The greatest risk to the future of telecommunications may not be a lack of innovation, but a failure to secure the foundations we already have. That was the powerful, clear warning delivered by mobile telecoms and security specialist David Rogers during his keynote address at LATRO's recent one-year anniversary event in Lusaka. 

Speaking remotely from the UK, Rogers, the former Chair of the GSMA Fraud and Security Group, delivered a sobering assessment of the industry’s current trajectory, arguing that the security "debt" carried from legacy networks, coupled with the rising tide of non-deterministic AI orchestration, presents an existential threat to mobile operators. 

Rogers structured his argument around two compounding problems facing mobile network operators (MNOs) globally: 

1. The Cost of Legacy Security Debt 

The success of GSM and its backwards compatibility features (meaning a 5G device can fall back to 2G) has created an enduring vulnerability. Rogers highlighted that many current attacks, such as SMS blasters and sophisticated signaling attacks, exploit flaws in older, un-updated 2G and 3G authentication protocols. 

This failure to address basic flaws—such as default passwords on network equipment—constitutes significant "security debt." Like technical debt, this debt requires severe maintenance costs or, worse, results in a catastrophic breach when multiple vulnerabilities line up—a scenario he illustrated using the Swiss Cheese Model of risk management. 

2. Virtualization and Loss of Control 

A second major risk stems from the shift toward network virtualization and reliance on cloud hyperscalers. As MNOs move away from in-house engineering and rely on vendors to manage the core technical network, they lose critical control over their own infrastructure. 

This decentralization of control makes it exponentially harder for MNOs to properly defend their networks, creating reliance on external parties who may not prioritize the MNO’s immediate security needs. 

Rogers made a specific point about cautioning against the industry’s rapid push toward integrating non-deterministic Generative AI (LLMs) into core network management. 

While companies are touting billions in savings by using LLMs for operations and maintenance (O&M) and workflow optimization, Rogers called the prospect of fully autonomous, AI-orchestrated networks a "big risk." 

• The Problem of Non-Determinism: Unlike traditional, safety-critical systems that demand deterministic (yes/no) behavior, LLMs are creative and non-deterministic. Even with guardrails, there is always the potential for a command to be generated that is incorrect, destructive, or causes human harm. 

• The Human Weakest Link: Attackers are moving away from technical network breaches to targeting users—the authorized entities—through hyper-automated phishing and social engineering. 

For LATRO’s partners in Zambia and across Africa, the challenge is amplified, as 2G/3G services are often crucial for connecting rural or low-income populations. Addressing a question from the MTN Zambia Information Security team, Rogers agreed that Africa must continue to invest in securing these legacy systems because they are "here to stay" and are seen by criminals as "low hanging fruit." 

However, looking ahead, Rogers advocates for a "logical clean break" for 6G security design. Instead of fully breaking compatibility, he proposed treating older networks as a hostile environment, implementing a "zero trust" policy for all legacy connections to protect newer systems. 

To ensure AI systems are safe, the industry must apply fundamental security practices to the models themselves: 

• Assure training data sets and protect the integrity of model weights. 

• Use Alan Turing’s concept of assertions—pre-defined checks against known facts—to prevent AI from issuing dangerous, factually incorrect commands (e.g., an LLM talking about a base station that doesn’t exist). 

• Minimize the attack surface by only allowing necessary inputs (e.g., not allowing image input into a text-only system). 
  

Mr. Rogers's insights validate LATRO’s core strategy in Zambia: to stabilize and secure the present so our partners can build the future. Our work in Telecom Application Managed Services (TAMS) ensure MNOs can rely on vendor stability and operational integrity—reducing technical debt. 

To catch up on all the strategic discussions from the event, including the official address by Hon. Felix C. Mutati, MP, Minister of Technology and Science, and the full details of our local commitment: 

Read the full press release and media coverage recap on our blog

Want to hear David Rogers's full 30-minute address on the future of 6G security, AI orchestration risks, and the imperative for Zero Trust on legacy networks?