As telecom becomes the backbone of national digital transformation, operators must secure distributed networks, protect critical data, and maintain resilience amid rising regional cyber risks.
The Middle East’s telecom sector is undergoing a profound transformation. As operators accelerate 5G rollouts, expand IoT ecosystems, and push compute to the edge, networks are becoming more distributed, software-defined, and deeply integrated into national digital agendas. This evolution is powering smart cities, autonomous systems, digital government, and mission-critical services — but it is also expanding the attack surface at unprecedented speed.
Telecom networks today are no longer just communication platforms; they are the backbone of national economies. With geopolitical tensions rising, state-sponsored cyber activity increasing, and regulatory scrutiny tightening, securing these networks has become a strategic imperative across the region. The shift to 5G, cloud-native cores, and edge computing has introduced new vulnerabilities that require operators to rethink how they secure infrastructure, identities, APIs, and data flows.
Industry leaders from AmiViz, Censys, Check Point Software Technologies, ESET, Finesse, Kaspersky, and NETSCOUT share how operators can secure next-generation networks, counter evolving threats, and meet sovereignty and compliance requirements without compromising performance.
Multi-layered security for 5G, IoT, and edge networks
Ilyas Mohammed, COO at AmiViz, says the expansion of 5G, IoT, and edge computing demands a multi-layered security strategy that provides deep visibility and control across distributed environments. AmiViz integrates deep packet visibility from NEOX Networks, API protection from Cequence Security, DNS security from EfficientIP, and zero-trust identity from Intercede to help operators secure critical assets while maintaining low latency and high performance.
Threat patterns are evolving rapidly. Mohammed notes a surge in APTs, signaling abuse, API attacks, and IoT-driven DDoS campaigns targeting telecom infrastructure. AmiViz responds with Fidelis XDR for deep threat visibility, Securonix SIEM and SOAR for real-time analytics and automated response, and intelligent network controls to enforce containment. This integrated approach enables operators to detect threats earlier, respond faster, and minimize service disruption.
As telecom becomes part of national critical infrastructure, compliance and sovereignty requirements are tightening. AmiViz supports operators with GRC platforms, BitSight for continuous cyber-risk visibility, Kiteworks for governed data exchange, and AlgoSec for automated policy management. This unified governance approach helps operators maintain regulatory alignment while scaling services securely.
External visibility as the foundation of telecom defense
Meriam ElOuazzani, Vice President for META at Censys, says the region’s connectivity boom has outpaced security planning. Network slicing, edge nodes, and IoT integrations have created new exposure categories that did not exist in previous network generations. “Most operators cannot fully see their own external footprint,” she explains.
Censys provides continuous, adversary-view visibility — the same perspective attackers use. This helps operators identify exposed assets, misconfigurations, and anomalies across their global footprint. The operators getting this right treat external visibility as an operational requirement, not a project.
Threat patterns are shifting dramatically. Most intrusions today are malware-free, relying on stolen credentials and lateral movement. State-sponsored groups like Salt Typhoon and Sandman are running sustained campaigns against telecom infrastructure across the region. Censys helps operators track adversary behavior and spot exposed infrastructure before incidents occur.
With telecom now treated as national infrastructure, Censys provides the “evidence layer” for compliance — continuous visibility into exposure and alignment with regulatory expectations across the Middle East and Africa.
Prevention-first security for distributed networks
Ram Narayanan, Country Manager, Check Point Software Technologies, Middle East, says telecom operators face a dramatically expanded attack surface as 5G, IoT, and edge computing distribute workloads across cloud, core, and edge environments. Check Point’s Prevention-First Hybrid Mesh Security unifies network, cloud, and edge protections under one policy, powered by AI-driven threat intelligence and Exposure Management. This gives operators visibility and control without adding latency or complexity.
Telecoms are increasingly targeted by multi-vector attacks — DDoS, ransomware, supply chain compromises, and cloud/API abuse. Check Point blocks attacks early using AI-powered intelligence, while unified management and automated response help operators contain threats quickly and maintain service continuity.
To meet sovereignty and compliance requirements, Check Point provides centralized visibility, unified policy enforcement, and in-region operations through its Infinity Portal, ensuring operators can audit, report, and enforce compliance without sacrificing performance.
Strengthening telecom resilience with proactive detection and response
Ali AlJuneidi, Regional Sales and Business Development Manager at ESET Middle East, says the expansion of 5G, IoT, and edge computing requires operators to adopt advanced threat detection, endpoint protection, and continuous monitoring. ESET combines contextual threat intelligence with proactive security policies to protect critical infrastructure while enabling next-generation services.
Telecom operators face ransomware, IoT botnets, and supply-chain exploits. ESET enables real-time anomaly detection, automated containment, and rapid recovery through endpoint and network protection. This approach strengthens resilience while supporting uninterrupted service delivery.
As telecom becomes critical national infrastructure, ESET supports compliance and sovereignty requirements with secure, auditable solutions that integrate seamlessly with existing systems — balancing strong security with high performance and scalability.
Securing cloud-native 5G cores and distributed edge environments
Walid Faour, Head of Security Architecture at Finesse, says traditional perimeter security is no longer sufficient for distributed, software-defined telecom networks. Finesse secures cloud-native 5G cores through continuous security validation, API protection, and container/Kubernetes security for virtualized network functions.
To manage IoT and edge risks, Finesse implements zero-trust principles, device identity management, segmentation, and continuous monitoring of IoT traffic for anomalies and lateral movement. Their SOC-led operations provide 24/7 monitoring across signaling, control, and user planes, enabling operators to detect telecom-specific threats such as signaling abuse, fraud, and API exploitation.
Telecom attacks have become quieter and more persistent, targeting HLR/HSS, billing systems, and lawful intercept platforms. Finesse extends visibility into SS7, Diameter, GTP, and HTTP/2, correlating activity with attacker tactics. For compliance and sovereignty, Finesse embeds controls into daily operations and provides regional SOC capabilities aligned with in-country data requirements.
Intelligence-led protection for complex telecom environments
Emad Haffar, Head of Technical Experts for Middle East, Turkiye and Africa at Kaspersky, says telecom operators need intelligence-led security combining real-time threat intelligence, AI-powered detection, and centralized visibility. Kaspersky protects hybrid infrastructure, IoT, and edge environments, including microservices and containerized workloads.
Kaspersky’s Security Bulletin highlights persistent threats: APT campaigns, supply-chain compromises, DDoS attacks, and SIM-enabled fraud. Kaspersky enables operators to detect, contain, and recover from threats through advanced intelligence, real-time monitoring, and purpose-built telecom security solutions.
Telecom networks — especially 5G — are highly sensitive to latency. Kaspersky customizes its solutions to avoid disrupting performance while meeting compliance and sovereignty requirements, ensuring operators protect critical assets without compromising service quality.
Deep packet visibility for real-time telecom defense
Gaurav Mohan, SVP Sales, APAC, India & Middle East, Netscout, says operators need real-time visibility across physical, virtual, and cloud environments as 5G, IoT, and edge computing expand the attack surface. NETSCOUT provides deep packet inspection at scale, giving operators clear insight into how services, devices, and users interact.
Telecom networks are increasingly targeted by large-scale DDoS attacks, IoT botnets, and threats hidden in encrypted traffic. NETSCOUT’s global threat intelligence enables early anomaly detection and coordinated mitigation.
As telecom becomes critical national infrastructure, NETSCOUT helps operators meet sovereignty and compliance requirements by monitoring where critical services run and ensuring sensitive data remains within mandated geographic boundaries.
Intelligent, Secure–by–Design Networks for the Region’s Next Growth Phase
Sahil Dhawan, President and Head – Middle East & Africa Business, Tech Mahindra, says 5G, IoT, and edge adoption require secure‑by‑design networks with protection embedded across the core, cloud, and edge. Tech Mahindra delivers this through zero-trust architectures, AI-driven detection, network-slicing security, and IoT identity controls. He notes rising persistent intrusions, ransomware, 5G-specific exploits, and third‑party risks, addressed through 24/7 SOC operations, automated response, and simulation‑based readiness. As telecom becomes critical national infrastructure, Tech Mahindra supports sovereignty and compliance with sovereign cloud models, data-localization, policy‑based controls, and AI-driven automation via NetOps.ai, ensuring resilient, compliant, high‑performance networks.
A region preparing for its next decade of telecom resilience
The Middle East’s telecom sector is entering a new era — one defined by distributed architectures, AI-driven services, and rising geopolitical risk. As operators modernize, they must secure not only networks but also identities, APIs, signaling layers, and cloud-native workloads.
Across all perspectives, one message is clear: Telecom security is no longer a defensive function — it is a national priority and a foundation for digital growth.