Ray Le Maistre, TelecomTV (00:05):
So we're at FutureNet World 2026 in London. I'm here with Max Gasparroni. He is Chief Technology and Security Officer at Fastweb and Vodafone, the Italian operator. Max, thank you very much for joining us today. Great to see you again.

Max Gasparroni, Fastweb + Vodafone (00:20):
Thank you, Ray.

Ray Le Maistre, TelecomTV (00:21):
So you have been here on a panel talking about the evolution of cybersecurity strategies in the AI era, essentially. And there were some interesting discussions about how to view security as AI becomes more used, not only by operators, but also of course by the threat actors. So to what extent is AI an opportunity for you to help defend your systems, your data, your customers, and how much of it is a threat?

Max Gasparroni, Fastweb + Vodafone (01:01):
Yeah. For us, AI is both an opportunity and a threat. An opportunity because with AI we can be much more effective in designing autonomous networks that can react very quickly to threats — at a speed that humans cannot match. But at the same time, and unfortunately this comes earlier in terms of timeline, is the threat. Because we see what's happening with the agentic models, with the ChatGPT and other cyber-focused models. They can effectively analyse code very quickly, identify vulnerabilities, and write up simple scripts that can exploit those vulnerabilities. And the legacy infrastructure that we have in the telco market is effectively a big threat, as it's going to take time for us to adapt and modernise the way we design and architect the network in order to be safer.

Ray Le Maistre, TelecomTV (01:59):
Is there anything more that you can do to protect those legacy systems right now? Or is it just a case of firefighting constantly to make sure they're not breached?

Max Gasparroni, Fastweb + Vodafone (02:12):
It's a great point. So what we are doing — we've been working on this topic for quite some time — is identifying the measures where we can spot and contain threats that are not the traditional threats like a DDoS attack that you realise straight away. These are threats from AI agents that can move laterally between different systems and go almost undetected, because they don't just enter the system openly — they make very small shifts in the telemetry data. So we need to start working with the existing vendors that we have for EDR systems, IAM systems, DLP systems, and so on, and say: look, how can you evolve these tools? Because these are the tools we currently have to spot, identify, and protect. And in the interim, start devising effective mitigation playbooks for when certain circumstances and scenarios play out.

(03:16):
This is the interim approach. And then in the future, as we design the new network, this is going to become more automated. So when we spot a threat, the network will automatically shut down that particular portion, and we'll build with resilience in mind — so that the network functions can redistribute to other areas of the system that are not affected.

Ray Le Maistre, TelecomTV (03:35):
This is a challenge that operators all over the world are dealing with, so it's not a problem unique to any one operator. And at the same time, everybody is learning about how to use AI in new ways to protect themselves and build these playbooks. Is there any way that these can be shared? What kind of processes or conversations are there between operators about best practices — both with legacy systems and for using AI?

Max Gasparroni, Fastweb + Vodafone (04:06):
That's another great point, Ray, because what we believe is that we need to work together as an industry — and not just telco, because we are one of the vital infrastructures. There are many others, like energy, finance, banking, and so on — to understand how we can protect ourselves and how we can, in time, have systems that can cope with this transformation of infrastructure from a traditionally very monolithic approach to a much more software-defined, cloud-native, and open one, with sensitive information scattered across different systems. But in the interim, we need to work together — and also together with the regulators in Europe, in the UK, with the European Commission, and so on — because some of these measures, like NIS2 and ENISA guidelines, are essential and we need to embed them as a hygiene factor in our processes. But they also need to be dynamic. They need to be dynamic in their prescriptions and recognise that prescriptions that were being formulated two or three years ago no longer apply, because AI has had a much faster and greater impact than was anticipated.

(05:22):
The next wave is going to be quantum computing, and it is going to hit our systems much sooner than many believe. So if regulators start delivering and enforcing prescriptions that are not effective in combating the biggest risks, they risk that operators like us, or telco and financial institutions, are going to divert their energy — their resources, and it's not just money, it's also people, because there is a finite pool of expert people who can do these things — into the wrong direction. So we need to work together, understand the landscape, and be able to change course and take the most effective actions very quickly.

Ray Le Maistre, TelecomTV (06:06):
And I was going to come onto the people factor in a minute, but you've mentioned it now. For years there was always the sense that security within telcos is something everybody talks about, but maybe nobody really wants to invest in or build the teams for. And now there's almost a sense that AI can automatically protect networks and systems and data, and fight the AI that's trying to attack it — but it's not really like that, is it? Is there still a need for more humans on the ground to work with the AI systems to help protect networks, data, and customers?

Max Gasparroni, Fastweb + Vodafone (06:48):
Unfortunately, absolutely yes. The era when agents automatically — the good agents fighting the bad agents — is still a few years ahead. At the moment, we need very good and knowledgeable people who know how to secure the network, how to deploy these agents, how to manage agent identity, how to understand and inventory the estate, build on zero trust principles, and give authorisation to both insiders and outsiders to perform only the functions they are required to perform — nothing else. That's one of the primary principles of zero trust, and it puts us on a journey. AI and automation will be absolutely essential, but they will first need to be architected by experts. So it's going to be several years still before we see everything automated. Human oversight, responsibility, and accountability are going to be there and are going to be crucial for years to come.

Ray Le Maistre, TelecomTV (07:54):
So that's good news for us humans — that human context is still required in all of these scenarios. Now, another big topic here at this event, and across the industry as well, is sovereignty and how it plays into the strategies of network operators and service providers. How are sovereign strategies and sovereign services playing into what you can help your customers with, and also how does it impact your security strategy?

Max Gasparroni, Fastweb + Vodafone (08:31):
For us it's a big aspect of our strategy. We are strong believers in this. We were one of the first in Italy to deploy our own GPU infrastructure that is self-contained. We have our own LLM models that we are using for our own B2B customers and for ourselves internally. Why do we believe that sovereign cloud is important? Because all of these models will need to be run by every industry — including ourselves — to test and fix vulnerabilities. And most customers know how sensitive their systems and data are. So they will want to run these models to check integrity, fix vulnerabilities, and so on, from a cloud that they can trust — one that is self-contained and hosted by a trusted operator, with secure connectivity back to their systems. So we are really betting that this is what enterprises will want to do — how they will want to run the tools that check, spot, and fix vulnerabilities.

Ray Le Maistre, TelecomTV (09:32):
Okay. So with an enhanced SLA, I'm sure as well.

Max Gasparroni, Fastweb + Vodafone (09:36):
Absolutely, right.

Ray Le Maistre, TelecomTV (09:37):
Okay, excellent. Well, I can sense that there's going to be a lot more talk about what sovereignty means for telcos, for enterprises, and for governments as this year goes on — particularly in Europe where it's such a hot topic. So I hope we can come back and talk about this again later in the year and find out what's happening at Fastweb and Vodafone. Max, great to talk with you today. Thanks so much for joining us.

Max Gasparroni, Fastweb + Vodafone (10:03):
Thank you so much. A pleasure to be here.