CSRIC Passes Recommendations on Communications Sector Security, 911 Call Routing
The FCC Communications Security, Reliability and Interoperability Council unanimously approved recommendations from five working groups Wednesday on 911 call rerouting and the security of communications systems. FCC Public Safety Bureau Chief David Simpson assigned CSRIC the task Wednesday of forming an additional working group on security best practices for services using the Wi-Fi spectrum band. Four other CSRIC working groups reported progress toward completing recommendations due before the current CSRIC mandate ends in March 2017.
Sign up for a free preview to unlock the rest of this article
Timely, relevant coverage of court proceedings and agency rulings involving tariffs, classification, valuation, origin and antidumping and countervailing duties. Each day, Trade Law Daily subscribers receive a daily headline email, in-depth PDF edition and access to all relevant documents via our trade law source document library and website.
Working Group 1's report on rerouting 911 calls between public safety answering points includes 11 new best practices “to optimize call routing and rerouting,” many of which dealt specifically with interjurisdictional cooperation, said co-Chairwoman Susan Sherwood, Verizon Wireless senior manager-Network Engineering. The new best practices dealing with interjurisdictional cooperation would particularly affect cell towers that cross public service answering point (PSAP) boundaries and would allow PSAPs to cooperate on calls near Geographic Information System boundaries, she said. The working group also identified six existing best practices that continue to be relevant for improving 911 call rerouting and modified six other existing best practices to make them “relevant to today's 911 environment,” Sherwood said. The working group is also beginning to concentrate on a second set of recommendations, due in September, that would deal with aspects of location-based routing that use latitude and longitude and other information, Sherwood said.
Working Group 2 recommended the FCC collaborate with the Federal Emergency Management Agency, industry and emergency alert originators to continue studying security aspects of the wireless emergency alerts (WEA) system, including encouraging the Alliance for Telecommunications Industry Solutions to develop a comprehensive best practices document on WEA security, said co-Chairman Farrokh Khatibi, Qualcomm engineering director. Development of WEA security best practices should be open to all interested industry and standards groups, along with NTIA and the National Institute of Standards and Technology, Khatibi said. The working group also recommended the FCC consider seeking further study of WEA security in future CSRIC iterations.
Working Group 3's report on emergency alert system security recommended the FCC keep information on how EAS participants implement security best practices confidential and should work with other federal agencies to share information that EAS participants deem “sensitive,” said co-Chairman Kelly Williams, an NAB senior director. The working group recommended the FCC give EAS participants “maximum flexibility” in following methods for implementing EAS security that are different from best practices CSRIC previously adopted, particularly where the alternative methods “exceed” techniques included in CSRIC's existing best practices, Williams said. The working group also recommended the FCC improve its outreach on the existing CSRIC EAS security best practices, including by making the best practices “readily available” on the FCC website, Williams said. The working group anticipates it will have additional reports ready by June on providing EAS alerts in languages other than English and on developing the EAS operational handbook.
Working Group 6's report on security by design best practices for core network equipment recommended communications sector entities use CSRIC's 2015 report on cybersecurity risk management best practices, the NIST Cybersecurity Framework and additional best practices from IEEE, the International Organization for Standardization and others as a reference for reducing their cyber risk when working with vendors and suppliers, said co-Chairman Brian Scarpelli, ACT | The App Association senior policy counsel. The working group also recommended the public and private sectors collaborate on advancing security by design best practices to avoid inconsistent approaches, Scarpelli said. The working group plans to have a second report ready by September on mechanisms for communications sector entities to demonstrate their use of security by design best practices, Scarpelli said.
Working Group 7 issued an interim report on ways for the FCC to improve communications sector workers' education and training on cybersecurity issues, which said the National Cybersecurity Workforce Framework (NCWF) is applicable to the communications sector, said co-Chairman Bill Boni, T-Mobile vice president-Information Security. The working group plans to issue draft best practices based on the NCWF by December and will issue a final report on the best practices by March 2017, Boni said.