Communications Industry Advisory Committee to FCC Issues Major Cybersecurity Report

Mar 18, 2015

Reading Time : 2 min

By: Tom W. Davidson, Natasha G. Kohne, Michelle A. Reed, Jennifer L. Richter, David S. Turetsky, Visiting Professor, College of Emergency Preparedness, Homeland Security, and Cybersecurity at the University of Albany

The project was designed to enhance cybersecurity, in part, by providing guidance, tailoring and best practices for the communications industry to assist with implementation on a voluntary basis of the Framework for Improving Critical Infrastructure Cybersecurity established in February, 2014, by the National Institute of Standards and Technology (NIST) for the Department of Commerce which, in turn was developed pursuant to the President’s February 12, 2013, Executive Order 13636, Improving Critical Infrastructure Cybersecurity. The project was also designed to develop voluntary mechanisms to provide assurance that communications providers are taking steps to manage cybersecurity risks. In addition, FCC Chairman Wheeler challenged private sector stakeholders to create a “new regulatory paradigm” of business-driven cybersecurity risk management.  

The voluntary mechanisms to provide assurances that cybersecurity risks are being addressed that are identified in the Final Report include: voluntary meetings of the companies with the FCC and the Department of Homeland Security (DHS), which is the sector-specific agency (SSA) assigned certain relevant responsibilities for the communications sector; certain expanded reporting in the sector annual report that is connected to the DHS role; active participation in a DHS program that emphasizes converging critical infrastructure community resources to support cybersecurity risk management, connecting critical infrastructure stakeholders to the national resilience effort and coordinating critical infrastructure cross-sector efforts. It also calls for availability of the critical communications infrastructure to be a key indicator of cybersecurity risk management. 

The Final Report also includes a series of recommendations for the FCC, including leveraging a variety of resources and capabilities, promoting voluntary collaboration and facilitating threat information sharing, among other activities.  

The Final Report is lengthy and often complex, but is intended to be very helpful to the communications industry in managing cybersecurity risks. It is certainly not a silver bullet—there are none when it comes to cybersecurity—but, at the same time, there may well be a variety of types of cybersecurity, and even legal risks to communications companies that ignore this tool. It will be important for companies of all sizes in these industry segments to review the Final Report and consider, with help if needed, whether and how it can help their cybersecurity risk management decisions. 

The CSRIC serves for two years and today marked the end of the term of the current CSRIC.  The FCC is currently appointing a new CSRIC to advise the FCC on cybersecurity and other public safety and homeland security issues and its charter begins tomorrow.

Share This Insight

Previous Entries

Akin Deal Diary

April 12, 2023

Read More

Akin Deal Diary

2022-12-15

On December 14, 2022, the Securities and Exchange Commission (SEC) adopted amendments regarding Rule 10b5-1 insider trading plans and related disclosures. The amendments aim to strengthen investor protections concerning insider trading and to help shareholders understand when and how insiders are trading in securities for which they may at times have material nonpublic information (MNPI). In light of these amendments, issuers should review and revise, if needed, their insider trading policies and equity grant policies.

Read more.

...

Read More

© 2024 Akin Gump Strauss Hauer & Feld LLP. All rights reserved. Attorney advertising. This document is distributed for informational use only; it does not constitute legal advice and should not be used as such. Prior results do not guarantee a similar outcome. Akin is the practicing name of Akin Gump LLP, a New York limited liability partnership authorized and regulated by the Solicitors Regulation Authority under number 267321. A list of the partners is available for inspection at Eighth Floor, Ten Bishops Square, London E1 6EG. For more information about Akin Gump LLP, Akin Gump Strauss Hauer & Feld LLP and other associated entities under which the Akin Gump network operates worldwide, please see our Legal Notices page.