Genachowski on Cybersecurity


As the White House rolled out its cybersecurity framework last week, the Federal
Communications Commission launched its own inititative, initially targeted at
small businesses. FCC chairman Julius Genachowski responded via e-mail to some
questions from Multichannel News Washington bureau chief John Eggerton about the
agency’s role in enforcing broadband security. An edited transcript follows.

MCN: The National Broadband Plan called
for a cybersecurity road map within 180 days,
expanded reporting requirements, a voluntary
certification program, and
working with the Department
of Homeland Security
on a cybersecurity-information
reporting system. What
is the status of those?

Julius Genachowski: We
are working with our partners
across government, as
the plan called for, on cybersecurity
issues. We have taken
steps where appropriate.

MCN: What should the
cybersecurity takeaway advice be for ISPs like
Comcast or Cox, or small cable operators who
are both small businesses and ISPs?

JG: As larger ISPs may better protect themselves,
small businesses, including small
cable operators, are often becoming the low
hanging fruit for cyber criminals. The big
take-away advice from today
is that educating business
owners on simple steps to
protect themselves can go a
long way to helping them secure
their businesses. … The
10 tips we’ve put together is a
great place to start. So is the
new FCC web page devoted to
cybersecurity for small businesses.

MCN: So, this would seem to
argue for an FCC interpretation
of reasonable network management
under the network-neutrality rules that leaves
plenty of room for dealing with malware,
viruses and cyber-attacks?

JG: The Open Internet Order says, ‘Broadband
providers may implement reasonable practices
to ensure network security and integrity,
including by addressing traffic that is harmful
to the network.’ [A] footnote [in the order] cites
‘spam, botnets, distributed denial of service
attacks, worms, malware, and viruses that exploit
end-user system vulnerabilities as threats
[or] harmful traffic that can be blocked].’

MCN: Can and will the FCC make security
breach notifications or advice on personal
cybersecurity part of its transparency requirement
for network-neutrality rule enforcement?

JG: At this point it is undetermined, but in
general, a resilient, reliable and secure communications
infrastructure is vital to safe
online transactions, and the FCC is working
hard to make sure the public communication
networks are hardened and robust.