A GSMA Intelligence report has revealed the list of the leading telecom operators which have made significant investment in cyber security in Europe.
The perceived threat level is highest for mobile and IoT devices, the GSMA Intelligence security survey of telecoms operators in Europe said. 70–80 percent of operators rated their defences for these assets as either strong or very strong, according to Tim Hatt, Head of Research and Consulting; James Joiner, Lead Analyst; and Silvia Presello, Lead Analyst at GSMA Intelligence.
Security investment trends
BT, a telecom operator in the U.K., has a Chief Security and Networks Officer who manages cyber, physical and personnel security.
KPN has a Code of Conduct for employees, providing clear privacy guidance, including how to deal with customer information. Employees must also perform KPN’s privacy awareness e-learning training every two years.
Telefonica, one of the leading telecom operators with strong presence in Europe, incorporates privacy and security into the concept of its products/services and subsequently throughout the development process.
Telia has developed and improves its security governance in alignment with standards and best practices such as ISO/IEC 27001, NIST Cybersecurity Framework (CSF) and CIS Critical Security Controls (CSC).
Operators also engage in non-industry-specific intelligence sharing communities. Telenor is a member of the Information Security Forum, contributing as a council member and collaborating with vendors and partners to share intelligence.
Deutsche Telekom is a member of the Alliance for Cyber Security, a platform created by Germany’s Federal Office for Information Security and Federal Association for Information Technology (Bitkom) to share knowledge on cybersecurity risks.
Elisa has enhanced its security posture by hiring a third-party firm that specialises in security awareness and phishing training. The firm trained Elisa’s staff using personalised phishing simulations, adjusting for employees’ skills and backgrounds to keep the training relevant and challenging for everyone.
Over the past six years, Elisa has maintained a phishing simulation failure rate below 2 percent and an engagement rate over 70 percent. This gives Elisa a resilience score above 33, which surpasses most companies globally. Elisa’s real threat reporting rates are also high, helping combat threats such as ransomware.
Regulators in a number of countries are adopting measures to combat spoofing practices. Arcep has mandated STIR/ SHAKEN (Secure Telephone Identity Revisited / Signature-based Handling of Asserted Information Using toKENs) protocols for all national SIP traffic in France.
In January 2024, SFR (part of Altice France) announced the production deployment of the STIR/ SHAKEN framework. The deployment builds on previous STIR/SHAKEN deployments in North America, which have helped reduce unwanted robocalls.
Orange has launched its Cybersecure portal, enabling both Orange and non-Orange subscribers to check the legitimacy of suspicious sites, links, emails and SMS.
SMS firewalls are a key part of an operator’s defence against fraudulent SMS traffic. Vodafone has implemented a SMS firewall in September 2021. During its first full month of operation, it blocked 18 million fraudulent SMS messages.
BT’s Enhanced Call Protect highlights how fraud prevention solutions are evolving beyond dependence on number history analytics and validity checks to thwart fraudulent calls. BT’s solution, deployed in partnership with Hiya, has stopped more than 20 million scam and spam attempts in the first four months since it was introduced in May 2024.
In December 2023, Orange, Telefonica and Vodafone launched two Open Gateway APIs focused on improving digital security in Spain.
Second-hand fashion e-commerce retailer Vinted has integrated the GSMA Open Gateway Number Verify API into their security framework.
WindTre, in partnership with a third-party security vendor, offers subscribers two cybersecurity plans. The entry-level plan for €0.99 per month offers safe browsing on the WindTre network. The WindTre Security Pro+ plan for €1.99 per month offers both network-based and end-point security.
Operators in Europe offer digital security solutions. TelefOnica Germany offers network-based security solution to its subscribers in order to detect and block malicious activity in real time using machine learning algorithms and behavioural analysis.
DNA’s Digiturva service shields against security threats, safeguarding devices, personal data, passwords and internet activity. The service operates on mobile devices through a single app and is also available for use on desktop computers.
Deutsche Telekom, which faces 30,000 to 40,000 attack attempts every minute, has opened a new Master Security Operations Center in Bonn, Germany. More than 250 cybersecurity experts in the Master SOC monitor Deutsche Telekom’s systems and those of its customers, ensuring defence against cyber threats. The SOC analyses billions of security-related data points from 250,000 sources. Deutsche Telekom assesses up to 95 million daily attempted attacks on its decoy traps live, integrating these insights into the Threat Intelligence database.
Swisscom has implemented a Security Orchestration Automation and Response (SOAR) solution to automate repetitive tasks by linking case management systems with security tools, asset databases and ticketing systems.
Operators are using genAI to enhance SOC automation and improve their security posture. BT is utilising genAI to sift through internal and external documents, enabling the visualisation of potential attacks and streamlining the work of security analysts.
Operators are deploying signalling firewalls that support multiple security protocols. Telenet Belgium has deployed a signalling firewall covering both Signalling System 7 (SS7) and Diameter networks. This helps prevent a range of attacks, including data theft, identity spoofing, location tracing and denial-of-service attacks.
Baburajan Kizhakedath
