Communication service providers (CSPs) must make security the core of their network growth strategies, because without it, the benefits of automation cannot be fully realised.
This is according to Vikas Dahiya, global head of security at Nokia, who says over the past decade, CSPs have invested in cloud, automation and AI to achieve autonomy in their networks – and the effort is only intensifying.
“This year, CSPs will double down on their strategies, targeting advanced automation levels,” says Dahiya.
He links this investment and the benefits associated with autonomous networks. “Our research shows that autonomous networks can yield $800 million in annual benefits, including capex savings and revenue uplift. AI and automation together form the foundation, driving efficiency and reducing incidents.”
However, to realise these benefits, security must remain a top priority.
“Adopting a zero trust approach, predictive security and embedding protection across every network layer is crucial to maintain resilience as networks become more complex,” Dahiya adds.
In addition to the growing complexity of networks, companies must be cognisant of the extent to which cyber criminals are also using GenAI, adds Dahiya.
Nokia believes cyber criminals are increasingly using GenAI to create sophisticated malware, craft convincing phishing schemes and automate the process of discovering vulnerabilities.
“They can even use GenAI to scale attacks rapidly, making them harder to identify and stop in time. For example, GenAI can enable cyber criminals to generate highly targeted, personalised phishing e-mails or mimic network behaviours to avoid detection,” says Dahiya.
He notes that telecoms security teams are fighting fire with fire, using GenAI to enhance their defences.
“AI tools can detect attack patterns and discover unknown, zero-day threats, as well as automate the response at a speed and scale beyond human capabilities. The battle is indeed a cat-and-mouse game, with both sides leveraging the power of AI, but the advantage lies with those who continuously innovate and evolve their defensive strategies.”
Nokia advocates predictive security, a transition from the conventional reactive approach.
Dahiya explains that predictive security is where networks proactively identify and mitigate vulnerabilities.
“This shift is critical for building trust and resilience in a hyper-connected world. Security can’t be an afterthought; it must be a central part of the conversation as CSPs advance their AI and automation journeys.”
AI and XDR
5G networks generate vast amounts of security data that is too much for traditional tools and human analysts to handle efficiently.
That’s where AI and extended detection and response (XDR) systems make a difference, Dahiya continues. “XDR integrates data from endpoints, cloud environments and security systems to deliver a unified view of telecoms networks. AI then analyses this data, spotting anomalies and uncovering hidden patterns at machine speed.”
With the billions of data points generated by 5G’s scale and complexity, large language models (LLMs) are well-suited to analyse and interpret this information. When combined with XDR, LLMs can reduce detection and resolution times from hours to minutes, depending on the nature of the cyber attack, claims the Nokia boss.
Organised crime
These syndicates work like structured organisations, with roles such as developers, strategists and even HR departments for recruitment. This structure allows them to plan, execute and scale cyber attacks more efficiently and with greater impact.
Nokia explains that new models like cyber crime as a service lower the barriers to entry, allowing even low-skilled attackers to launch ransomware or phishing campaigns, not to mention the quickly evolving social engineering techniques (deepfakes, voice and video manipulations) that craft convincing scams and target employees and executives.
Telecoms businesses are often at a disadvantage in terms of resources. Says Dahiya: “It's not just a matter of hiring security experts; they need professionals who not only have deep knowledge of cyber security but also understand the specific nuances of telecoms networks. Telecoms infrastructure is highly complex, involving unique protocols, legacy systems and technologies like 5G and cloud-based services. Finding such multi-skilled professionals (cyber security experts with telecoms expertise) is even more difficult for them.”
Telecoms services providers
Telecoms companies have a lot on their plates. Their networks are mission-critical, supporting everything from daily communications to advanced technologies like V2X. The complexity of their networks – mixing legacy systems with modern cloud tech – means leaders need to stay ahead on both innovation and security.
“AI-driven tools are key to detecting new threats, like AI-generated malware. If telecoms companies don’t keep up with these advancements, they risk falling behind, facing security threats and dealing with major fines,” Dahiya continues.
He adds that despite several challenges faced by telecoms companies to upgrade their network security – including network complexity, legacy systems, modern protocols and budgets – telecommunications services providers must invest to stay ahead of evolving threats and comply with stringent regulations.
Share