Smaller ISPs Acting Reasonably To Protect Consumers Despite Limited Resources
PITTSBURGH, June 2, 2015 – The American Cable Association told the Federal Communications Commission that it is generally pleased with the agency’s recently released report by the Communications Security, Reliability and Interoperability Council (CSRIC) concerning the critical need for broadband providers to develop methods and practices to combat cyberattacks designed to degrade and disrupt broadband services for consumers.
“ACA members take cybersecurity very seriously partly because, like other providers, they have been subjected regularly to cyberattacks. It’s a real concern for network providers of all sizes in today’s times. To best serve their customers, ACA members want to work closely in a voluntary public-private partnership with the FCC on ways to develop cost-effective best practices so that these malicious actions do not adversely impact ACA Members’ ability to serve their local communities,” ACA President and CEO Matthew M. Polka said.
ACA submitted comments on May 29 in response to a public notice by the FCC’s Public Safety and Homeland Security Bureau (PSHSB) seeking comments on the CSRIC report released in March, which included details about the severity and frequency of cyberattacks. ACA members said they experienced a variety of threats on a repeated basis, including distributed denial-of-service (DDoS), ransomware, malware and phishing. While these members have been successful in identifying and neutralizing these attacks, there can sometimes be an adverse impact on the service offered to consumers for brief periods of time.
Despite ACA Members’ successes, ACA explained that small and medium-sized providers have limited resources to fight off the steady and challenging diet of cybersecurity threats. Some small companies have to do so without the means to dedicate even a single employee to perform cybersecurity risk management as the sole task. Some smaller providers rely on outside vendors to be the primary tool in identifying attacks.
In its comments, ACA said its Members have taken steps to promote greater security in their core network so that their customers are protected and their own systems can continue operating, which as the CSRIC IV Report notes, is critical from an infrastructure and business perspective. At the same time, ACA members recognize that even strong defenses and risk management practices may not be sufficient to avoid completely being victims of a cybersecurity incident but they can help minimize the scope and duration.
To enhance the exchange of information, ACA urged the FCC to send staff to industry events to conduct confidential individual meetings with providers on a voluntary basis to follow-up on the recommendations of the CSRIC Report, as well as engage in other dialogue, adding that it is important for the FCC and the Department of Homeland Security (DHS) to hear directly from a cross-section of small and medium-sized businesses to understand fully the cybersecurity landscape in the sector.
ACA said individual meetings ought to be viewed as an important two-way street, so that small businesses also can receive any helpful information from the FCC and DHS relating to the particular challenges they face.
“ACA will be pleased to facilitate a dialogue of many kinds between its members and the FCC and DHS and to play its role in helping to strengthen cybersecurity,” Polka said. “Only through a coordinated effort will we be able to plan for and manage cybersecurity-related risks.”
About the American Cable Association: Based in Pittsburgh, the American Cable Association is a trade organization representing nearly 850 smaller and medium-sized, independent cable companies who provide broadband services for nearly 7 million cable subscribers primarily located in rural and smaller suburban markets across America. Through active participation in the regulatory and legislative process in Washington, D.C., ACA’s members work together to advance the interests of their customers and ensure the future competitiveness and viability of their business. For more information, visit https://acaconnects.org/