Put an end to guesswork, writes Nathan Howe, Global VP of Innovation, Zscaler, and secure cellular connectivity by adopting zero trust
Every day, a vast number of cellular-connected devices or things—from smart lighting sensors to mission-critical industrial systems or even vehicles—communicate silently across public and private networks. Often, this happens without the awareness or oversight of the organisations that own them.
These devices or things operate beyond the reach of traditional security tools, creating dangerous blind spots in enterprise defences. While many people assume mobile networks are inherently secure regardless of whether you can see all the things connected to them or not, the reality is far more complex—and this leaves organisations far more vulnerable than most realise.
And so it begs the question, do you know what your organisation’s cellular connected things are doing right now? And the follow up, is it what they should be doing?
Outdated assumptions, invisible threats
Many organisations believe that once a device or thing connects to a cellular network, it’s automatically under control. In reality, active SIMs can transmit data freely across borders and networks with minimal visibility or restriction. This false sense of security exposes businesses to compliance violations and cyber threats, especially when location-based or behavioral policy enforcement is required.
Although mobile carriers do offer some network level protections, they’re not necessarily tailored to the specific applications or sensitive data these devices can handle. Cellular endpoints often run multiple software components, generating outbound traffic that traditional tools can’t see or manage. Without visibility into what these devices are doing or transmitting, security teams cannot detect unusual activity, enforce access policies, or respond effectively to emerging risks. Instead, the implicit trust in mobile connectivity expands the attack surface, increasing risk and causing operational issues.
To compensate, organisations often fall back on legacy security solutions—firewalls, VPNs, and backhaul networks—that add complexity and cost without delivering the real-time, granular control modern environments demand. Once connected, the things are still allowed to communicate too freely, violating proactive zero trust principles that require strict verification of every interaction and full visibility across the network. With protection under more scrutiny and pressure than ever before, this is a scenario that organisations simply cannot afford to let continue.
Visibility by design, not by patchwork
True protection starts with visibility. Knowing exactly what your cellular things are doing is the foundation for securing mobile and IoT environments in an increasingly sprawling, connected world.
Gaining this knowledge requires a zero trust solution that can route all device traffic through a unified platform, delivering real-time inspection and policy enforcement of every single data packet at the edge. Rather than having to wait for traffic to reach a network hub or firewall before it can be evaluated, this complete transparency means businesses can see exactly where each device connects from, what it’s communicating with, and how security policies should be applied to it in real-time, all before any data leaves the device. This is what we at Zscaler call ‘visibility by design’.
Cellular control made simple
Beyond visibility, bringing zero trust to devices that previously operated in a blind spot enables organisations to make the vital shift from blind trust in mobile networks to informed control over every connection.
Integrating connectivity and zero trust security means there’s no need for complex infrastructure or manual configuration. Security is embedded at the SIM or eSIM level, enabling precise, context-aware controls based on identity, location, behaviour, or risk. For example, a SIM can be restricted to operate only within specific countries or regions, preventing unauthorised roaming or data exfiltration. Anomaly detection can flag or block suspicious activity such as attempts to access disallowed resources or connect from unexpected locations, ensuring consistent protection across the globe without operational overhead.
Built-in protection that moves with you
The granular level of control zero trust provides empowers businesses to define precisely what needs protection — be it a Cloud app, IoT sensor, EV charger, or any sort of vehicle — and then enforce that built-in protection no matter where the device travels to.
This isn’t theoretical—it’s already transforming industries. In transportation, for example, Zscaler Cellular is implemented with a major rail operator to secure sensor data and rolling stock movement across North America. Whether a train is crossing Mexico, the US, or Canada, the protection layer stays consistently in place, eliminating network-specific complexity.
In manufacturing, global enterprises are using this new approach to shield ERP systems and enable secure, uninterrupted access to critical data on the factory floor via hand scanners and tablets, which are all governed by zero trust policy-based controls.
Infrastructure monitoring is another activity seeing real impact from zero trust everywhere protection. Sensors embedded in buildings and bridges are being secured via this approach to ensure data integrity and continuous service availability. With multi-carrier failover and unified security, organisations stay resilient against outages, cyberattacks, and interference.
The end of network guesswork
Visibility understands the need. Control sets the rules. Protection enforces them. With zero trust cellular oversight, organisations gain a powerful layer of defence that governs every connection—no matter where it originates or ends. This enables them to confidently deliver on the promise of ubiquitous, secure connectivity—anywhere, on any device, with every asset protected. This is not cellular security assumed—it’s cellular security built in.
Nathan Howe is Vice President, Emerging Technology & 5G at Zscaler, where he is in charge of developing security strategy for 5G. As a digital transformation and telecommunications expert, he’s assisted hundreds of enterprise customers seamlessly modernise their environments adapting to distributed workforces Cloud migrations and standing up private 5G networks. He has +20 years of experience in the security industry, and previously worked for Nestle & Verizon.
There’s plenty of other editorial on our sister site, Electronic Specifier! Or you can always join in the conversation by visiting our LinkedIn page.
