The requisite complexity of mobile network infrastructure and services creates layers of vulnerability for operators—from exposures stemming from backward compatibility to common IT risks to those stemming from human errors like misconfigurations. With the increasing use of cloud, virtualization, and a growing exposure - the mobile network attack surface will continue to evolve and expand. This document discusses today’s end-to-end security needs for mobile network operators (MNOs) and provides some general guidance that can be applied to each of the operator’s domains.