The FCC wants networks to take the lead in cybersecurity, will step in if necessary. That was the message from FCC chairman Tom Wheeler in his first major speech on the subject as chairman. “The network ecosystem must step up,” he said, and be more dynamic than traditional regulation, and more measurably effective.
Wheeler said the FCC has the responsibility to secure network security in the IP world, but not at the price of network openness, but that the "new paradigm" for protecting cybersecurity must be based on "private sector innovation, and the alignment of private interests in profit and return on investment with public interests like public safety and national security."
In a speech Thursday in Washington, he called on the communications industry to create its own "new paradigm" for cyber readiness, and suggested if they didn't, the government would have to step in.
"[T]his private sector-led effort must be more dynamic than traditional regulation and more measurably effective than blindly trusting the market or voluntary best practices to defend our country," he said in addressing a cybersecurity conference at the American Enterprise Institute Center for Internet, Communications, and Technology Policy.
He also said that demonstrating that effectiveness "will require a level of transparency that may take some time to get used to."
He said the effort has to be "real and meaningful" and "has to work," and that if it didn't, "we must be ready with alternatives."
Wheeler said he did not want headline writers to dash off an “FCC wants to regulate cyber" headline, pointing out his desire to give industry the first shot at getting it right. "We believe there is a new regulatory paradigm where the Commission relies on industry and the market first while preserving other options if that approach is unsuccessful."
In this case, that bully pulpit approach means "identify public goals, work with the affected stakeholders in the communications industry to achieve those goals," then decide whether that is sufficient.
He suggested that everybody was in it together.
"[T]ackling the challenges of cybersecurity will require a joint effort," he said. "That means collaboration within the federal government; collaboration between federal, state and local governments, collaboration between the U.S. and foreign governments; collaboration between government and the private sector; and even inter- and intra-industry collaboration."
Wheeler suggested that the FCC has the ability and responsibility to promote public safety and network security in the IP world as well as the old circuit-switched one. "The FCC cannot abdicate its responsibilities simply because the threats to national security and life and safety have begun to arrive via new technologies," he said. "If a call for help doesn’t go through, if an emergency alert is hijacked, if our core network infrastructure goes down, are we really going to say, 'Well, that threat came through packet-switched IP-based networks, not circuit-switched telephony, so it’s not our job…?'"
