Workshop: Cyber Security

The Commission’s National Broadband Plan Notice of Inquiry sought comment on a variety of public safety and homeland security concerns, including interoperability, redundancy, cyber security, 911, and pandemic response. The Cyber Security Workshop will examine the nation’s ability to prevent, detect and respond to cyber attacks and how broadband technology can enhance the nation’s cyber security efforts. The workshop will also look at the challenges that broadband technologies can bring to cyber security efforts. The workshop will bring together representatives from the public safety community, government agencies, industry, and academia to discuss these issues. The first panel will focus on which broadband technologies, tools, and innovations are needed to prevent cyber attacks on the nation’s critical communications infrastructure. It will also focus on the cultures and policies that are needed for those technological innovations and tools to work effectively. The second panel will focus on which broadband technologies, tools, and innovations are needed to detect cyber attacks and to restore communications systems after an attack occurs. It will also focus on the cultures and policies that are needed for those technological innovations and tools to work effectively.

• What steps are being taken and should be taken to secure the nation’s most vulnerable broadband facilities and data transfers from cyber threats such as espionage, disruption and denial of service attacks?
• To what extent have market forces alone resulted in more favorable cyber security for the nation’s critical communications infrastructure and how will this trend develop? Or have markets provided insufficient incentives for sufficient security investments?
• Should the broadband service providers who provide and service the nation’s critical communications infrastructure be required to adhere to specific standards or best practices to minimize threats and if so, what should those be, who should determine what those are and what sorts of procedures should be adopted to ensure that they are adhered to?
• Could traditional reliability techniques like physical diversity or redundancy be applied to promote and improve cyber security? If so, how?
• How can commercial broadband service providers and government agencies create synergistic collaborations in order to enhance cyber security efforts? How are Information Sharing and Analysis Centers (ISACs) or other information sharing initiatives working regarding cyber security? What improvements, changes or additional resources are needed?
• Should the Commission adopt a process whereby communications providers can certify their compliance with those standards or best practices? What would some of the attributes of such a process be? What value would be conveyed by granting certification?
• How can United States government agencies improve interagency coordination regarding cyber security?
• What non-governmental agencies or associations are working on cyber security and what are they doing in this regard?
• What steps need to be taken to better secure broadband and data transmissions?

• What sorts of data are commercial communications providers analyzing to alert them to a cyber attack? What sorts of data should they be analyzing?
• How have intrusion detection systems improved over the years? Are they keeping pace with the threat environment? What do we need to do to ensure these systems operate effectively to keep up with the threat environment?
• How has the communications industry’s ability to respond to cyber attacks improved over the years? Is it taking more or less time to bring an attack under control? Why or why not? What do we need to continue doing or start doing so that attacks are brought under control in a timely manner in order to mitigate damages?
• How should commercial communications providers work together to mitigate the effects of an attack? How are these mechanisms working today? How do we expect them to function in the future?
• How can commercial broadband service providers and government agencies create synergistic collaborations in order to enhance cyber security efforts?
• How can United States government agencies improve interagency coordination in response to cyber security attacks?
• What non-governmental agencies or associations are working on cyber security and what are they doing in this regard?

• John Nagengast, Executive Director, Strategic Initiatives for AT&T Government Solutions
• Richard Pethia, Director, CERT, Carnegie Mellon University
• Don Welch, CEO & President, Merit Network, Inc. 

• Marc Donner, Engineering Director, Google Health, Google Finance, AdWords Engineering
• Dale Drew, Vice President for Security, Level 3
• Andy Ogielski, President, Renesys Corporation
• Philip Reitinger, Deputy Undersecretary, National Protection & Programs Directorate, Department of Homeland Security
• Allan Sadowski, IT Director, North Carolina State Highway Patrol

• Cyber Security and the National Broadband Strategy
  • John Nagengast, Executive Director, Strategic Initiatives for AT&T Government Solutions
• Security in Cyberspace Protecting Critical Communications Infrastructures
  • Richard Pethia, Director, CERT, Carnegie Mellon University
• FCC Broadband Workshop on Cyber Security
  • Don Welch, CEO & President, Merit Network, Inc.
• FCC Cyber Security Workshop Panel 2: Detect and Respond
  • Dale Drew, Vice President for Security, Level 3
• Detecting Attacks on Internet Infrastructure and Monitoring of Service Restoration in Real Time
  • Andy Ogielski, President, Renesys Corporation
• A Public Safety Perspective FCC Broadband Workshop on Cyber Security
  • Allan Sadowski, IT Director, North Carolina State Highway Patrol 
• Workshop Transcript