Home > Networking > Network Security

Computerworld - The National Broadband Plan released by the Federal Communications Commission this week contains several recommendations that are designed to boost the preparedness of communications networks to deal with cyberthreats.

The plan gives the FCC a greatly enhanced role in developing and promoting cybersecurity measures and calls for closer cooperation between the FCC and the U.S. Department of Homeland Security on security matters.

The 360-page broadband plan is a blueprint for modernizing the country's aging communications networks and for delivering broadband services to a majority of U.S. homes over the next decade. It contains six long-term policy goals and other recommendations for ensuring the availability of affordable 100Mbit/sec. service to 100 million U.S. homes, and 1Gbit/sec. service to institutions such as hospitals and schools, by 2020.

While a vast majority of the recommendations deal with building out the communications infrastructure, several touch on cybersecurity and communications networks' ability to survive a cyberattack.

One key recommendation calls on the FCC to develop a cybersecurity "road map" in collaboration with the executive branch. The recommendation gives the FCC 180 days to identify the top five cyberthreats facing the communications infrastructure and to come up with a two-year plan for addressing those threats.

The plan also requires the FCC to enhance its network outage reporting requirements for broadband service providers. The "timely and disciplined" reporting of network outages will help the FCC better understand the causes of cyberattacks and develop more effective responses to them.

One recommendation calls for the FCC and the DHS to collaborate on a cybersecurity information reporting system (CRIS). Currently, the FCC, others government agencies and Internet service providers lack the "situational awareness" needed to identify and respond in a coordinated fashion to large-scale cyberattacks, the plan noted. The FCC and the DHS need to develop an IP network CRIS that would quickly disseminate information to providers about unfolding cyberattacks. The CRIS should be a real-time, voluntary threat-monitoring system, with the FCC acting as a "trusted facilitator" to ensure reciprocal information-sharing among participants in the system, the plan states.

The FCC and the National Communications System will also work on creating priority network access and routing capabilities for broadband users in law enforcement and public safety roles. The goal is to ensure that critical, "time-sensitive, safety-of-life information" does not get lost or delayed because of network congestion issues.

The plan also directs the FCC to explore network resilience and preparedness to deal with simultaneous failure or damage to major network components and facilities. As part of the effort, the agency will examine the ability of commercial networks to withstand major traffic overloads that might result from a bioterrorism attack or a pandemic

The recommendations reflect concern over the perceived susceptibility of U.S. critical infrastructure targets to major cyberattacks. The broadband document refers specifically to the recent attacks on Google and several oil companies as examples of the sort of threats facing the U.S. government and industry. Private sector networks in the U.S. "have been a major target for attacks," the document noted.

"Despite the significant resources that the private sector devotes to cybersecurity, there have been a number of successful attacks on its networks," the document stated, calling for sufficient defenses to protect networks against them.

Jaikumar Vijayan covers data security and privacy issues, financial services security and e-voting for Computerworld. Follow Jaikumar on Twitter at @jaivijayan or subscribe to Jaikumar's RSS feed . His e-mail address is jvijayan@computerworld.com.

Read more about Network Security in Computerworld's Network Security Topic Center.