The recent decision by the Global Coalition on Telecoms (GCOT) to publish security and resilience principles for 6G marks a significant shift in how governments are approaching next-generation telecommunications infrastructure.
The coalition – including the United States, United Kingdom, Australia, Japan and Canada, joined by Finland and Sweden – represents countries that both shape global telecom standards and operate some of the world’s most advanced mobile networks. Their coordinated approach signals that securing 6G is being treated as a matter of national resilience and critical infrastructure protection, not simply a technology upgrade.
The principles themselves emphasize clear security and resilience objectives for future 6G systems: containment, confidentiality, integrity, resilience and regulatory compliance. In practice, that means networks must be engineered so malicious actors cannot easily propagate through the environment, while ensuring data integrity, secure external interfaces and continuous authentication between network functions. This reflects a broader industry shift toward zero-trust architectures, where every device, service and workload must be authenticated and authorized before interacting with critical systems.
The guidelines also highlight the growing importance of secure supply chains, observability across network layers and resilient failover mechanisms, including the ability to reroute traffic across alternative networks during disruption. These requirements align closely with emerging regulatory frameworks such as the EU’s NIS2 Directive, the UK’s telecom security framework enforced by Ofcom, and similar resilience initiatives led by the U.S. Federal Communications Commission and partners across the Indo-Pacific.
The coalition’s emphasis on security-by-design also reflects a longer-term challenge: preparing telecommunications infrastructure for emerging threats, including AI-driven attacks and the transition to quantum-resistant cryptography. With more network functions becoming virtualized, disaggregated and AI-native, identity becomes the new perimeter. In these software-defined environments, governance across humans, machines and emerging AI agents will determine whether networks remain resilient at scale. Embedding strong identity governance, least-privilege access controls and cryptographic resilience into 6G standards now ensures that the next generation of mobile networks is built on a foundation of trust rather than retrofitted security.
Join our LinkedIn group Information Security Community!
