GSMA Report Highlights Cybersecurity Regulation Challenges for Mobile Operators

The GSMA's new report, released on November 26, 2025, underscores the financial burden fragmented cybersecurity regulation imposes on mobile operators worldwide. Spending on core cybersecurity activities amounts to $15-19 billion annually, with predictions of rising to $40-42 billion by 2030. This financial strain links back to misaligned and overly prescriptive regulation, which diverts resources from genuine risk mitigation and exposes operators to increased cyber threats.

The study, conducted with Frontier Economics, reveals global challenges such as inconsistent regulatory demands and redundant reporting obligations, impacting operators' efficiency. The GSMA advocates for harmonized, risk-based regulatory frameworks to alleviate these burdens and improve global cybersecurity resilience.

Emphasizing collaboration, Michaela Angonius of GSMA calls for regulations that support, rather than hinder, cybersecurity efforts. The report proposes six principles for effective regulation, including harmonization, consistency, and collaboration between stakeholders.