Anticipating potential vulnerabilities, constantly monitoring for anomalies and developing robust incident response plans are now baseline resilience capabilities information security leaders need to tackle today’s threats amplified by artificial intelligence (AI).
This is especially true in the telecommunications space, with its hyperconnected networks encompassing virtualized network functions (VNFs), cloud-native applications, mobile edge computing nodes and billions of connected devices. Protecting these digital and physical assets requires considerable proactivity and tenacity.
Some forward-thinking telecom chief information security officers (CISOs) are staying ahead of the curve with a combination of artificial intelligence, zero-trust security architecture and identity management tools to secure the next-generation networks. These tools allow continuous identity validation, autonomous threat detection and dynamic governance, giving CISOs the visibility, flexibility and smart (real-time) capabilities to defuse or prevent threats.
How the threat landscape for telecom has changed
According to Check Point Research, the telecommunications sector experienced the third-highest percentage increase in cyberattacks in the first quarter of 2025, a 94% jump from the previous year, reaching 2,664 attacks per organization weekly. The only two sectors that had more attacks were education and government, according to the survey.
Not only has the number of threats grown, but they are also becoming more sophisticated. These, however, are most common:
- Insider threats and misconfiguration: These usually stem from unauthorized access and data breaches, often resulting from insufficient access controls and lack of employee awareness.
- SIM swap fraud and mobile identity theft: These methods exploit vulnerabilities in mobile authentication processes.
- Supply chain vulnerabilities from third-party vendors: Reliance on external vendors opens paths for supply chain attacks.
- Application programming interface (API) sprawl across customer portals and business support systems/operational support systems (BSS/OSS) platforms: Unchecked API growth can create security vulnerabilities, increased complexity and operational inefficiencies, particularly as organizations scale and integrate more systems and services.
Moreover, CISOs must also deal with many rules that require strong security systems and active risk management. These include the following:
- Federal Communications Commission cybersecurity rules: Require telecom companies and internet service providers to monitor their networks continuously, implement encryption protocols and ensure that they comply with evolving standards.
- National Institute of Standards and Technology (NIST) zero-trust guidelines: Call for a fundamental shift in traditional security models, requiring advanced identity and access management (IAM) systems, real-time analytics, and integration across legacy and modern systems.
- GDPR (General Data Protection Regulation): Requires organizations to have full visibility into their data flows, robust encryption and incident response capabilities.
- Cybersecurity and Information Security Agency (CISA) reporting mandates: Demand that organizations develop rapid incident detection and response capabilities and establish mechanisms for sharing sensitive information without compromising operational security.
Since managing these diverse compliance demands in isolation is not sustainable, some CISOs are turning to a unified approach, deploying zero-trust security, identity management and AI to get the job done. A breakdown of how the combined solutions work to support telecom CISOs follows.
Zero trust in telecom
Telecom environments, which are decentralized and constantly changing, are ideally suited for zero- trust network access (ZTNA), which prioritizes ongoing verification over assumed trust. What is zero trust?
Essentially, zero trust is a security model that inherently distrusts all users and devices, and it mandates evaluating every access request individually. This contrasts with older security models that automatically trusted employees and company-owned devices, assuming they were safe because they were inside the corporate network.
Telecom CISOs are using ZTNA in various functions, including the following:
- Workforce access — Replacing virtual private networks (VPNs) with software-defined, identity-based access
- Microsegmentation — Isolating VNFs and containers in cloud-native infrastructure
- IoT protection — Enforcing least privilege for devices at the network edge
Today’s more advanced zero-trust architectures are relying on AI to make decisions about access and identify threats. Additionally, telecom industry leaders have spent the last year cooperating on methods to incorporate zero-trust architecture into 5G/6G mobile networks, and in line with standards issued by the NIST. These next-generation integrations are poised to revolutionize secure connectivity in Internet of Thins (IoT) and edge computing.
IGA: The identity backbone of zero trust
Identity is the new perimeter. But managing it across the telecom industry’s sprawling attack vectors is a challenge — especially with:
- Legions of contractors, roaming engineers and call center staff
- Legacy identity silos in OSS/BSS systems
- Overprovisioned or orphaned access rights
The stakes have never been higher; hackers have recently exploited telecom networks by establishing backdoor accounts on compromised systems. This has made the use of modern identity governance and administration (IGA) solutions more urgent. IGA aligns perfectly with zero trust by ensuring that only the right identities can request access, while zero trust ensures that access requests are continuously verified and constrained.
Recent developments in IGA include using machine learning-based role mining to discover logical access groupings. The IGA platform essentially collects access data from multiple sources within the company, using this data to train a machine learning model that identifies similar user access rights, uncovers complex access trends and suggests permission groupings.
Other recent IGA innovations include just-in-time (JIT) provisioning for temporary access and automated recertification to revoke outdated access.
AI as a force multiplier for network defense
Zero-trust and IGA technologies are not new to the CISO’s toolkit, but leveraging these tools in combination with AI is advancing CISO’s threat detection, response and identity intelligence capabilities.
Within security operations centers (SOCs), we’re seeing large language models like GPT fine-tuned on security playbooks to help triage alerts and draft incident response reports. AI is being integrated into security orchestration, automation and response (SOAR) platforms to enable real-time decision-making and automation of workflows. For example, AI algorithms can assess incoming data to identify the most effective responses to dangers. The responses may include automatic escalation of incidents, implementing containment measures and facilitating communication within the security team.
Other innovations include self-healing endpoints and networks using AI for autonomous remediation.
The power of convergence: ZTA + IGA + AI
Individually, zero trust architecture (ZTA), IGA and AI are powerful solutions. But their true value is realized when they are integrated:
- IGA governs identity and access requests.
- ZTA enforces access decisions and monitors in-session behavior.
- AI analyzes behavioral data and continuously adjusts risk thresholds.
A well-architected security posture that unifies zero trust, IGA and AI empowers organizations to deliver trustworthy digital services, maintain resilient infrastructure and speed up innovation at scale.
But remember, technology is not sufficient on its own. Here are a few additional recommendations telecom CISOs should keep in mind:
- Maintaining high standards of security requires monitoring key data vigilantly. The identity governance score, which reflects IGA maturity, serves as a benchmark for assessing progress.
- It’s important to monitor policy violations within the ZTNA framework to gather insights into potential compliance issues.
- Telecom leaders need to break down traditional silos and encourage teamwork between the security, IT and network teams.
- Educate executives on zero trust principles and invest in training staff to use AI responsibly and effectively.
As threats evolve, so must the telecom CISO’s defenses — and ways of thinking. Embracing the proactive, scalable and intelligent methods that come from the convergence of ZTA, IGA and AI is critical to safeguard not just individual enterprise networks but also the future of connectivity.
