Genachowski Pushes for Cybersecurity Code of Conduct

FCC Chairman Julius Genachowski called for an
industrywide cybersecurity code of conduct Wednesday.  That came
in remarks on cybersecurity at the Bipartisan Policy Center in Washington.

He
put in a plug for the voluntary, multi-stakeholder model as the best way to
respond to and prevent cybersecurity threats, giving a shout-out to Comcast and
CenturyLink for taking the lead in informing computer users about potential
threats without compromising privacy.

That
model, "which recognizes that almost all of our broadband infrastructure
is owned and operated by the private sector," he said, "has worked
throughout the Internet's history to address key challenges.

And
it continues to be the best approach for securing our networks while preserving
the Internet as an open platform for innovation and communication."

Genachowski
said that FCC staff estimates of the costs of cybercrimes were at a minimum in
the tens of billions of dollars annually, "and growing."

But
he called on those broadband stakeholders to take steps to address three key
threats: botnets, domain name fraud and IP hijacking. But he also said any
efforts to combat those threats must respect Internet openness and privacy.

Genachowski
said ISPs should increase customer awareness of bots, which carry viruses to
their computers, but without compromising privacy in the process. He said if
more ISPs followed the leads of Comcast and CenturyLink "it could
significantly reduce the botnet threat."

In
fact, he went further that making suggesting it. "Today, I'm calling on
all ISPs, working with other stakeholders, to develop and adopt an
industry-wide Code of Conduct to combat the botnet threat and protect the
public," he said. "This Code of Conduct would be a major step forward
and a significant complement to the Administration's broader efforts against
botnets." 

He
also called on network operators to better secure their routers via technical
standards, and gave a shout out for private industry adoption of the DNSSEC
domain name security system developed by the Internet Engineering Task Force.

"To
be effective, everyone who is a part of the Internet ecosystem must play a
meaningful role in ensuring that private and government networks, and personal
computers and devices are secured," said Comcast–NBCU Washington President
Kyle McSlarrow, former head of the National Cable & Telecommunications
Association, where he was active in cyvbersecurity discussions in the private
and public sector. "Comcast will continue to develop innovative solutions
and participate in multi-stakeholder organizations to assist in the development
of real-world solutions, best practices, codes of conducts and guidelines. The
work underway at the FCC's Communications Security, Reliability and
Interoperability Council -- CSRIC -- is an example of this kind of
industry-driven effort," McSlarrow said. "Comcast will continue to be
an active participant in CSRIC activities because consumers can only be effectively
protected if everyone in the Internet ecosystem and government work
together."

The
American Cable Association joined in the praise for an industry-driven approach
to best practices. ""ACA and its members agree with the FCC Chairman that
there is a vital need to make sure our networks are protected from
cybersecurity threats and applaud the Chairman for emphasizing the need for the
development of practical solutions to minimize them," said ACA President
Matt Polka. "By encouraging the development of best practices that network
providers could implement on a voluntary basis, and facilitating public/private
collaboration, today's speech demonstrates that we're headed in the right
direction. ACA looks forward to working with the FCC and other industry
partners in reducing, if not completely eliminating, major threats to our
networks."

Public
Knowledge and Comcast were in somewhat unusual agreement on a preference for
voluntary industry action. Harold Feld, legal director of the fair use group,
emphasized the FCC's defense of the open Internet and privacy protections. But
he also said that the group welcomed the multi-stakeholder model and
"believes voluntary participation from the Internet community of providers
and consumers will result in a stronger Internet for everyone without
compromising the open Internet everyone values."

The
chairman's speech comes as the Senate is considering cybersecurity legislation
and that House is in the midst of a series of hearings on the issue.

John Eggerton

Contributing editor John Eggerton has been an editor and/or writer on media regulation, legislation and policy for over four decades, including covering the FCC, FTC, Congress, the major media trade associations, and the federal courts. In addition to Multichannel News and Broadcasting + Cable, his work has appeared in Radio World, TV Technology, TV Fax, This Week in Consumer Electronics, Variety and the Encyclopedia Britannica.