- Glovo apuesta por una experiencia fluida y eficiente para el usuario gracias a la tecnología
- How AI could supercharge your glucose monitor - and catch other health issues
- This iPhone bug is particularly alarming
- 칼럼 | AI가 보안에 도움될까? 2025년 AI·사이버보안 주요 과제 7가지
- SEC 사이버 보안 침해 보고 규정 시행 1년··· 여전히 혼란스러운 美 CISO들
FCC Proposes Stricter Cybersecurity Rules for US Telecoms
The US Federal Communications Commission (FCC) is looking to expanding cybersecurity requirements for US telecommunications firms following the Salt Typhoon cyber-attack which impacted at least eight US communications firms.
As part of its “decisive action” the FCC has released a Notice of Rulemaking in which communications firms could be subject to an annual certification requirement to create, update and implement cybersecurity risk management plans.
In addition, FCC Chairwoman Jessica Rosenworcel has proposed a Declaratory Ruling that would clarify that Section 105 of the Communications Assistance for Law Enforcement Act (CALEA) creates a legal obligation for telecommunications carriers to secure their networks against unlawful access and interception.
The Salt Typhoon incident saw foreign actors, state-sponsored by the People’s Republic of China (PRC), infiltrated at least eight US communications companies, compromising sensitive systems and exposing vulnerabilities in critical telecommunications infrastructure.
The attack was part of a large-scale espionage campaign. It is believed that targets included Verizon, AT&T and Lumen Technologies.
In a statement, the FCC said, “While the Commission’s counterparts in the intelligence community are determining the scope and impact of the Salt Typhoon attack, the FCC can act now to strengthen cybersecurity safeguards and ensure resilience against future cyberattacks by adversaries.”
The FCC has invited the public to comment on the expanding cybersecurity requirements and identify additional ways to enhance such cybersecurity defenses.
The proposed measures have been made available to the five members of the Commission and they may choose to vote on them at any moment.
If adopted, the Declaratory Ruling would take effect immediately, the FCC statement said.
The Notice of Proposed Rulemaking, if adopted, would open for public comment the cybersecurity compliance framework, which is part of a broader effort to secure the nation’s communications infrastructure.
