As telecommunications networks evolve with 5G and cloud-native architectures, security threats are becoming more sophisticated and AI-driven. In fact, Nokia’s Threat Intelligence Report 2025 finds that over 70% of telecom security leaders prioritize AI and machine learning-based threat analytics and over half plan to roll out AI-driven detection capabilities within the next 18 months.
A recent ABI Research study further bolsters this finding by assessing how 100 telecom firms view and use Generative Artificial Intelligence (GenAI). The results underscore that operators are rapidly adopting generative AI to automate threat detection, streamline security workflows and counter adversarial AI attacks. The industry is leveraging advanced analytics and automation to boost operational resilience—while emphasizing the importance of strong governance, compliance, and human oversight as these technologies mature.
The Risk from Adversarial AI
Increasingly, AI has become more adversarial, with top attacks including AI-generated social engineering, deepfakes and identity fraud /theft. For instance, in late 2024, the Chinese-sponsored threat actor Salt Typhoon infiltrated major U.S. broadband networks in North America and Europe, exploiting vulnerabilities in core network components. Also, groups such as Charcoal Typhoon, which focuses on entities within Taiwan and other regional targets, have successfully weaponized AI, harnessing Large Language Models (LLMs) to finesse social engineering efforts. The number of deepfakes, aided by GenAI’s ability to create realistic, synthetic content, has jumped from 500,000 in 2023 to a projected 8 million in 2025.
These sophisticated cyberattacks, fueled by GenAI, has prompted telcos to use similar tools to fight fire with fire. ABI Research reports that more than 65% of surveyed telcos already pilot or use GenAI in their security operations, calling it “the next frontier for security empowerment.” The majority of respondents said they expect to integrate AI into their security operations in less than a year.
Too Much Unstructured Data, Too Many Tools
Despite its promise, GenAI creates multiple challenges to telcos’ security operations, with 76% of respondents reporting difficulty extracting actionable insights from massive, unstructured log data. In addition, 70% of telco firms reported high false positive rates that overwhelm security teams with noise, while 67% said they still depend on manual workflows for incident triage and resolution.
Operators also point to other obstacles to leveraging AI to bolster their networks; among them, too many security tools, generating too much data, and not enough manpower to support them. The survey found that 63% of operators use between 11 and 30 different cybersecurity tools in their SOCs, or security operations centers.
GenAI Sweet Spots in Telco Security
When respondents were asked where they believe GenAI can have the biggest impact, they highlighted three “sweet spots” — threat detection, threat intelligence analysis and event correlation across tools. Combining these capabilities with GenAI automation and triage will enable security personnel to quickly bridge the gap between threats presented by cybersecurity actors. Operators already recognize that when it comes to data pattern recognition and automation, GenAI delivers much faster analysis than other technologies available today. That’s particularly true in the case of large and complex datasets pulled from security tools.
Trustworthiness is Key
While still an emerging technology, GenAI shows significant promise for telco firms’ network infrastructure, but success depends on trust — trust in human oversight and approval with analyst engagement. Using GenAI in a way that’s compliant with telco regulations will require telcos to automatically verify audit trails and perform detailed logging.
Not surprisingly, telco respondents rated privacy and confidentiality concerns on data collection and usage as top challenges to adopting and successfully rolling out GenAI, followed closely by data sovereignty concerns and requirements.
Clearly, telco operators must move toward autonomous network security assurance while embedding intelligent protection directly into the network fabric. GenAI represents the right approach to achieve this assurance, as long as telcos embrace AI governance, regulatory compliance and transparency.
Microsoft & Nokia: The Partnership Model to Deliver this Future
Microsoft and Nokia bring powerful GenAI-enabled security to operators — integrating AI and automation to help telecom firms protect against complex security threats. Nokia’s security orchestration software, Netguard Cybersecurity Dome, offers a suite of security services, featuring cross-layered detection and response across endpoints, networks, cloud and email. It leverages Microsoft Azure’s robust cloud infrastructure to provide a scalable, AI-driven cybersecurity solution. Combined, the partners deliver a flexible solution that can address the unique security requirements of modern telcos.
Register Today for the Nokia Security Circle
Learn more about the cyber threat confronting telcos and the role of GenAI at the Nokia Security Circle event sponsored by Microsoft on Nov. 4th This virtual telecom security summit explores the security challenges facing telecom networks and ways GenAI is strengthening their 5G operations. For more information, visit the Nokia Security Circle registration page.