The Future of Telco Provider Cybersecurity in the GenAI World – Six Five Virtual Webcast

How are telco providers adapting their cybersecurity strategies to address emerging threats in a world powered by generative AI

Host Will Townsend is joined by Nokia for service providers’ Dr. Srinivas Bhattiprolu, Head of Global Presales and Advanced Consulting Services, for a conversation on The Future of Telco Provider Cybersecurity in the GenAI World. The discussion explores keyphrase focus: telco provider cybersecurity, as service providers navigate rapidly evolving threats, operational gaps, and the impact of generative AI on security frameworks.

Key Takeaways Include:

🔹 Evolving Threat Landscape: Service providers are facing more sophisticated and automated attacks, often accelerated by the availability of AI-driven tools and tactics.

🔹 Strengthening Defenses: Telecom providers are implementing stronger data protection and access control measures to minimize the risk of AI-driven and other advanced threats.

🔹 Operational Challenges: Growing complexity in telco environments has highlighted significant gaps in network and service security that must be addressed.

🔹 Skills and Process Upgrades: Security teams must adapt by upskilling, updating processes, and deploying new tools to stay ahead of rapidly scaling threats.

‍

Learn more at Nokia for service providers.

And subscribe to our YouTube channel, so you never miss an episode.

‍

Listen to the audio here:

Disclaimer: Six Five Media is for information and entertainment purposes only. Over the course of this webcast, we may talk about companies that are publicly traded, and we may even reference that fact and their equity share price, but please do not take anything that we say as a recommendation about what you should do with your investment dollars. We are not investment advisors, and we ask that you do not treat us as such.

‍

Will Townsend: Hello, and welcome again to another Six Five Virtual Webcast. In this episode, we're talking about the future of telco security in a gen AI world. And I'm joined by Nokia. Srini, it's always good to see you. Thanks for joining.

‍

Srinivas Bhattiprolu:

Likewise, it's always a pleasure to be talking to you.

‍

Will Townsend:

Awesome. Well, let's talk about Gen AI. So bad actors are leaning into it to increase the sophistication of attacks. They're leaning into agentic frameworks to scale these attacks as well. What types of threats are you seeing today? And how are service providers dealing with

‍

Srinivas Bhattiprolu:

Yeah, that's a great question to start off with. We clearly see automated AI-driven attacks that are rapidly probing the vulnerabilities at scale for critical infrastructure. That's the first point which I would like to highlight. There are supply chain compromises that we see which are targeting the software integrations, APIs, and third-party vendors. Just as an important piece of statistics, across North American service providers, close to 78% of the NAM telcos have experienced close to four to six vendor breaches over the past 12 months. That is, almost everybody has actually had a problem with their supply chain. That's a very important statistic for us to take cognizance of. We clearly see a change in the path of advanced DDoS attacks. We are actually witnessing advanced DDoS attacks that are utilizing multi-vendor techniques and they are actually bypassing traditional defenses. The other aspect which is very, very prevalent and observed in NAM is that close to 60% of the NAM telcos have actually experienced seven plus DDoS attacks in the past 12 months. And this is what we highlighted in our telco threat intelligence survey that we recently published in September 2025. We also witnessed a terabit scale DDoS attack. And for the first time, we witnessed in September 2025, a DDoS attack, which is higher than five terabits. The other aspect which is very important to take note of is the duration of these attacks. We can pretty much tell you that close to 80% of these attacks are actually finishing within a time period of five minutes, and close to 50% of these attacks are finishing within a time period of three minutes. That means you got a huge volume of attacks going in for a short duration, which essentially means your traditional defenses, which are manual in nature, will not be effective against these DDoS attacks. You've got to adapt to automated DDoS aversion approaches, and that's something which we observe.

‍

Will Townsend:

Yeah, and the timing of that is incredible. You know, we're not talking hours or days, we're talking minutes, right? And, you know, you talked about, you know, supply chain attacks, critical infrastructure, data protection becomes really, really paramount, really, really important. So I'm wondering, how are you seeing CSPs, mobile network operators strengthening their data protection, and even more importantly, access controls, because of the escalating sophistication of these attacks?

‍

Srinivas Bhattiprolu:

So the first one, we got to get to the basic hygiene, which is patch and harden the infrastructure, apply the right patches, and make sure that the patches are current, and also audit for any unauthorized accounts on a regular basis, and adopt a zero-trust approach. Then you can also look at different aspects, including side channel attacks and firmware tampering and all of these. That's the first thing we should really look at. The second thing is to really strengthen the access controls, really enforce a multi-factor authentication. really drive password rotation, make sure that you have efficient and effective privilege access management principles, and last but not the least, continue to apply Zero Trust principles in the critical infrastructure. The third aspect is towards monitoring and detection. Continuously monitor, which means you've got to deploy telco-specific EDRs, endpoint detection response systems, telco-specific network detection response, and telco-specific XDR solutions. It's of paramount importance that you actually have these real-time monitoring solutions that are able to monitor ingress and egress traffic that's coming in and going out of the network functions, and also consistently monitoring the connections to the malicious hosts outside of the environment. So that's something which you got to really look at. There are also other techniques like user entity behavioral analytics, then you can actually look at protecting your OT assets utilizing these techniques. And that's something which you got to really use as well. The last part is really if there is an attack or if there is a vulnerability that's exploited, make sure that the response is actually addressed in a much quicker manner, utilizing automated playbooks, where you can again utilize the artificial intelligence capabilities in devising as well as implementing these automated playbooks.

‍

Will Townsend:

I love the last point you made because it's using AI for good, right? And it's sort of counterbalancing what these bad actors are doing as they lean into things like generative AI and agentic frameworks to increase the sophistication of phishing campaigns. and just to automate and scale on a massive basis these attacks. And I think one of the biggest challenges is just the sheer attack surface of these mobile networks. They're massive. They have millions of subscribers, millions of devices on them. But from your perspective, what is Nokia seeing with respect to some of the biggest gaps that service providers are missing in securing their networks and taking a lot of the great advice that you just provided?

‍

Srinivas Bhattiprolu:

So the first one is that telco networks are complex and heterogeneous, for want of a better word. You've got a combination of physical network functions, virtual network functions, and containerized network functions, PNFs, VNFs, CNFs, as they're called. These are fragmented in nature. Their legacy and many of the network elements are quite archaic beyond support from the vendors. So there is certainly a big challenge of fragmented visibility that exists in the networks, especially when we're talking about networks deployed across multi-cloud environments. And there is certainly an absence or limitation around full end-to-end monitoring of this network. That's the first challenge that I really foresee. The second challenge is around a lack of proper segmentation. We've talked about principles around micro-segmentation and macro-segmentation. Really employing zero trust principles, including aspects like micro-segmentation, and then allowing, which basically stop excessive lateral movement or prevent excessive lateral movement is another challenge that operators today will have to deal with. There is actually the other aspect which is very, very important. Today, due to the heterogeneity, the complexity, and the multi-vendor nature of the networks involved, I believe the whole concept of automation is underutilized in the networks. And this is actually resulting in a lot of inconsistent policy enforcement, as well as a response aspect. So that's something which is very, very important to take note of. In our study, again in the telecom threat intelligence survey, we believe 90% of the operators in North America would like to go for SOC automation level 4 by 2028. For us, we believe the autonomous network level maturity can only be achieved by bringing in zero trust, where we call it zero touch can only happen through zero weight, zero trouble, and zero trust. So that's something which is very, very important to take note of.

‍

Will Townsend:

Yeah, and you know you make a very very good point about the highly disaggregated nature of these networks number one you mentioned cloud. And then when you talk about virtualization and network slicing that with 5g standalone is gaining momentum. it creates all of these gaps that need to be addressed. So that was some really good advice there. But as we wind up our conversation, I'd love to talk about your recommendations. So what changes should security teams make, whether it's skills or processes or tools, to keep pace with these accelerated attack vectors that are coming from these bad actors?

‍

Srinivas Bhattiprolu:

So I would actually provide my recommendations across four specific categories. The first one is people. People, you have to really look at the security professionals who understand the network. Having the right amalgamation of capabilities across network and security is of absolute importance. And that's one of the key recommendations that I clearly look at. The second one is about the process. You have to move towards a proactive process in making sure that you adapt the right processes and ensure that there is remediation and proactive addressing of these different threat vectors that ensue to the critical infrastructure. The third one is technology. Deploying IT-specific tools for securing critical infrastructure, in my view, is almost tantamount to putting a square plug in a round hole. Operators will have to really look at having the right telco-specific tools to secure their critical infrastructure. And there needs to be a clear effort from the operators to make sure that they're modernizing the security of the telco infrastructure in a big way. There have to be proper performance indicators as well. And these are the four critical recommendations I would provide to operators to make sure that they are actually securing the critical infrastructure in an efficient manner.

‍

Will Townsend:

Srini, I want to thank you again for a very insightful conversation. I want to thank our viewers for tuning in to another 6.5 virtual webcast discussing the future of telco, cybersecurity, and the gen AI world.

‍