Existing literature and industry research largely emphasizes theoretical threat models in the telecommunications space, often referencing frameworks like MITRE ATT&CK and GSMA Mobile Threat Intelligence Framework (MoTIF), as well as European Telecommunications Standards Institute (ETSI) and vendorspecific guidance. However, these frameworks fall short when it comes to evaluating how those threats manifest in real-world telecommunications environments and how detection can be operationalized at scale. To build practical threat detection strategies, this whitepaper sets out to analyze and validate the theoretical landscape– reviewing cited data sources, tactics, techniques, and procedures (TTPs)– and mapping them against the specific needs, telemetry capabilities, and architectures of mobile and other telecommunications service providers.

Global leaders and decision-makers convened at the GCF Annual Meeting 2025 in Riyadh, 1-2 October, calling for greater international collaboration on shared challenges and priorities in Cyberspace, in a time of increasingly complex socioeconomic and geopolitical dynamics.

Attackers are now using generative artificial intelligence (Gen AI) to launch faster, more advanced cyberattacks on telecom networks. Nokia’s Threat Intelligence Report 2024, for example, highlights AI-powered botnets that rapidly shift distributed denial of service (DDOS) tactics and targets, posing a serious threat to critical telecom infrastructure. Even low-skilled actors can exploit complex telecom protocols using AI-generated code. This whitepaper focuses on leveraging Gen AI to enhance the security of next generation networks (NGN) in the telecom signaling domain. The paper highlights the increasing sophistication of cyberattacks powered by AI and the vulnerabilities of legacy telecom protocols such as SS7, Diameter, and the GPRS Tunneling Protocol (GTP), as well as outlining how Gen AI can address these challenges by enabling proactive threat detection, automating security operations, and reducing reliance on human expertise.

The era of static trust is over. As cyber ecosystems expand across cloud, remotework, artificial intelligence (AI)-driven threats and machine identities, traditional security models are under growing pressure. The urgency this creates is clear: organizations must not only embrace Zero Trust architectures - where every access request is considered untrusted until verified - but also accelerate their evolution in an adaptive, intelligence-driven direction. This paper distills insights from a Future of Cybersecurity Knowledge Community study. Drawing on interviews with CISOs, practitioners and experts, it identifies three key challenges currently slowing Zero Trust adoption.