gsma.com\/solutions-and-impact\/technologies\/security\/general\/mobile-network-security-requires-resilience-as-well-as-defence\/","og_locale":"en_GB","og_type":"article","og_title":"Mobile network security requires resilience as well as defence - Security","og_description":"\u201cCompliance is smoke detectors and fire extinguishers. If you stay in this business long enough, you\u2019re going to have a fire.\u201d That message from INTERPOL\u2019s Darrin Jones, Executive Director for Partnerships and Planning, pointed to a more hard-headed philosophy of security at the MWC26 Barcelona Security Summit. Protecting mobile networks now requires thinking beyond traditional [&hellip;]","og_url":"https:\/\/www.gsma.com\/solutions-and-impact\/technologies\/security\/general\/mobile-network-security-requires-resilience-as-well-as-defence\/","og_site_name":"Security","article_published_time":"2026-04-09T09:58:00+00:00","article_modified_time":"2026-04-09T10:35:19+00:00","og_image":[{"width":1280,"height":853,"url":"https:\/\/www.gsma.com\/solutions-and-impact\/technologies\/security\/wp-content\/uploads\/2026\/03\/sec-con.jpeg","type":"image\/jpeg"}],"author":"ehenderson@gsma.com","twitter_card":"summary_large_image","twitter_misc":{"Written by":"ehenderson@gsma.com","Estimated reading time":"8 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"WebPage","@id":"https:\/\/www.gsma.com\/solutions-and-impact\/technologies\/security\/general\/mobile-network-security-requires-resilience-as-well-as-defence\/","url":"https:\/\/www.gsma.com\/solutions-and-impact\/technologies\/security\/general\/mobile-network-security-requires-resilience-as-well-as-defence\/","name":"Mobile network security requires resilience as well as defence - Security","isPartOf":{"@id":"https:\/\/www.gsma.com\/solutions-and-impact\/technologies\/security\/#website"},"primaryImageOfPage":{"@id":"https:\/\/www.gsma.com\/solutions-and-impact\/technologies\/security\/general\/mobile-network-security-requires-resilience-as-well-as-defence\/#primaryimage"},"image":{"@id":"https:\/\/www.gsma.com\/solutions-and-impact\/technologies\/security\/general\/mobile-network-security-requires-resilience-as-well-as-defence\/#primaryimage"},"thumbnailUrl":"https:\/\/www.gsma.com\/solutions-and-impact\/technologies\/security\/wp-content\/uploads\/2026\/03\/sec-con.jpeg","datePublished":"2026-04-09T09:58:00+00:00","dateModified":"2026-04-09T10:35:19+00:00","author":{"@id":"https:\/\/www.gsma.com\/solutions-and-impact\/technologies\/security\/#\/schema\/person\/06397f185befa1985d4ee28109cc2759"},"inLanguage":"en-GB","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.gsma.com\/solutions-and-impact\/technologies\/security\/general\/mobile-network-security-requires-resilience-as-well-as-defence\/"]}]},{"@type":"ImageObject","inLanguage":"en-GB","@id":"https:\/\/www.gsma.com\/solutions-and-impact\/technologies\/security\/general\/mobile-network-security-requires-resilience-as-well-as-defence\/#primaryimage","url":"https:\/\/www.gsma.com\/solutions-and-impact\/technologies\/security\/wp-content\/uploads\/2026\/03\/sec-con.jpeg","contentUrl":"https:\/\/www.gsma.com\/solutions-and-impact\/technologies\/security\/wp-content\/uploads\/2026\/03\/sec-con.jpeg","width":1280,"height":853,"caption":"Audience members sit and applaud during an indoor event or conference, with a dark background."},{"@type":"WebSite","@id":"https:\/\/www.gsma.com\/solutions-and-impact\/technologies\/security\/#website","url":"https:\/\/www.gsma.com\/solutions-and-impact\/technologies\/security\/","name":"Security","description":"GSMA Security","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.gsma.com\/solutions-and-impact\/technologies\/security\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-GB"},{"@type":"Person","@id":"https:\/\/www.gsma.com\/solutions-and-impact\/technologies\/security\/#\/schema\/person\/06397f185befa1985d4ee28109cc2759","name":"ehenderson@gsma.com","image":{"@type":"ImageObject","inLanguage":"en-GB","@id":"https:\/\/www.gsma.com\/solutions-and-impact\/technologies\/security\/#\/schema\/person\/image\/","url":"https:\/\/secure.gravatar.com\/avatar\/5174b854e8868f2475d4b9d5d155fc08?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/5174b854e8868f2475d4b9d5d155fc08?s=96&d=mm&r=g","caption":"ehenderson@gsma.com"}}]}},"featured_image_url":"https:\/\/www.gsma.com\/solutions-and-impact\/technologies\/security\/wp-content\/uploads\/2026\/03\/sec-con.jpeg","_links":{"self":[{"href":"https:\/\/www.gsma.com\/solutions-and-impact\/technologies\/security\/wp-json\/wp\/v2\/posts\/14258","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.gsma.com\/solutions-and-impact\/technologies\/security\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.gsma.com\/solutions-and-impact\/technologies\/security\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.gsma.com\/solutions-and-impact\/technologies\/security\/wp-json\/wp\/v2\/users\/66"}],"replies":[{"embeddable":true,"href":"https:\/\/www.gsma.com\/solutions-and-impact\/technologies\/security\/wp-json\/wp\/v2\/comments?post=14258"}],"version-history":[{"count":1,"href":"https:\/\/www.gsma.com\/solutions-and-impact\/technologies\/security\/wp-json\/wp\/v2\/posts\/14258\/revisions"}],"predecessor-version":[{"id":14259,"href":"https:\/\/www.gsma.com\/solutions-and-impact\/technologies\/security\/wp-json\/wp\/v2\/posts\/14258\/revisions\/14259"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.gsma.com\/solutions-and-impact\/technologies\/security\/wp-json\/wp\/v2\/media\/14166"}],"wp:attachment":[{"href":"https:\/\/www.gsma.com\/solutions-and-impact\/technologies\/security\/wp-json\/wp\/v2\/media?parent=14258"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.gsma.com\/solutions-and-impact\/technologies\/security\/wp-json\/wp\/v2\/categories?post=14258"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.gsma.com\/solutions-and-impact\/technologies\/security\/wp-json\/wp\/v2\/tags?post=14258"},{"taxonomy":"algolia_discover_type","embeddable":true,"href":"https:\/\/www.gsma.com\/solutions-and-impact\/technologies\/security\/wp-json\/wp\/v2\/algolia_discover_type?post=14258"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}