Cyber Security Certification Program for Communications Service Providers
The Federal Communications Commission (FCC) adopted a Notice of Inquiry (NOI) that seeks public comment on the proposed creation of a new voluntary cyber security certification program that would encourage communications service providers to implement a full range of cyber security best practices. This National broadband Plan recommendation serves as a first step to implementing a comprehensive roadmap to help counter cyber attacks and better protect America's communications infrastructure.
Enhancing the cyber security of the nation's infrastructure is critical to the proper functioning of communications networks serving America's financial institutions, national energy grid, medical institutions, educational system, and public safety. Yet, broadband communications networks are susceptible to malicious attack. Despite the increasing threat of cyber attacks, many communications end-users do not consider cyber security a priority. In 2008, a Data Breach Investigations report concluded that 87-percent of cyber breaches could have been avoided if reasonable security controls had been in place.
The goals of a voluntary cyber security certification program would be to:
- Increase the security of the nation's communications infrastructure;
- Promote a culture of more vigilant cyber security among participants in the market for communications services; and
- Offer consumers (or end-users) more complete information about their communication providers' cyber security practices and ability to better protect their personal computer hardware and online activity from cyber attacks.
The NOI seeks comment on a voluntary certification program under which private sector auditors or the FCC would conduct security assessments of participating communications service providers' networks, including their compliance with stringent cyber security practices developed by a broad-based public-private partnership. Providers whose networks successfully completed this assessment would then be able to market their networks as complying with these FCC network security requirements.
Cyber Security Certification Program for Communications Service Providers PS Docket No. 10-93 (read the NOI) Statement (Chairman Genachowski) Statement (Commissioner Copps) Statement (Commissioner McDowell) Statement (Commissioner Clyburn) Statement (Commissioner Baker)