Protecting our customers from cyber threats across Europe and Africa

In this interview, we speak to Laura Iglesias, Head of Cyber Security for seven of Vodafone’s European markets, and Thelma Kganakga, Managing Director for Cyber Security at Vodacom, who are shaping digital security across Europe and Africa respectively.

With decades of combined experience in IT and cyber security, Laura and Thelma lead strategic efforts to protect Vodafone’s operations and customers, while also influencing the broader industry through international recognition and advisory roles.

Their insights reflect a deep commitment to resilience, innovation, and collaboration in an increasingly complex digital landscape, with one simple aim: protecting our customers.

Welcome Laura, Thema - it’s so great to be chatting with you both! To kick things off, what does protecting our customers mean to you?

Laura: It’s about more than just safeguarding data; it’s about earning and keeping our customers’ trust.

Our ambition is to stay ahead of threats, be transparent, and always look for ways to improve. We want our customers to feel safe and confident in a digital world that’s always changing.

We’re constantly working towards a secure, connected future where every product, service and interaction is built with privacy, security and resilience at its heart. And this isn’t just one team’s job, it’s something we all take seriously across Vodafone, whether it’s through our Cyber Code or the community-led initiatives we support.

Thelma: I completely agree - delivering services and products that our customers trust is the foundation of every digital experience.

At Vodacom, cyber security goes beyond just defending systems. It’s about making sure millions of people across Africa can connect, transact and innovate with confidence. We build security and privacy into every layer of our tech, from mobile devices to the cloud, so protection isn’t just added on, it’s built in. It’s proactive, it’s human-centred, and it’s part of everything we do.

How is the threat landscape evolving?

Laura: The threat landscape is changing fast. A cyber attack in one country can ripple across the whole continent. Reports like ENISA’s Threat Landscape 2025 show just how common DDoS (Distributed Denial of Service), ransomware, and phishing attacks have become. We’re seeing a rise of highly skilled threat actors going after critical infrastructure and supply chains, whether for espionage or just to cause disruption.

We’re constantly tracking these shifts. We adapt our control frameworks and awareness programmes to stay ahead, making sure we’re resilient no matter what comes our way.

Phishing and identity-based attacks are some of the most significant threats our customers across Europe now face. They’re inventive, fast-moving, and often hard to spot, especially because they play on human behaviour.

We’re tackling this with a layered approach: technical controls like multi-factor authentication and endpoint protection, paired with awareness campaigns that help both customers and employees recognise and protect themselves from threats.

Thelma: As a telecommunications provider across two continents, with global networks, we work together in a unified cyber security team and operations. Meaning we can work and learn together to protect customers. In Africa, the digital growth is phenomenal - fintech, mobile banking, e-commerce - it’s all driving inclusion like never before. But with that growth comes risk. We’re also seeing more targeted attacks now, especially around identity, APIs, and supply chains.

As our digital ecosystems mature, threats like ransomware, data breaches, and even nation-state activity are becoming part of our reality too. That’s why we focus on continuous visibility and intelligence sharing. Collaboration across Vodacom and the wider Vodafone Group is key to staying ahead of these evolving threats.

Given the rise in Africa’s mobile-first economies, what’s the biggest threat facing our customers, and how are we making prevention both secure and accessible?

Thelma: Similar to Laura’s insight for Europe, identity compromise is a key concern, especially through social engineering, SIM swap fraud, and phishing that targets mobile financial services. These attacks go after the trust between telecoms, banks, and citizens.

To counter this, we’re investing in customer education, digital identity protection, and fraud-prevention partnerships across the ecosystem. We build security into every stage, from app development to AI-powered anomaly detection, so customers get both safety and a seamless experience.

What lessons have you learned from other regions that could be applied globally?

Laura: One of the biggest lessons we’ve learned is the power of sharing. Our cyber teams across the globe are constantly swapping ideas, from a great awareness campaign in Portugal to a smart technical fix in Turkey or even how to adapt to new regulatory environments. We make sure those wins are shared and scaled across the group. That kind of collective learning really boosts our global resilience. We believe in collaboration across Vodafone and with our peers in other telecommunications companies.

Thelma: Absolutely. Europe’s experience with regulation, like GDPR and NIS2, has shown us that strong governance doesn’t have to slow down innovation. We’re applying that mindset to Africa’s fast-growing digital space, building in privacy and resilience from the start.

Africa also has a lot to teach. We work in environments where connectivity is essential, not optional. Our ability to secure high-volume, high quality, low-cost services for millions of people is a real strength, and it’s something the rest of the world can learn from when building inclusive and efficient digital infrastructure.

How do you stay one step ahead of emerging threats, all while ensuring your teams maintain strong day-to-day resilience?

Laura: We invest in threat intelligence and run regular simulation exercises. We track new vulnerabilities, study how threat actors operate, and proactively look for weak spots in our environment. We try to anticipate or respond quickly to new threats.

But it’s not just about tech - it’s about people. We work closely with our Technology and Business teams to prioritise the right risks, always keeping our customers in focus.

Resilience isn’t just reacting to incidents; it’s about being ready to absorb them and bounce back stronger. That’s why we’ve built a culture where everyone knows their role in keeping our customers safe.

Thelma: I couldn’t agree more. For us, cyber resilience is all about staying vigilant while continuing to innovate. We use data-driven threat intelligence, predictive analytics, and red-blue-purple teaming to simulate real-world attacks.

At the same time, we’ve built a security-first culture where every employee is empowered to be a cyber guardian.

Day-to-day resilience comes from doing the basics well: patching, monitoring, and being ready to respond.

Working together for borderless defence

From Europe to Africa, Laura and Thelma show us that (protecting customers) being Guardians of Connectivity means more than just defending networks, it’s about building trust, driving collaboration, and staying resilient.

Their people-first approach proves that with the right mindset and teamwork, we can stay ahead of threats and shape a secure, inclusive digital future.

Want to know more?

Find out how we’re protecting customers from the frontline here.

Learn more about how we’re protecting our network and why it matters here.

Learn how we prioritise cyber and information security in our Cyber Security Factsheet .