Broadband Plan’s Proposed Cybersecurity Role for FCC Questioned

Observers questioned the cybersecurity and privacy recommendations in the National Broadband Plan, in a panel discussion at George Washington University Law School late Thursday. The plan calls for a larger cybersecurity role for the FCC, but that might be a reach for the commission, said Jim Harper, the Cato Institute’s director of information policy studies. Just because the FCC handles communications, that doesn’t mean it knows cybersecurity well, he said.

The FCC needs to recognize the complexity of cybersecurity and privacy issues, said Robert Mayer, a USTelecom vice president. Many players are involved, and the threats are often very sophisticated, he said. Cyberthreats are worse than “you realize,” said Dan Caprio, managing director of the McKenna Long & Aldridge law firm. The plan seeks coordination of many agencies, so identifying priorities is much needed, he said.

The FCC will come up with a two-year plan to take on the five greatest threats to communications infrastructure, said Jeffrey Goldthorp, chief of the Systems Analysis Division in the Public Safety and Homeland Security Bureau. Steps can be taken to improve the core communications structure, like having strong authentication and application layers, he said. It can be hard to get a company to take some security steps with getting others to go along, Goldthorp said. “So it has to be harmonized somehow.”

With cyberspace changing constantly, any cybersecurity and privacy measures must be monitored and updated, Goldthorp said. He emphasized the importance of data and information collecting in helping the FCC understand cyberattacks and develop more-effective responses. Having real-time information is key to making fact-driven decisions, he said, adding that the commission and the Department of Homeland Security will work together on an information-reporting system.