ISPs Need Government Oversight to Reduce Cyber Risk, Says FCC White Paper
Regulatory oversight is a critical part of reducing cyber risk on telecom networks, the FCC Public Safety Bureau said Wednesday. “As the end-to-end Internet user experience continues to expand and diversify, the Commission's ability to reduce cyber risk for individuals…
Sign up for a free preview to unlock the rest of this article
Export Compliance Daily combines U.S. export control news, foreign border import regulation and policy developments into a single daily information service that reliably informs its trade professional readers about important current issues affecting their operations.
and businesses will continue to be taxed,” the bureau said in a white paper. “But shifting this risk oversight responsibility to a non-regulatory body would not be good policy. It would be resource intensive and ultimately drive dramatic federal costs and still most certainly fail to address the risk for over 30,000 communications service providers and their vendor base.” The FCC can’t rely on organic market incentives alone to reduce cyber risk, it said. “As private actors, ISPs operate in economic environments that pressure against investments that do not directly contribute to profit. Protective actions taken by one ISP can be undermined by the failure of other ISPs to take similar actions. This weakens the incentive of all ISPs to invest in such protections. Cyber-accountability therefore requires a combination of market-based incentives and appropriate regulatory oversight where the market does not, or cannot, do the job effectively.” FCC Chairman Tom Wheeler, who steps down Friday, mailed the cybersecurity white paper to Sen. Mark Warner, D-Va. “This whitepaper outlines risk reduction activity engaged in by the Commission during my tenure and suggests actions that would continue to affirmatively reduce cyber risk in a manner that benefits from and incents further competition, protects consumers, and addresses significant national security vulnerabilities,” Wheeler wrote. Earlier, Wheeler was seen as backing off more ambitious cybersecurity plans (see 1611300063).