The White House recently released its National Cybersecurity Strategy
Implementation Plan
https://ncta.us4.list-manage.com/track/click?u=5c9cbb7072f1682388e57f94b&id=eceb8b5cea&e=1e4c1efd67,
a follow-up to the Administration’s National Cybersecurity Strategy
https://ncta.us4.list-manage.com/track/click?u=5c9cbb7072f1682388e57f94b&id=a3fc984234&e=1e4c1efd67,
setting forth a wide range of government initiatives to bolster the nation’s
cybersecurity. One of its key strategic goals is to develop a roadmap to
“drive secure internet routing” technology through an inter-agency effort
in collaboration with ISPs, cloud providers, and other key entities.
*The cable industry is an internet routing security leader. *As the
nation’s primary broadband service providers, NCTA members work every day
to detect, prevent, and mitigate cybersecurity threats to minimize their
impact on broadband networks and customers. With hundreds of millions of
devices connected to cable’s broadband networks, cable providers have
invested in cybersecurity to stay ahead of emerging threats.
For well over a decade, cable’s significant efforts have included:
– Development of consensus-based internet routing security standards
– Funding of associated open-source software to enable deployment
– Implementing secure routing best practices, including co-founding what
is now the Mutually Agreed Norms for Routing Security (MANRS
https://ncta.us4.list-manage.com/track/click?u=5c9cbb7072f1682388e57f94b&id=63f6c7ea13&e=1e4c1efd67)
initiative
– Participating in the FCC’s Communications Security, Reliability, and
Interoperability Council reports on best practices to mitigate
cybersecurity risks in IP-based protocols
In addition, major cable ISPs have implemented key security measures:
– Filtering customer routes in the Border Gateway Protocol (BGP)
– Using the Resource Public Key Infrastructure (RPKI) for both signing
address spaces (Route Origin Authorizations or ROAs) and validating routes
(Route Origin Validations or ROVs)
– Source address validation (SAV)
– Anti-distributed denial of service attack (DDoS) tools
Last year, CableLabs, the industry’s research and development consortium,
published a guide
https://ncta.us4.list-manage.com/track/click?u=5c9cbb7072f1682388e57f94b&id=eb79ea180f&e=1e4c1efd67
and other resources
https://ncta.us4.list-manage.com/track/click?u=5c9cbb7072f1682388e57f94b&id=8aab3905e9&e=1e4c1efd67
for deploying RPKI to assist network operators that are seeking to upgrade
their routing security tools.
And NCTA members had leadership roles in the development of the recent Security
of the Internet’s Routing Infrastructure
https://ncta.us4.list-manage.com/track/click?u=5c9cbb7072f1682388e57f94b&id=d10f595b80&e=1e4c1efd67
paper by the Broadband Internet Technical Advisory Group, known as BITAG.
Finally, Comcast has funded open-source software projects and other
research projects concerning routing security over the years via the Comcast
Innovation Fund
<https://ncta.us4.list-manage.com/track/click?u=5c9cbb7072f1682388e57f94b&id=bcb5d9feb6&e=1e4c1efd67>
.
The cable industry also has worked closely with NIST in a years-long
lead-up to publication of the Cybersecurity Framework 2.0 (CSF), which is
expected at the end of this year. The CSF provides comprehensive guidance
to organizations to evaluate their cyber readiness and implement effective
cyber defense and risk management tools, techniques, and processes.
In response to NIST’s call to action in its CSF 2.0 Concept Paper, NCTA and
CableLabs are working to jointly develop and publicly share a NIST CSF
“Profile for Routing Security” which can:
– Serve as a roadmap for improving the cybersecurity of the internet’s
routing system for the communications sector, especially smaller network
operators
– Support funding requests for federal grants and assistance to meet
required compliance with NIST cybersecurity standards, such as under NTIA’s
Broadband Equity, Access and Deployment (BEAD) program
– Assist with investments and next steps in peering arrangements and
long-term resilience
– Raise awareness of the importance of detecting and deterring route
hijacks, particularly among smaller and non-ISP networks
The inter-dependent and global nature of the internet requires a
combination of security techniques and collective action by a range of
actors. The cable industry is playing a significant role and remains
committed to leading the way toward a more secure internet ecosystem,
including working with the National Cyber Director, the FCC, and other
federal agencies in a whole-of-government approach to improving secure
internet routing and other security objectives.