FCC Wants More Cybersecurity Collaboration, Less Regulation - InformationWeek
Government // Cybersecurity
10:05 AM

FCC Wants More Cybersecurity Collaboration, Less Regulation

In a speech to the American Enterprise Institute, FCC Chairman Tom Wheeler outlined principles for a market based approach.

 Government Data + Maps: 10 Great Examples
Government Data + Maps: 10 Great Examples
(Click image for larger view and slideshow.)

FCC Chairman Tom Wheeler on Thursday laid out his vision of the Federal Communications Commission's role in network security, calling for a more market-based approach, with industry assuming responsibility and leadership.

The new approach he described would be based on collaboration rather than regulation, but Wheeler noted that the FCC still has regulatory authority to back up its goals. "We believe there is a new regulatory paradigm where the commission relies on industry and the market first while preserving other options if that approach is unsuccessful," he said in a speech to the American Enterprise Institute.

In his talk, Wheeler said that changes in technology have outpaced the ability of legislation and regulation to keep up with the new functionality of the world's communications networks and the threats facing them.

[Drones overhead? Read FAA Approves First Commercial Drone Flight Over Land.]

The companies operating those networks "must step up to assume new responsibility and market accountability for managing cyber risks," he said. "This begins with private sector leadership that recognizes how easily cyberthreats cross corporate and national boundaries."

Although the FCC's charter is to promote public safety and the national defense through protection of the nation's communications systems, the rapid evolution of the Internet is being driven by commercial incentives and innovation, and these same drivers are more readily adapted to meeting rapidly evolving threats, Wheeler said. "This new paradigm must be based on private sector innovation, and the alignment of private interests in profit and return on investment with public interests like public safety and national security."

Tom Wheeler (Source: FCC)
Tom Wheeler (Source: FCC)

Although the chairman took pains to assure listeners that he was not advocating new regulations for the Internet, he said that the Commission already has authority under existing law to exercise its responsibilities, even if the technology has changed since the law was written.

The technology has changed. The Communications Act was last updated in 1996, an Internet lifetime ago, and the traditional "prescriptive regulatory approach" no longer is adequate to address advances such as mobile Internet-connected devices and all-IP communications, Wheeler told the audience. But the traditional approach remains an option if the new paradigm fails.

Spearheading development of a collaborative security framework for the FCC will be chief of the Public Safety and Homeland Security Bureau Admiral Dave Simpson and chief counsel for cyber security Clete Johnson. The effort will build on existing efforts, such as the Framework for Improving Critical Infrastructure Cybersecurity, released earlier this year by the National Institute of Standards and Technology, which will be adapted for the communications sector. The commission also will leverage its work with existing Information Sharing and Analysis Centers and examine legal and practical barriers to sharing threat and attack information.

Wheeler said FCC cyber security policy will be guided by four broad principles:

  • A commitment to preserve the freedom and openness of the Internet
  • A commitment to privacy, which is essential to consumer confidence
  • A commitment to cross-sector coordination, rather than silos of security
  • A multi-stakeholder approach to global Internet governance

"We will oppose any efforts by international groups to impose Internet regulations that could restrict the free flow of information in the name of security," Wheeler said.

Programs established under the new policy must be "demonstrably effective," which will require transparency and the ability to show that policies and actions work in the real world, he said. "Companies must have the capacity to assure themselves, their shareholders and boards -- and their nation -- of the sufficiency of their own cyber risk management practices."

New standards, new security, new architectures. The Cloud First stars are finally aligning for government IT. Read the Cloud Hits Inflection Point issue of InformationWeek Government Tech Digest today.

William Jackson is writer with the <a href="http://www.techwritersbureau.com" target="_blank">Tech Writers Bureau</A>, with more than 35 years' experience reporting for daily, business and technical publications, including two decades covering information ... View Full Bio

Comment  | 
Print  | 
More Insights
Newest First  |  Oldest First  |  Threaded View
David F. Carr
David F. Carr,
User Rank: Author
6/13/2014 | 11:14:18 AM
What's your bet?
Will the FCC give industry-led cybersecurity a chance to succeed before adding more regulation?
How Enterprises Are Attacking the IT Security Enterprise
How Enterprises Are Attacking the IT Security Enterprise
To learn more about what organizations are doing to tackle attacks and threats we surveyed a group of 300 IT and infosec professionals to find out what their biggest IT security challenges are and what they're doing to defend against today's threats. Download the report to see what they're saying.
Register for InformationWeek Newsletters
White Papers
Current Issue
2017 State of the Cloud Report
As the use of public cloud becomes a given, IT leaders must navigate the transition and advocate for management tools or architectures that allow them to realize the benefits they seek. Download this report to explore the issues and how to best leverage the cloud moving forward.
Twitter Feed
InformationWeek Radio
Archived InformationWeek Radio
Join us for a roundup of the top stories on InformationWeek.com for the week of November 6, 2016. We'll be talking with the InformationWeek.com editors and correspondents who brought you the top stories of the week to get the "story behind the story."
Sponsored Live Streaming Video
Everything You've Been Told About Mobility Is Wrong
Attend this video symposium with Sean Wisdom, Global Director of Mobility Solutions, and learn about how you can harness powerful new products to mobilize your business potential.
Flash Poll