Last week Rep. Clarke (D,NY) introduced HR 1335,
the Cybersecurity Responsibility Act of 2017. The bill would require the FCC
to issue rules providing cybersecurity requirements for communications
networks.
Communications Security
Section 2 of the bill would require the FCC to “issue rules
to secure communications networks through managing, assessing, and prioritizing
cyber risks and actions to reduce such risks” {§2(a)}. It also requires that those rules would
establish that communications networks would be considered critical
infrastructure and that information submitted to the FCC and DHS about such
networks would be protected as Critical
Infrastructure Information.
The key term in this bill is ‘communication network’. The
bill provides a broadly inclusive definition: “a network for the provision of
wireline or mobile telephone service, Internet access service, radio or
television broad casting, cable service, direct broadcast satellite service, or
any other communications service” {§2(c)}.
Moving Forward
Clarke is a fairly senior member of the House Energy and Commerce
Committee to which the bill was assigned for consideration. This means that she
may have the influence necessary to have the bill be considered in Committee.
Since the bill, however, provides relatively broad
regulatory powers to the FCC there will be a great deal of push back from
industry. This means that there would be substantial Republican opposition to
this bill. It is unlikely that there would be much support for moving this bill
forward.
Commentary
The ‘any other communications service’ provisions of the
communication network definition could provide FCC authority to regulate the
communications networks associated with physically distributed control systems
like SCADA networks. Initially, it would be unlikely that the FCC would
exercise that sort of authority; developing regulations for more traditional
communications networks would take up a great deal of time for the FCC.
Posts
No comments:
Post a Comment