A GSMA Intelligence report has revealed the list of leading telecom operators in Europe that have made significant investments in cybersecurity. These companies are driving innovation in telecom security solutions, addressing the rising threats to mobile networks, IoT devices, and digital infrastructure.

The perceived threat level is highest for mobile and IoT devices, the GSMA Intelligence security survey of telecom operators in Europe said. 70–80 percent of operators rated their defenses for these assets as either strong or very strong, according to Tim Hatt, Head of Research and Consulting; James Joiner, Lead Analyst; and Silvia Presello, Lead Analyst at GSMA Intelligence.

Telecom Security Investment Trends & Solutions

BT, a telecom operator in the U.K., has a Chief Security and Networks Officer who manages cyber, physical, and personnel security.

KPN has a Code of Conduct for employees, providing clear privacy guidance, including how to deal with customer information. Employees must also perform KPN’s privacy awareness e-learning training every two years.

Telefonica, one of the leading telecom operators with a strong presence in Europe, incorporates privacy and security into the concept of its products/services and subsequently throughout the development process.

Telia has developed and improved its security governance in alignment with standards and best practices such as ISO/IEC 27001, NIST Cybersecurity Framework (CSF) and CIS Critical Security Controls (CSC).

Operators also engage in non-industry-specific intelligence-sharing communities. Telenor is a member of the Information Security Forum, contributing as a council member and collaborating with vendors and partners to share intelligence.

Deutsche Telekom is a member of the Alliance for Cyber Security, a platform created by Germany’s Federal Office for Information Security and the Federal Association for Information Technology (Bitkom) to share knowledge on cybersecurity risks.

Elisa has enhanced its security posture by hiring a third-party firm that specializes in security awareness and phishing training. The firm trained Elisa’s staff using personalised phishing simulations, adjusting for employees’ skills and backgrounds to keep the training relevant and challenging for everyone.

Over the past six years, Elisa has maintained a phishing simulation failure rate below 2 percent and an engagement rate of over 70 percent. This gives Elisa a resilience score above 33, which surpasses most companies globally. Elisa’s real threat reporting rates are also high, helping combat threats such as ransomware.

Regulators in a number of countries are adopting measures to combat spoofing practices. Arcep has mandated STIR/ SHAKEN (Secure Telephone Identity Revisited / Signature-based Handling of Asserted Information Using toKENs) protocols for all national SIP traffic in France.

How Mobile Operators Are Strengthening Digital Security

In January 2024, SFR (part of Altice France) announced the production deployment of the STIR/ SHAKEN framework. The deployment builds on previous STIR/SHAKEN deployments in North America, which have helped reduce unwanted robocalls.

Orange has launched its Cybersecure portal, enabling both Orange and non-Orange subscribers to check the legitimacy of suspicious sites, links, emails and SMS.

SMS firewalls are a key part of an operator’s defense against fraudulent SMS traffic. Vodafone has implemented a SMS firewall in September 2021. During its first full month of operation, it blocked 18 million fraudulent SMS messages.

BT’s Enhanced Call Protect highlights how fraud prevention solutions are evolving beyond dependence on number history analytics and validity checks to thwart fraudulent calls. BT’s solution, deployed in partnership with Hiya, has stopped more than 20 million scam and spam attempts in the first four months since it was introduced in May 2024.

In December 2023, Orange, Telefonica and Vodafone launched two Open Gateway APIs focused on improving digital security in Spain.

Second-hand fashion e-commerce retailer Vinted has integrated the GSMA Open Gateway Number Verify API into its security framework.

WindTre, in partnership with a third-party security vendor, offers subscribers two cybersecurity plans. The entry-level plan for €0.99 per month offers safe browsing on the WindTre network. The WindTre Security Pro+ plan for €1.99 per month offers both network-based and end-point security.

Operators in Europe offer digital security solutions. Telefonica Germany offers network-based security solutions to its subscribers in order to detect and block malicious activity in real-time using machine learning algorithms and behavioral analysis.

DNA’s Digiturva service shields against security threats, safeguarding devices, personal data, passwords, and internet activity. The service operates on mobile devices through a single app and is also available for use on desktop computers.

Deutsche Telekom, which faces 30,000 to 40,000 attack attempts every minute, has opened a new Master Security Operations Center in Bonn, Germany. More than 250 cybersecurity experts in the Master SOC monitor Deutsche Telekom’s systems and those of its customers, ensuring defense against cyber threats. The SOC analyses billions of security-related data points from 250,000 sources. Deutsche Telekom assesses up to 95 million daily attempted attacks on its decoy traps live, integrating these insights into the Threat Intelligence database.

Swisscom has implemented a Security Orchestration Automation and Response (SOAR) solution to automate repetitive tasks by linking case management systems with security tools, asset databases, and ticketing systems.

Operators are using genAI to enhance SOC automation and improve their security posture. BT is utilising genAI to sift through internal and external documents, enabling the visualization of potential attacks and streamlining the work of security analysts.

Operators are deploying signalling firewalls that support multiple security protocols. Telenet Belgium has deployed a signalling firewall covering both Signalling System 7 (SS7) and Diameter networks. This helps prevent a range of attacks, including data theft, identity spoofing, location tracing and denial-of-service attacks.

Final Thoughts

Telecom security solutions are at the forefront of safeguarding networks, devices, and data in an increasingly connected world. By investing in innovative technologies and robust defenses, leading telecom operators are setting new standards in digital security.