Cybersecurity is eating a larger share of telecom budgets than ever before—and the curve isn’t flattening. The newest GSMA Intelligence findings suggest that operators worldwide could be spending $40–$42 billion per year on cybersecurity by 2030, more than double today’s levels. And according to GSMA’s detailed November 2025 report, this growth isn’t just reactive. It’s structural. Threats are multiplying, regulation is tightening, and mobile networks are so deeply woven into economies that any failure has societal consequences.

All this is reshaping how operators plan networks, manage risk, invest in staff, structure procurement, and communicate with customers. Cybersecurity is no longer a “technical function”—it’s the backbone of mobile operations.

Threats Are Rising Faster Than Networks Can Defend

The GSMA report pulls no punches: cyberattacks have surged 75% in just five years, and the cost of cybercrime is projected to hit $10.5 trillion globally by 2025. Attackers range from state-backed groups to ransomware-as-a-service operators who now operate like SaaS startups themselves.

Mobile networks are prime targets because of their scale, economic importance, and access to intelligence-rich data. One operator interviewed in the report described 70 million daily attacks on their honeypot systems, while another recorded 3.5 billion malware-delivery attempts in a single year.

Telecoms have become the battlefield. Operators simply must spend more—because not spending is existential.

Why Mobile Operators Carry a Unique Cyber Burden

Cyber risk in telecoms is unlike any other sector. Operators are not just securing business systems—they’re protecting the primary digital access point for billions of people. In many regions, especially low- and middle-income countries, mobile networks are the only internet infrastructure. In Sub-Saharan Africa, fixed broadband penetration is still below 0.5%, while mobile broadband reaches 48% of the population.

That means one DDoS attack on a mobile operator isn’t just a disruption—it’s a national outage.

In markets where mobile money dominates everyday transactions, such as Kenya, Ghana, or the Philippines (where GCash has 100 million users), the stakes are even higher. A single breach can destabilize financial inclusion, not just a network.

So the reality is simple: telecom cybersecurity failures don’t remain in telecom. They spill into healthcare, finance, transport, elections, and national security.

Operators Already Spend Billions—and That’s Just the Core Budget

The GSMA study estimates operators currently spend $15–$19 billion per year on core cybersecurity programs—the parts that are visible in IT budgets, such as SOC teams, monitoring tools, and security software. But the report is very clear: this number dramatically underestimates the true cost, because cybersecurity touches everything. Security-by-design extends development timelines, vendor choices must reflect security posture, supply-chain assurance is now mandatory, and compliance consumes personnel and budget.

One European operator put it bluntly:

“Cybersecurity costs are integrated into all our operations, even those that don’t explicitly fall under cybersecurity.”

The shift from hardware security to software-based, cloud-native, and AI-enhanced security tools also means operators must continually re-architect how they defend networks.

Regulatory Pressure Is Rising—But Not Always Helping

One of the most important points in the GSMA report is that cybersecurity regulation is expanding faster than operators can keep up—and not always in the right direction. Many operators interviewed highlight a “patchwork of conflicting, duplicative rules” coming from telecom regulators, cybersecurity agencies, data-protection authorities, financial regulators, and even emerging AI regulators.

Several said they now spend more time formatting compliance reports than fighting threats.

Overlapping rules create costly contradictions

• Some countries require incident reporting within 6 hours—but to multiple agencies, with different definitions of what constitutes an incident.
• Operators often default to the strictest requirement, even when misaligned with risk.
• Compliance teams are stretched thin, sometimes spending “80% of the year on audits,” according to one Asia-Pacific operator.

This is one of the biggest takeaways from the report: poorly designed regulation can actually weaken cybersecurity.

The Global Cost Gap: Why LMIC Operators Face the Hardest Fight

Cybersecurity has a fixed cost component. Tools, SOC infrastructure, and expert talent cost roughly the same in Switzerland and Senegal. But ARPU is not the same. Operators in LMICs spend a higher percentage of revenue on cybersecurity while having less capacity to absorb the cost.

This means:

• Fewer cybersecurity hires
• Slower modernization
• Higher impact from each incident
• More strain on national digital services

The GSMA stresses the need for context-specific cybersecurity frameworks rather than one-size-fits-all mandates that only wealthy markets can meet.

What “Good” Cybersecurity Regulation Looks Like

The report identifies six principles that make regulation effective instead of burdensome.

Harmonisation
Align national rules with global standards (ISO 27001, NIST, GSMA best practices) to avoid fragmentation.

Consistency
Ensure new digital regulations don’t contradict existing telecom, privacy, or AI frameworks.

Risk- and outcome-based design
Move away from box-ticking and toward real resilience metrics.

Collaboration
Encourage shared threat intelligence and avoid punitive cultures that punish transparency.

Security-by-design
Prioritize prevention, long-term planning, and system-level resilience.

Capacity-building
Equip regulators with technical expertise so rules can be implemented effectively.

Interestingly, some of the strongest examples come from Australia and Singapore, where horizontal frameworks unify cybersecurity obligations across multiple critical sectors.

Real Cyber Incidents Show Why This Matters

In just the last two years, major operators worldwide have suffered crippling attacks:

• SK Telecom (South Korea)—breach of SIM-related data for 23 million users
• Orange Belgium—exposed data of 850,000 customers
• Beeline (Russia)—massive DDoS outages
• Vocus (Australia)—email system compromise

Each of these cases shows how different regulatory and national contexts shape the response—and how expensive regulatory misalignment can be.

The Financial and Operational Consequences

Operators told GSMA researchers that cybersecurity investments increasingly compete with network upgrades and innovation. Rising compliance demands can push back 5G or fiber expansions, digital services, and even customer-experience improvements.

Indirect consequences:

• Longer outage durations
• Slower recovery
• Reduced customer trust
• Higher systemic risk

In other words, cybersecurity is becoming the gravitational center of telecom strategy.

Conclusion

The GSMA’s findings make one thing clear: mobile operators are entering the same cybersecurity spending league as banks, cloud hyperscalers, and national infrastructure providers. But unlike those sectors, telecoms face more fragmented regulation, more cross-border exposure, and thinner margins—especially in emerging markets. Reliable authorities like ENISA, the World Economic Forum, and Gartner are all pointing to the same macro-trend: digital infrastructure has become too critical and too interconnected to secure with outdated, inconsistent, or purely prescriptive regulatory approaches.

Compared with other industries, telecoms face a harsher paradox. They must invest more than ever in cybersecurity, but every additional rule, audit, or reporting cycle risks diverting budget from the very innovations—cloud-native networks, AI-driven security, virtualized cores — that make networks safer in the long term. The operators that succeed will be the ones whose regulators enable flexibility, embrace international standards, and understand that security is an ecosystem effort, not a compliance exercise.

The cybersecurity bill is rising. The threat landscape is accelerating. But with coherent, risk-based policy and smarter collaboration, the telecom sector can keep pace—and stay ahead.