ACA: Government Cybersecurity Framework Needs Work

By ( Broadcasting & Cable ) published

Small and medium-sized cable operators are calling on the National Institute of Standards and Technology (NIST) not to rush into an update of the cybersecurity framework, a draft of which it has sought comment on.

In comments to the institute, the American Cable Association applauded NIST's willingness to work with industry on the critical infrastructure cybersecurity effort but said some of its proposed updates are unclear, contradictory, and could lead to a "a one-size-fits-all approach."

In particular, said ACA president Matt Polka, "the discussion on Measuring and Describing Cybersecurity, suffers from serious flaws and should be rejected in favor of continued study and evaluation."

The metrics section, says ACA in its comments, could end up relying on a "checklist assessment created by third party consultants or auditors," instead of using an "inward-looking, individualized approach to cybersecurity risk management that the Framework otherwise encourages."

On the lack of clarity front, ACA says that the discussion of metrics for cybersecurity fails to provide a baseline understanding of what should be measured and how. ACA says the draft suggests that qualitative metrics can be used to quantify causes and effects, which ACA calls inherently contradictory.

Any update needs to emphasize that the effort is voluntary, risk-based and flexible.

ACA suggested that a one size fits all approach to supply chain and buying decisions does not sufficiently account for the fact that smaller operators don't have negotiating leverage to influence vendor cybersecurity practices.

In a February 2012 executive order, President Obama charged NIST with creating that voluntary, risk-based cybersecurity framework of industry standards and best practices, which it did the next year. It is in the process of updating that framework, which NIST insists in the draft summary is not a one-size-fits-all approach and says it recognizes that some organizations have "unique" risks.

The original NIST 1.0 framework took a "stop, drop and roll" take on threat response: "Identify, Protect, Detect, Respond, Recover."

ACA suggests NIST needs to stop, rethink, and then roll out the next iteration.

John Eggerton
John Eggerton

Contributing editor John Eggerton has been an editor and/or writer on media regulation, legislation and policy for over four decades, including covering the FCC, FTC, Congress, the major media trade associations, and the federal courts. In addition to Multichannel News and Broadcasting + Cable, his work has appeared in Radio World, TV Technology, TV Fax, This Week in Consumer Electronics, Variety and the Encyclopedia Britannica.

Latest in Policy
All-in pricing
DirecTV Warns FCC: Without Early Termination Fees, Our Equipment and Installation Costs Are Going To Be Paid For by Our Customers Up Front
Donald Trump
Donald Trump Shot at a Rally in Butler, Pa.; Spokesman Says ‘He Is Fine’
Ad Fraud Scam
Missouri Gov. Signs New Law Stopping Netflix and Other Streaming Companies From Being Charged Franchise Fees
Local newspaper
Stopping Newspapers From Going the Way of the Dinosaurs (B+C Guest Blog)
NCTA documentary
Rural Fiber Gets Its Big-Screen Moment With New NCTA Documentary (See It Here)
Former President Donald Trump sits in Manhattan Criminal Court on the day of his verdict in the hush money trial.
Broadcast Networks Go Live for Donald Trump Verdict
Latest in News
Dish and DirecTV satellite dishes
DirecTV Acquires Dish, Unifying Struggling Satellite Business
B+C Hall of Fame class of 2024
Freeze Frame: B+C Hall of Fame 2024
DirecTV and Dish
Next Text: As DirecTV and Dish Try to Seize the Remains of the Day, Does It Even Matter?
Adam Symson speaks to KNXV Phoenix GM/VP Anita Hecht.
E.W. Scripps Folding Scripps News, Eliminating 200 Jobs; Stock Jumps 15%
Sabrina Ionescu #20 of the New York Liberty handles the ball during the game against the Las Vegas Aces on September 8, 2024
WNBA Playoffs Continue: What’s On This Weekend in TV Sports (Sept. 28-29)
Fubo Multiview
Fubo Launches 'Multiview' Beta on Roku
More about broadcasting and cable
Dish and DirecTV satellite dishes

DirecTV Acquires Dish, Unifying Struggling Satellite Business

B+C Hall of Fame class of 2024

Freeze Frame: B+C Hall of Fame 2024
Hand holding a connected TV remote

Publisher’s Message
See more latest