FCC Holds Public Workshop and Seeks Comments on Cybersecurity

Created by Rodney J. Petersen (EDUCAUSE) on October 13, 2009

The Federal Communications Commission (FCC) held a Cyber Security and Broadband Workshop to examine the role of cybersecurity as it develops a National Broadband Plan. According to FCC Commissioner Meredith Attwell Baker, "Network security is the most critical issue facing our communications industry."

The first panel addressed the question of "how broadband technologies, tools and innovations can aid in preventing cyber attacks on the nation's critical communications infrastructure". Don Welch, CEO & President of Merit Network, Inc., observed that there is a trade-off between Security, Cost, and Usefulness. The problem, he noted, is is that the return on on investment for security measures is "negative" because the benefit realized is "things that didn't happen." He also warned that it is hard to build support for improved security if it results in the loss of usefulness for end-users. He concluded that the governments role is not to mandate how an organization should conduct its cybersecurity efforts but rather to mandate results, although he acknowledged that establishing security metrics is difficult.

The second panel addressed the question of "how broadband technologies, tools, and innovations can aid in detecting cyber attacks and aid in restoring systems after attacks occur." Philip Reitinger, Deputy Undersecretary for National Protection & Programs Directorate in the U.S. Department of Homeland Security, explained that DHS in partnership with The White House is preparing a cybersecurity incident response plan as recommended in President Obama's Cyber Space Policy Review.

The FCC has also issued a Public Notice seeking comment on the cybersecurity elements of the National Broadband Plan. The Notice asks the following questions about the "survivability of broadband networks and cyber security":

What type of computer-based attacks against government or commercial computer systems or networks (i.e. cyber attacks) are occurring or are anticipated to occur, and what are other federal agencies, commercial, and other entities doing to prevent, detect and respond to cyber attacks?
How are other federal agencies of the United States and other governments collaborating with the communications segment to prevent, detect, and respond to cyber attacks?
What market incentives exist for commercial communications providers, large and small, to invest in secure infrastructure? (i.e., how do we avoid externalities?)
Do end-users have sufficient independent information to make good decisions between communications providers that may differ in the extent to which they implement cyber security measures?
How widely are cyber security best practices implemented by communications providers and what are these best practices?
What are the specific wireless network features and handset features and capabilities necessary to
combat such attacks?

Comments are due on November 12, 2009.

Rodney's blog
Login or register to post comments
19 reads

		FCC Holds Public Workshop and Seeks Comments on Cybersecurity Created by Rodney J. Petersen (EDUCAUSE) on October 13, 2009 The Federal Communications Commission (FCC) held a Cyber Security and Broadband Workshop to examine the role of cybersecurity as it develops a National Broadband Plan. According to FCC Commissioner Meredith Attwell Baker, "Network security is the most critical issue facing our communications industry." The first panel addressed the question of "how broadband technologies, tools and innovations can aid in preventing cyber attacks on the nation's critical communications infrastructure". Don Welch, CEO & President of Merit Network, Inc., observed that there is a trade-off between Security, Cost, and Usefulness. The problem, he noted, is is that the return on on investment for security measures is "negative" because the benefit realized is "things that didn't happen." He also warned that it is hard to build support for improved security if it results in the loss of usefulness for end-users. He concluded that the governments role is not to mandate how an organization should conduct its cybersecurity efforts but rather to mandate results, although he acknowledged that establishing security metrics is difficult. The second panel addressed the question of "how broadband technologies, tools, and innovations can aid in detecting cyber attacks and aid in restoring systems after attacks occur." Philip Reitinger, Deputy Undersecretary for National Protection & Programs Directorate in the U.S. Department of Homeland Security, explained that DHS in partnership with The White House is preparing a cybersecurity incident response plan as recommended in President Obama's Cyber Space Policy Review. The FCC has also issued a Public Notice seeking comment on the cybersecurity elements of the National Broadband Plan. The Notice asks the following questions about the "survivability of broadband networks and cyber security": What type of computer-based attacks against government or commercial computer systems or networks (i.e. cyber attacks) are occurring or are anticipated to occur, and what are other federal agencies, commercial, and other entities doing to prevent, detect and respond to cyber attacks? How are other federal agencies of the United States and other governments collaborating with the communications segment to prevent, detect, and respond to cyber attacks? What market incentives exist for commercial communications providers, large and small, to invest in secure infrastructure? (i.e., how do we avoid externalities?) Do end-users have sufficient independent information to make good decisions between communications providers that may differ in the extent to which they implement cyber security measures? How widely are cyber security best practices implemented by communications providers and what are these best practices? What are the specific wireless network features and handset features and capabilities necessary to combat such attacks? Comments are due on November 12, 2009. Washington Update \| Cybersecurity \| Cybersecurity Policy \| National Broadband Plan Rodney's blog Login or register to post comments 19 reads
		© Copyright 1999-2009 EDUCAUSE Need Help? \| Feedback \| Privacy Policy
	Unless otherwise noted, EDUCAUSE holds the copyright on all materials published by the association, whether in print or electronic form. In certain cases the work remains the intellectual property of the individual author(s) (see Special Circumstances). Content from conference speeches, presentations, blogs, wikis and feeds reflect the opinions of the author, and not necessarily those of EDUCAUSE or its members.