“By requiring communications service providers to submit annual certifications of their cybersecurity plans, the FCC aims to establish a robust framework for network security and threat response, aligning with the evolving cyber threat landscape,” said Dheeraj Maken, Practice Director at Everest Group.
The FCC will also seek public input on expanding risk management requirements across a broad spectrum of communications providers.
“However, smaller providers may face resource constraints, and broader coordination with federal and private initiatives is essential to enhance effectiveness,” Maken pointed out. “Addressing vulnerabilities in critical systems, such as submarine cables and Emergency Alert Networks, will require steps like enhanced monitoring, redundancy planning, encrypted communications, and decentralized architectures.”