Follow Us on Google
By Chinenye Anuforo
Telecom operators across the world are being forced to spend more on cybersecurity, not only because cyber threats are increasing but also because regulations remain poorly aligned and inconsistent across countries.
A new industry study showed that mobile network operators currently spend between $15 billion and $19 billion every year on core cybersecurity activities. If current trends continue, this figure is expected to rise sharply to between $40 billion and $42 billion by 2030.
While telecom companies recognise cybersecurity as a critical responsibility, industry experts warn that badly designed regulations are now becoming a major cost driver. In many markets, rules are fragmented, overly prescriptive and sometimes contradictory, pushing operators to focus more on compliance than on real security improvements.
Mobile networks sit at the centre of modern digital life, supporting banking, healthcare, education, government services and daily communication. However, operators say they are increasingly trapped between defending their networks and meeting complex regulatory demands imposed by multiple authorities.
The study found that In several countries, operators are required to comply with overlapping cybersecurity rules from different agencies. In some cases, a single cyber incident must be reported multiple times in different formats, creating duplication and inefficiency.
There are also regulations that focus on “box-ticking” exercises, where operators are required to deploy specific tools or follow rigid processes rather than being allowed to address risks based on real-world threats. One operator revealed that as much as 80 per cent of its cybersecurity team’s time is spent on audits and compliance tasks, instead of threat detection or incident response.
The research, which covered operators across Africa, Asia-Pacific, Europe, Latin America, the Middle East and North America, showed that the problem is global. For telecom companies operating in multiple countries, fragmented national regulations increase complexity, raise costs and can even introduce new security weaknesses.
Despite these challenges, operators insist that securing mobile networks remains a top priority for customers and for society as a whole. However, the report warns that unilateral and poorly coordinated regulatory approaches risk undermining those efforts.
To address the problem, the study calls on governments and regulators to adopt more harmonised and risk-based cybersecurity frameworks. These include aligning policies with international standards, ensuring consistency with existing rules, focusing on outcomes rather than rigid procedures, and strengthening collaboration between regulators and industry.
The report also stresses the need for a security-by-design approach and stronger institutional capacity within cybersecurity authorities to ensure effective implementation.
As digital services continue to expand and societies depend more on mobile networks, cybersecurity spending will inevitably rise. But the warning is clear: without coordinated and outcome-focused regulation, telecom operators may continue to spend more while achieving less real security.
