CTIA: Base FCC Cybersecurity Rules on NIST Framework
CTIA expressed concerns about cybersecurity rules in the proposed 5G Fund (see 2403200071) and Alternative Connect America Cost Model rules. In a filing posted Monday in docket 22-329, CTIA said its concerns extend “insofar as these rules and proposals are…
Sign up for a free preview to unlock the rest of this article
If your job depends on informed compliance, you need International Trade Today. Delivered every business day and available any time online, only International Trade Today helps you stay current on the increasingly complex international trade regulatory environment.
not harmonized with other federal approaches, such as the Broadband Equity, Access, and Deployment program, and go beyond a requirement to align cybersecurity risk management plans” with the National Institute of Standards and Technology’s cybersecurity framework (CSF) version 2.0. The CSF “is the best vehicle through which to facilitate robust cybersecurity programs: it is well understood by industry and critical infrastructure organizations, it is flexible, and it is future-proof,” CTIA said: “It includes informative references to a range of ‘standards, guidelines, and practices’ to achieve the outcomes laid out in its Functions and their associated Categories and Subcategories, while recognizing that there is no one-size-fits-all approach that is appropriate for cybersecurity risk management in an area as dynamic as cybersecurity.” In addition, the CSF has “international reach and understanding, which is important in an increasingly global cybersecurity environment,” the group said.