电信安全格局和战略：亚太地区

Asia Pacific Innovating to protect The GSMA is a global organisation unifying the mobileecosystem to discover, develop and deliver innovationfoundational to positive business environments and societalchange. Our vision is to unlock the full power of connectivityso that people, industry and society thrive. Representingmobile operators and organisations across the mobileecosystem and adjacent industries, the GSMA delivers forits members across three broad pillars: Connectivity for GSMA Intelligence is the definitive source of global mobileoperator data, analysis and forecasts, and publisher ofauthoritative industry reports and research. Our data coversevery operator group, network and MVNO in every countryworldwide – from Afghanistan to Zimbabwe. It is the most GSMA Intelligence is relied on by leading operators,vendors, regulators, financial institutions and third-partyindustry players, to support strategic decision-makingand long-term investment planning. The data is used as We invite you to find out more atgsma.com Our team of analysts and experts produce regular thought-leading research reports across a range of industry topics. Follow the GSMA:@GSMA gsmaintelligence.com info@gsmaintelligence.com Published October 2024 Authors Tim Hatt,Head of Research and ConsultingJames Joiner,Lead AnalystSilvia Presello,Lead Analyst Contents Executive summary 1Research in context: security in 2024 1.1Purpose1.2Approach and timelines 2The telecoms environment and its bearing on security2.15G raises the security imperative 3The security landscape: rapidly evolving threats 3.1Understanding the cybersecurity threat3.2Operator readiness to defend against security attacks3.3Operator perceptions on the top threats to mobile networks 4Ensuring security readiness4.1Measures to counter the threat 5Innovations from telecoms operators 5.1Leveraging industry-level tools and resources255.2Navigating the human risk315.3Tackling fraud and malware attacks325.4Safeguarding against operational attacks35 Appendix Executive The telecoms landscape in Asia Pacific The telecoms industry across Asia Pacific is drivingthe region’s digital transformation, as consumers andbusinesses increasingly rely on digital services. Withthe deployment of 5G standalone (5G SA), operators As of 2023, in a few countries in Asia Pacific, 5G mobileconnections had already reached 40% of total mobileconnections. In others, 5G adoption remains limited.Across the region, 4G will still account for more than A fast-evolving threat landscape With the rapid technological transformation underwayin the region comes an increased threat of cyber-attacks, especially phishing/smishing, ransomware andsupply-chain attacks. For example, 85% of operators Spam calls are on the rise globally, and Asia Pacific isno exception. On average, mobile users in Asia Pacificreceive one fraud call and two nuisance calls permonth. Mobile users in some countries in Asia Pacific Network security readiness and future investments Preventing spam and scam messages remains apriority for operators in the region. They are employingmessage filtering, URL blacklists and access controlblacklists to shield mobile users. When it comes tothe most common cyber threats such as phishing/smishing and ransomware, operators consider A range of tools such as DDoS protection andcustomer authentication solutions are available tooperators. Sharing information between partnerson threat intelligence also remains vital to improving Industry tools and collaboration Industry collaboration is essential to protect against the rapidly evolving threats. As a global organisation unifyingthe mobile ecosystem, the GSMA provides a wide range of support to its members. Examples include the following: •Network Equipment Security AccreditationScheme (NESAS)– This audits and tests networkequipment vendors and their products against asecurity baseline. It can help avert fragmentation •GSMA Baseline Security Controls– Part of theMCKB, these provide a comprehensive set ofsecurity measures for mobile networks and can •Telecommunication Information Sharing andAnalysis Center (T-ISAC)– This enables operatormembers to communicate cyber risk data, •Mobile Cybersecurity Knowledge Base (MCKB)–This provides guidance on mobile security risks andmitigation measures. It combines the cybersecurityknowledge of the mobile ecosystem (including Research in context:security in 2024 1.1 Purpose The security threat landscape across telecoms and the broader technologyindustry continues to evolve at a rapid pace. Security threats are an assumedconstant in the digital world. This has been the case since the PC era of the Trends such as moving towards software-definedmobile networks, AI and digitisation across theeconomy have expanded the attack surface. Overall,the world is becoming a more dangerous place, with This is the third in a five-part series on securityinnovations in the telecoms industry. The report series