India’s rapid digital transformation has changed governance, commerce and citizen services at an unprecedented scale. From digital payments and e-commerce to online public service delivery, digital tools are now a part of everyday life. As adoption rises, protecting cyberspace has become a national priority. As per official government data, in 2025, the Indian Computer Emergency Response Team (CERT-In) handled over 2.9 million cyber incidents and issued 1,530 alerts and 390 vulnerability notes. With growing cases of online fraud, phishing, ransomware, artificial intelligence (AI)-driven scams and threats to critical digital infrastructure, the need for a coordinated and resilient cybersecurity framework is greater than ever.
Notably, policy direction has started to shift from treating telecom security as mere perimeter defence, towards looking at it as an end-to-end risk management across identities, devices, data flows and interconnected digital services. The recently notified Telecommunications (Telecom Cyber Security) Amendment Rules, 2025 (notified on October 22, 2025) reflect this broader approach. These rules recognise that telecom identifiers now sit inside banking, e-commerce and governance workflows and they introduce mechanisms for mobile number validation, device identifier scrubbing in resale markets and obligations for entities using telecom identifiers. At the same time, telecom-specific controls are being tightened through mandated audits, stronger operational monitoring structures and security certification requirements for network functions and access equipment.
Securing networks
A defining shift in telecom security is the growing convergence of network security and cloud security. Telecom networks are increasingly cloudified, which means network functions run as software workloads and depend on shared compute, storage and orchestration layers. This requires a change of approach. It is no longer only about routers and firewalls at the edge, but also about protections inside virtual platforms, orchestration layers and management planes.
In India, the approach is increasingly anchored in security testing, certification and enforceable operational controls. Measures led through the National Centre for Communication Security include the extension of the Pro Tem security certification scheme beyond January 1, 2026, lower fees for testing lab designation and a simplified process for fibre access devices. This has been tied to a broader mandatory testing and certification framework, with the underlying position that telecom equipment sold, imported, or used in India must undergo security testing and certification under the scheme.
On the data side, the government has also advised telecom providers to strengthen protection for sensitive telecom data sets, both at rest and in transit. It has also institutionalised recurring network security audits and cross-checks that cover equipment security, software security, supply chains and data management. In practice, integrated cloud and network security in the Indian telecom context often means building security across four layers at the same time, such as identity and access, cryptography, configuration assurance and continuous monitoring. The goal is to maintain the same security posture across radio access, transport, core and cloud-hosted network functions, with auditability built in from the start.
SASE in the Indian telecom context
Secure access service edge (SASE) is gaining relevance in India because telecom operations are distributed by nature. Staff, contractors, field engineers, tower technicians and service partners need secure access to systems from multiple locations, often outside a traditional enterprise perimeter. This makes consistent policy enforcement and safe privileged access difficult if security remains fragmented.
The case for this approach in India is strengthened by two realities. First, telecom providers operate and maintain very large numbers of distributed sites and remote systems. Controlling privileged access and enforcing uniform policies becomes harder as operations spread across geographies and partners. Second, the data protection and privacy debate is now tightly linked to network security. The Ministry of Communications has explicitly linked cybersecurity, privacy and network resilience in the expanding 5G ecosystem and has highlighted privacy-by-design and security-by-design principles as central to safeguarding personal data handled by telecom networks and connected services.
Security operations and sector-level incident response
Telecom security is moving towards operational readiness, not just compliance. India has begun to formalise sector-level monitoring and response structures. The government has established the Telecom Security Operations Centre (TSOC) to strengthen situational awareness, monitoring and coordination on telecom cybersecurity matters. It has also created the Telecom Sector Incident Response and Coordination Framework (Telecom-CSIRT), described as enabling timely detection, analysis, coordination and mitigation of cyber incidents and vulnerabilities impacting telecom networks, including critical telecom infrastructure.
On the control side, the government has set recurring assurance expectations. Telecom service providers are directed to conduct network security audits annually and whenever network configurations change significantly, including vulnerability assessment and penetration testing. Separately, external audits are described as mandatory, once within a three-year cycle. These measures push operators towards running security operations as a continuous function, rather than treating security as a periodic audit exercise.
Cloud-native and software-defined networks
Virtualised and software-defined architectures bring strong operational benefits, but they also reshape telecom threat models. Software-centric networks depend on open interfaces, remote management and automated change workflows. This means misconfigurations, credential theft and supply chain compromise can spread faster if governance and controls are weak. In cloud-native environments, the management plane and orchestration layer become high-value targets, hence, protecting them becomes just as important as protecting the traffic plane.
India’s security certification ecosystem is also being extended into these newer architectures. A telecom security assurance requirements document released in January 2026 covers open radio access network components and includes not only radio and distributed units but also the O-Cloud layer. The same document sets out common security requirements that are directly relevant to software-defined environments, including mutual authentication for management protocols, strict protection of management traffic using approved cryptographic controls, role-based access control, secure update practices and security assurance expectations for embedded cryptographic modules.
In addition to this, the Pro Tem security certification scheme is positioned to avoid business disruption, while full testing and certification continue. Its scope has been extended to cover additional core and access elements, alongside new product launches. The certification process has also been simplified by allowing customised variants to be grouped under a single procedure, reportedly reducing the number of testing cases by about 10 times, without changing the underlying security objectives.
Private networks and multi-domain connectivity
Private networks and multi-domain connectivity create complex trust boundaries. A private enterprise network often blends telecom connectivity with enterprise information technology and operational technology. Multi-domain connectivity can also include inter-operator internet protocol interconnect, roaming and identity systems, satellite links and connections into cloud platforms. Each hand-off is a security junction, and the weakest junction can become the entry point.
That is why the focus is shifting from securing individual networks to governing the trust relationships between networks, platforms and service partners, and India is responding on two linked fronts. First, India’s policy posture is emphasising coordinated controls for telecom-enabled fraud and risk indicators that bridge telecom and financial ecosystems. This matters because private networks and enterprise connectivity often intersect with critical authentication flows and transaction systems. Second, interconnection frameworks are being reviewed. The Telecom Regulatory Authority of India has issued a consultation process to review interconnection regulations in the context of evolving technology, which makes security implications of the interconnect design and responsibilities more relevant.
For private and multi-domain connectivity in India, the practical security priorities usually centre on isolation and control. Key themes include segmentation between enterprise operational technology and public networks, strict governance of remote access for administrators, strong cryptographic protection on management and interconnect links, and clear contractual definition of incident response responsibilities across domains. These priorities link back to the broader direction in India towards auditable controls, cross-check security audits and stronger sector-level monitoring.
Challenges and future trends
India’s telecom security challenge is not only about putting the right controls in place, but also making them effective at the national scale. One pressure point is network scale and operational complexity. As the coverage expands and new access models are added, the number of assets that must be inventoried, monitored, patched and secured keeps rising, which makes consistency hard to sustain day after day. A second pressure point is telecom-enabled fraud and identity misuse. Telecom identifiers are embedded across digital services, so weaknesses in validation, onboarding or misuse detection quickly spill over into financial fraud and broader cybercrime. A third pressure point is the supply chain and configuration risk. As networks become more software-defined and interface-heavy, insecure defaults, weak change controls and compromised components can have a wider impact, faster. Tackling these challenges before moving on to newer technologies is a must.
Looking ahead, two trends are likely to strongly shape the security conversation. First, AI will act both as a threat amplifier and as a defence accelerator. AI-driven threats can raise the volume and sophistication of attacks, but AI-led detection and automation can also improve the speed of response if governance and data quality are strong. Second, quantum-era preparation is beginning to enter telecom security planning. Work on identifying quantum-vulnerable cryptographic algorithms in devices and networks is a signal that migration planning towards quantum-safe security is becoming a real consideration, even if it unfolds over time. Overall, the direction of travel is towards continuous assurance. It includes stronger certification and cryptographic baselines for cloudified network functions, converged access security patterns for distributed operations, and more formalised sector-level monitoring and incident response structures. For India’s telecom networks, the goal is not only to stay compliant, but to remain resilient as the digital perimeter keeps expanding.
