Securing India's 5G network for a resilient digital economy

As India stands proudly at the cusp of a technological renaissance, our nation’s 5G networks are rapidly becoming the central nervous system of a trillion-dollar digital economy. This is not just an upgrade. It is a fundamental rewiring of how we live, work, and innovate. From smart cities and autonomous factories to AI-driven healthcare and immersive education, the promise of 5G is the promise of a Viksit Bharat. Yet, as we build this hyper-connected future, a formidable shadow looms: the escalating threat of cyberattacks.

Globally, cybercrime is projected to inflict damages worth an astronomical USD 10.5 trillion by 2025, an economy of its own that thrives on disruption and theft. In India, where the telecom cybersecurity market is galloping at a high of 20.6%, the average cost of data breaches has already climbed to a staggering Rs 22 crore in 2025, according to IBM. As stewards of the nation’s critical digital infrastructure, the telecommunications industry recognises that its primary responsibility is not just to connect India, but to protect it. Cybersecurity is no longer a technical feature; it is the very bedrock of trust upon which our digital future must be built.

The New Battlefield of 5G Security

The 5G era presents a fundamentally different security paradigm. Unlike the closed architectures of the past, 5G networks are dynamic, software-defined and massively interconnected. With billions of IoT devices coming online and network functions becoming virtualised, the world is now defending a fluid, ever-expanding ecosystem with countless new entry points for malicious actors.

There have been devastating real-world consequences of this new reality. The 2023 cyberattack on Ukraine’s Kyivstar, which disabled services for 24 million people and crippled national infrastructure, and the massive 2024 “Salt Typhoon” breach targeting US telecom networks are stark reminders that the industry is on the front lines of a global cyber conflict. These are not isolated incidents; they are signals of a persistent and sophisticated threat to the connectivity that underpins modern society.

In this new environment, a reactive security posture is a recipe for failure. The only viable path forward is to adopt a Zero Trust Architecture (ZTA), a paradigm shift rooted in a simple but powerful principle: “never trust, always verify”. In a Zero Trust model, no user or device is trusted by default, whether inside or outside the network. Every access request is rigorously authenticated, authorised, and encrypted before being granted.

For telecom operators, this means embedding security into the very fabric of their networks. It requires continuous identity verification, enforcement of the principle of least privilege, and the use of micro-segmentation to contain threats and prevent lateral movement. This is not just a best practice; it is a mandate for survival and a prerequisite for earning customer trust in the 5G age.

The good news is that technology is also the greatest ally. IBM’s latest 2025 Cost of a Data Breach Report shows that organisations leveraging AI and automation in their security operations save nearly USD 1.9 million per breach and detect incidents 80 days faster. By harnessing these tools, businesses can move from a reactive stance to a predictive and automated defence.

Quantum Risks on the Digital Horizon

Even as the world tackles today’s challenges, it must keep a watchful eye on the horizon. The advent of quantum computing, while promising incredible breakthroughs, poses an existential threat to our current cryptographic standards. A sufficiently powerful quantum computer could theoretically break the encryption that protects virtually all digital communications today.

The telecom industry in India, in line with the vision of the National Telecom Policy 2025, is actively preparing by exploring Post-Quantum Cryptography (PQC). Further, the National Quantum Mission (NQM), India’s national initiative to develop and scale quantum technologies, includes creating a secure quantum communications network and advancing quantum computing capabilities in its objectives.

By beginning the transition to quantum-resistant algorithms now, the industry is future-proofing its networks and ensuring that India’s digital sovereignty remains secure for decades to come.

India Shaping Global Security Norms

It is important to recognise that India is not just a participant but a leader in shaping a secure digital future. The country’s government has taken decisive action to establish a robust regulatory framework that strikes a balance between security and innovation. The Telecom Cyber Security Rules, 2024, which mandate stringent incident reporting within six hours and the appointment of Chief Telecommunication Security Officers, establish clear accountability. Furthermore, the designation of Critical Telecommunications Infrastructure (CTI) underscores the government’s recognition of the telecom sector’s central role in national security.

This proactive approach has earned India a place at the global high table. In a landmark achievement this year, the International Telecommunication Union (ITU-T) accepted three new security work items proposed by India, focusing on AI-generated threats and a cybersecurity maturity model. This demonstrates that the world is looking to India not just for scale, but for standards.

Collaboration for a Stronger Defence

Cybersecurity is a team sport. No single operator, government agency or vendor can win this battle alone. The complexity of the 5G ecosystem demands a collaborative, whole-of-nation approach. The industry is deeply committed to fostering these public-private partnerships, creating platforms for real-time threat intelligence sharing and building a collective defence that is stronger than the sum of its parts.

This collaborative spirit must extend to the entire digital communications landscape, and the industry firmly believes in the principle of ‘Same Service, Same Rules’. Hence, it is imperative that all players, including Over-The-Top (OTT) communication apps that handle vast amounts of user data, are held to the same stringent cybersecurity and data protection standards as licensed telecom operators. Creating regulatory gaps only creates vulnerabilities that put Indian citizens at risk. This should be addressed as soon as possible.

Furthermore, the country must collectively address the glaring cybersecurity skills gap. With only 14% of global organisations reporting adequate security talent, there is a shared responsibility to invest in training and capacity building to develop a new generation of cyber warriors.

As India continues on its journey to connect every citizen and power the engine of a new economy, its commitment is unwavering. The industry will also continue to invest in cutting-edge technology, collaborate with all stakeholders, and champion policies that foster a secure, resilient, and trusted 5G ecosystem. The path to a digitally empowered India is paved with innovation, but it is secured by trust.

The author is a decorated military veteran who retired as the Signal Officer-in-Chief, the head of the Indian Army’s ICT division. He was also the first CEO of the Telecom Sector Skill Council and is the Director General of the Cellular Operators Association of India (COAI).

Also Read

India’s data surge needs a smarter telecom spectrum strategy
Security and competition: Balancing the Telecom Act 2023
Rein in OTT spam with unified, enforceable communication rules
Record FPI inflows in Indian telecom signal a new growth era