Telcos and ISPs: The Time to Prioritise Cybersecurity Is Now

By Anthony Laing, NEC XON GM of Networking

Cybercriminals have historically targeted banks and financial institutions, for a simple reason: money. With direct access to high-value data, including personal, credit card and payment details, banks were natural targets for phishing schemes, ransomware, and insider threats. Aging legacy systems sometimes provided security loopholes while the rise of digital banking and remote access services expanded attack surfaces. 

In response, financial institutions poured resources into building robust cybersecurity systems. Today, they’re among the most fortified industries, with sophisticated threat detection, encrypted communications, and compliance with strict regulatory standards. Now, a second tier of cybercrime targets is drawing the wrong kind of attention.

Why Telco and ISPs Are the New Targets
As banks and similarly targeted sectors tightened their defences, hackers sought softer targets. Telecommunications companies (telcos) and Internet Service Providers (ISPs) have sometimes lagged behind in adopting robust measures. Once overlooked, Telcos and ISPs are now firmly on cybercriminals’ radar. While they may not handle money directly, they carry something just as valuable: data. Unless they act decisively, they risk severe reputational damage, financial losses for themselves and their customers, and operational disruption.

Telecom networks are the arteries through which businesses, governments, and individuals transmit information. These networks carry sensitive data for industries that include healthcare, banking, and retail. An attack on a telco could disrupt services, intercept valuable communications, or cripple a nation’s digital infrastructure. Moreover, telcos themselves hold vast amounts of customer data, from contact information to personal identifiers. This treasure trove can be exploited for phishing, vishing (voice phishing), identity theft, or even corporate espionage.

The Reputational Risks
For telcos and ISPs, the stakes are high. A breach not only risks customer trust but also threatens long-term reputational damage. When customer data is leaked, the fallout can be catastrophic. Customers blame their service providers for failing to safeguard their information, and the brand suffers irreparable harm. In an industry where competition is fierce, the ability to retain customer loyalty hinges on trust—something that can’t afford to be compromised.

Telcos and ISPs sometimes lack even the basics of cybersecurity, and may have small teams managing network security for systems that serve tens or hundreds of thousands of consumers and businesses. We have seen key features missing from telco and ISP cybersecurity, including:

• Authentication Protocols: Multi-factor authentication (MFA) to prevent unauthorised access.
• Network Monitoring: Real-time detection of unusual activity.
• Incident Response Plans: Preparedness to mitigate and recover from attacks quickly.
• Employee Training: Ensuring staff are aware of common threats like phishing and social engineering.
• Regular Updates and Patches: Closing vulnerabilities in systems and software.

Telcos and ISPs must act with urgency. They cannot afford to ignore the rising tide of cyber threats or assume they’re safe because they’re not financial institutions. Cybersecurity is no longer a "nice-to-have" but a fundamental operational necessity. To catch up, telcos and ISPs should consider the following strategy:

• Conduct a Comprehensive Security Audit: Identify vulnerabilities in infrastructure, operations, and data handling practices.
• Invest in Advanced Threat Detection: Implement AI-driven tools for real-time monitoring and anomaly detection.
• Adopt Zero Trust Architectures: Ensure no user or device is trusted by default, even within the network.
• Strengthen Customer Data Protection: Use encryption, tokenisation, and secure authentication methods to protect customer information.
• Collaborate with Experts: Partner with experienced cybersecurity providers to leverage their knowledge and technology.

Find the Right Partner
As the gatekeepers of modern communication, telcos and ISPs have a duty to protect the data they carry. But Telcos and ISPs don’t have to face these challenges alone. The right partner brings extensive expertise in networking and cybersecurity. With NEC XON’s help, telcos and ISPs can implement proactive measures to stay ahead of cybercriminals. For telcos and ISPs, investing in cybersecurity is no longer optional—it’s essential for survival in a digital-first world.
 
About NEC XON
NEC XON is a leading African integrator of ICT solutions and part of NEC, a Japanese global company. The holding company has operated in Africa since 1963 and delivers communications, energy, safety, security, and digital solutions. It co-creates social value through innovation to help overcome serious societal challenges. The organisation operates in 54 African countries and has a footprint in 16 of them. Regional headquarters are located in South, East, and West Africa. NEC XON is a level 1-certified broad-based black economic empowerment (B-BBEE) business. Discover more at https://www.nec.africa

Issued by: Michelle Oelschig, Scarlet Letter
Contact details: 083-636-1766, [email protected]