Keeping the Lines Secure: Key Principles of IoT Cybersecurity in Telecoms

The telecom industry forms the backbone of our interconnected world. From facilitating voice calls to powering the internet, telecoms play a vital role in our daily lives. Moreover, IoT is revolutionizing how telecom companies operate and deliver services. From connected devices on cell towers to smart meters and sensors embedded within the network infrastructure, this growing network of interconnected devices comes a heightened cybersecurity risk.

So, in this blog post, the Telemetry team delves into the ever-evolving landscape of cybersecurity challenges and trends plaguing the telecom sector, and also explores the key principles of IoT cybersecurity in telecoms, outlining essential steps to safeguard networks against potential threats and ensure the continued reliability and security of provided services.

The Evolving Telecoms Landscape

The traditional telecoms network is transforming into a complex ecosystem teeming with connected devices. Here’s a breakdown of how IoT is impacting the industry:

  • Smart infrastructure: Cell towers and base stations are being equipped with sensors to monitor performance, optimize energy usage, and enable predictive maintenance.
  • Connected devices: From customer routers and modems to wearables and other IoT gadgets, the number of connected devices on the network is exploding.
  • The rise of 5G: The rollout of 5G networks introduces new opportunities for IoT applications, further expanding the attack surface.
  • Evolving network architecture: Network Function Virtualization (NFV) and Software-Defined Networking (SDN) introduce new security considerations for a more dynamic and software-centric network.

The Bullseye on Telecoms

Telecom companies are attractive targets for several reasons. They handle a goldmine of sensitive data – customer information, financial details, and network infrastructure blueprints. A successful attack could lead to:

  • Data Breaches: Exposed customer data can be used for identity theft, financial fraud, or even targeted attacks.
  • Disrupted Services: Cyberattacks can cripple telecom networks, causing outages and hindering communication for businesses and individuals.
  • Espionage: Telecoms can be infiltrated for industrial espionage, stealing valuable intellectual property or trade secrets.

The Evolving Threat Landscape

Cybercriminals are constantly refining their tactics. Here are some key trends in the telecom cybersecurity space:

  • Sophistication of Attacks: Gone are the days of simple hacks. Today’s attackers employ advanced malware, social engineering techniques, and exploit zero-day vulnerabilities (previously unknown flaws in software) to breach complex telecom networks.
  • Supply Chain Attacks: Targeting third-party vendors used by telecoms is becoming a popular tactic. By compromising a less-secure vendor, attackers gain access to the telecom’s network through the back door.
  • The Rise of 5G: The rollout of 5G networks introduces new attack vectors. The complexity and interconnectedness of 5G infrastructure create potential vulnerabilities that attackers can exploit.

Challenges Faced by Telecoms

While telecoms understand the importance of cybersecurity, several challenges hinder their efforts:

  • Legacy Systems: Many telecoms rely on outdated infrastructure that’s difficult and expensive to secure. Patching vulnerabilities in these systems can be a slow and complex process.
  • Skilled Workforce Shortage: The cybersecurity industry suffers from a lack of qualified professionals. Telecoms may struggle to find and retain the talent needed to build robust defenses.
  • Balancing Security and Convenience: Strict security measures can sometimes impede customer experience. Telecoms need to find a way to balance robust security with user-friendly services.

The Cybersecurity Challenge

While IoT offers immense potential for innovation and efficiency gains, it also creates vulnerabilities that cybercriminals can exploit. Here’s why cybersecurity is paramount in telecoms IoT:

  • Disrupted services: A cyberattack could cripple critical network infrastructure, leading to service outages and impacting millions of customers.
  • Financial losses: Network disruptions and data breaches can result in significant financial losses for telecom operators.
  • Privacy concerns: Sensitive customer data, such as call records and location information, could be compromised in an attack.
  • Cascading effects: A compromised telecoms network could serve as a launchpad for attacks on other critical infrastructure sectors.

The Road to a Secure Future

Despite the challenges, telecoms can take proactive steps to strengthen their cybersecurity posture. To ensure a resilient and secure telecoms network in the age of IoT, here are some key principles to consider:

  • Secure by design: Cybersecurity needs to be embedded into the company culture, not seen as an afterthought. Prioritize security throughout the entire lifecycle of an IoT device, from design and development to deployment and maintenance. This includes secure coding practices, robust authentication mechanisms, and encryption of sensitive data at rest and in transit.

For example

    • Implement robust Identity and Access Management (IAM) to control access to devices, systems, and data.
    • Proactively identify and address vulnerabilities in all connected devices, network infrastructure, and software.
    • A centralized monitoring and management platform for all connected devices on the network will allow easier security updates, device configuration, and anomaly detection.
    • A well-defined incident response plan to quickly detect, contain, and remediate security incidents, that includes clear roles and responsibilities for all stakeholders.
    • IoT deployments should comply with all relevant industry regulations and data privacy standards.
  • Continuous Monitoring and Threat Detection: Don’t assume trust within the network. Implement a zero-trust approach where every device and user,  need to be continuously authenticated and authorized before accessing resources. Invest in advanced security solutions that can continuously monitor networks for suspicious activity and identify vulnerabilities before attackers exploit them.
    • Network segmentation, i.e. separating critical infrastructure from less sensitive areas like customer networks, can also help isolate attacks and prevents them from spreading across the entire network.
  • Employee Training: Regularly train employees on cyber hygiene practices like identifying phishing attempts and password best practices. Regular training programs are essential for fostering a culture of security awareness.
  • Collaboration: Telecoms should work together with device manufacturers, industry partners, security vendors, and government agencies to share threat intelligence and develop coordinated responses to cyberattacks. Collaborate with industry partners, and government agencies to share best practices, stay informed about the latest threats and develop collective defenses against cyberattacks.

Building a Secure Future for Telecoms

By adhering to these principles, telecom operators can build a robust and secure foundation for their IoT deployments. Here are some additional considerations for the future:

  • The evolving threat landscape: Stay updated on the latest cyber threats and vulnerabilities specific to telecoms IoT environments.
  • The role of AI and Machine Learning: Explore how AI and ML can be leveraged for threat detection, anomaly identification, and automated incident response within the network.
  • Security considerations for 5G: As 5G networks continue to roll out, prioritize security throughout the development and deployment phases

The telecom industry plays a critical role in today’s digital world. By prioritizing cybersecurity and continually adapting their defenses, telecoms can ensure the safe and reliable flow of information that keeps our world connected.

European Cyber Security Community Initiative (ECSCI)

The European Cyber Security Community Initiative (ECSCI) brings together EU-funded cybersecurity research and innovation projects to foster cross-sector collaboration and knowledge exchange. Its aim is to align technical and policy efforts across key areas such as AI, IoT, 5G, and cloud security. ECSCI organizes joint dissemination activities, public workshops, and strategic dialogue to amplify the impact of individual projects and build a more integrated European cybersecurity landscape.

Supported by the European Commission, ECSCI contributes to shaping a shared vision for cybersecurity in Europe by reinforcing connections between research, industry, and public stakeholders.

Visit the website

European Cluster for Cybersecurity Certification

The European Cluster for Cybersecurity Certification is a collaborative initiative aimed at supporting the development and adoption of a unified cybersecurity certification framework across the European Union. Bringing together key stakeholders from industry, research, and national authorities, the cluster facilitates coordination, knowledge exchange, and alignment with the EU Cybersecurity Act.

Its mission is to contribute to a harmonized approach to certification that fosters trust, transparency, and cross-border acceptance of cybersecurity solutions. The cluster also works to build a strong stakeholder community that can inform and support the work of the European Union Agency for Cybersecurity (ENISA) and the future European cybersecurity certification schemes.

Visit the website

CertifAI

CertifAI is an EU-funded project aimed at enabling organizations to achieve and maintain compliance with key cybersecurity standards and regulations, such as IEC 62443 and the EU Cyber Resilience Act (CRA), across the entire product development lifecycle. Rather than treating compliance as a one-time activity or post-development task, CertifAI integrates compliance checks and evidence collection as continuous, embedded practices within daily development and operational workflows.

The CertifAI framework provides structured, practical guidance for planning, executing, and monitoring compliance assessments. It supports organizations in conducting gap analyses, building compliance roadmaps, collecting evidence, and preparing for formal certification. The methodology leverages best practices from established cybersecurity frameworks and aligns with Agile and DevSecOps principles, enabling continuous and iterative compliance checks as products evolve.

A central feature of CertifAI is the use of automation and AI-driven tools—such as Retrieval-Augmented Generation (RAG) systems and Explainable AI—to support the interpretation of complex requirements, detect non-conformities, and generate Security Assurance Cases (SAC) with traceable evidence. The approach is organized into five main phases: preparation and planning, evidence collection and mapping, assessment execution, reporting, and ongoing compliance monitoring.

CertifAI’s methodology is designed to be rigorous yet adaptable, offering organizations a repeatable process to proactively identify, address, and document compliance gaps. This supports organizations not only in meeting certification requirements, but also in embedding a culture of security and compliance into daily practice.

Ultimately, CertifAI’s goal is to make compliance and security assurance continuous, transparent, and integrated, helping organizations efficiently prepare for certification while strengthening their overall cybersecurity posture.

Visit the website

DOSS

The Horizon Europe DOSS – Design and Operation of Secure Supply Chain – project aims to improve the security and reliability of IoT operations by introducing an integrated monitoring and validation framework to IoT Supply Chains.

DOSS elaborates a “Supply Trust Chain” by integrating key stages of the IoT supply chain into a digital communication loop to facilitate security-related information exchange. The technology includes security verification of all hardware and software components of the modelled architecture. A new “Device Security Passport” contains security-relevant information for hardware devices and their components. 3rd party software, open-source applications, as well as in-house developments are tested and assessed. The centrepiece of the proposed solution is a flexibly configurable Digital Cybersecurity Twin, able to simulate diverse IoT architectures. It employs AI for modelling complex attack scenarios, discovering attack surfaces, and elaborating the necessary protective measures. The digital twin provides input for a configurable, automated Architecture Security Validator module which assesses and provides pre-certification for the modelled IoT architecture with respect of relevant, selectable security standards and KPIs. To also ensure adequate coverage for the back end of the supply chain the operation of the architecture is also be protected by secure device onboarding, diverse security and monitoring technologies and a feedback loop to the digital twin and actors of the supply chain, sharing security-relevant information.

The procedures and technology will be validated in three IoT domains: automotive, energy and smart home.

The 12-member strong DOSS consortium comprises all stakeholders of the IoT ecosystem: service operators, OEMs, technology providers, developers, security experts, as well as research and academic partners.

Visit the website

EMERALD: Evidence Management for Continuous Compliance as a Service in the Cloud

The EMERALD project aims to revolutionize the certification of cloud-based services in Europe by addressing key challenges such as market fragmentation, lack of cloud-specific certifications, and the increasing complexity introduced by AI technologies. At the heart of EMERALD lies the concept of Compliance-as-a-Service (CaaS) — an agile and scalable approach aimed at enabling continuous certification processes in alignment with harmonized European cybersecurity schemes, such as the EU Cybersecurity Certification Scheme for Cloud Services (EUCS).

By focusing on evidence management and leveraging results from the H2020 MEDINA project, EMERALD will build on existing technological readiness (starting at TRL 5) and push forward to TRL 7. The project’s core innovation is the development of tools that enable lean re-certification, helping service providers, customers, and auditors to maintain compliance across dynamic and heterogeneous environments —including Cloud, Edge, and IoT infrastructures.

EMERALD directly addresses the critical gap in achieving the ‘high’ assurance level of EUCS by offering a technical pathway based on automation, traceability, and interoperability. This is especially relevant in light of the emerging need for continuous and AI-integrated certification processes, as AI becomes increasingly embedded in cloud services.

The project also fosters strategic alignment with European initiatives on digital sovereignty, supporting transparency and trust in digital services. By doing so, EMERALD promotes the adoption of secure cloud services across both large enterprises and SMEs, ensuring that security certification becomes a practical enabler rather than a barrier.

Ultimately, EMERALD’s vision is to provide a robust, flexible, and forward-looking certification ecosystem, paving the way for more resilient, trustworthy, and user-centric digital infrastructures in Europe.

Visit the website

SEC4AI4SEC

Sec4AI4Sec is a project funded by the European Union’s Horizon Europe research and innovation programme under grant agreement No 101120393.

This project aims to create a range of cutting-edge technologies, open-source tools, and new methodologies for designing and certifying secure AI-enhanced systems and AI-enhanced systems for security. Additionally, it will provide reference benchmarks that can be utilized to standardize the evaluation of research outcomes within the secure software research community.

The project is divided into two main phases, each with its own name.

·       AI4Sec – stands for using artificial intelligence in security. Democratize security expertise with an AI-enhanced system that reduces development costs and improves software quality. This part of the project improves via AIs the secure coding and testing.

·       Sec4AI –  involves AI-enhanced systems. These systems also have risks that make them vulnerable to new security threats unique to AI-based software, especially when fairness and explainability are essential.

The project considers the economic and technological impacts of combining AI and security.

The economic phase of the project focuses on leveraging AI to drive growth, productivity, and competitiveness across industries. It includes developing new business models, identifying new market opportunities, and driving innovation across various sectors. 

Visit the website