(Adds further details of FCC plan)
By Alina Selyukh
WASHINGTON, June 12 The top U.S. telecom
regulator on Thursday told communications companies to take the
lead in fortifying their networks against cyberattacks, saying
they can do more to bolster security short of new government
In his first major speech devoted fully to cybersecurity,
Federal Communications Commission Chairman Tom Wheeler urged the
private sector to "step up to assume new responsibility and
market accountability for managing cyber risks" before the FCC
weighs a regulatory approach to the problem.
"The private sector-led effort must be more dynamic than
traditional regulation and more measurably effective than
blindly trusting the market or voluntary best practices to
defend our country," Wheeler said in a speech at the American
Enterprise Institute think tank.
"We believe in a new regulatory paradigm where the
commission relies on industry and the market first while
preserving other options if that approach is unsuccessful."
Improving protections of U.S. critical infrastructure like
communications networks and the electric grid has been a
priority for the Obama administration, but security experts
continue to worry about the reluctance of many corporate leaders
to spend more money on improving defenses.
The FCC, whose oversight includes major wireless and
Internet providers, has in the past tried to adopt industry-wide
minimum cybersecurity standards but faced resistance from large
communications companies as the private sector broadly has
resisted U.S. efforts to set new standards.
Wheeler has reignited the effort, positioning the FCC as a
more prominent player in protecting the nation's critical
infrastructure from cyber attacks. He made his first plea for
the private sector to step up their defenses in a speech at the
cable industry trade show in April.
The FCC in coming weeks will ask communications companies to
report how, measurably, they are adopting the various voluntary
best practices and codes of conduct they previously helped draft
through a multi-stakeholder FCC advisory group.
Another such advisory group is now also working on a review
of industry best practices in cybersecurity, which Wheeler said
in April he hoped would "translate into actual implementation"
over the course of the year.
The FCC will begin to incorporate cybersecurity
considerations into its routine regulatory work and will also
help evaluate how the communications sector is adopting the
minimum cybersecurity standards that the government drafted with
the industry's help in February.
"Companies must have the capacity to assure themselves,
their shareholders, their boards and their nation of the
sufficiency of their own cyber risk management practices,"
Wheeler said on Thursday.
(Reporting by Alina Selyukh, editing by Ros Krasny and Tom