FCC proposed more cyber regulation for Internet providers

By Erin Ayers on February 24, 2017

The Federal Communications Commission (FCC) recently recommended greater cybersecurity oversight for internet service providers, it remains to be seen whether the advice, issued in the final days of President Obama’s administration, will be followed.

The FCC’s report, requested by Congress last fall in response to the distributed-denial-of-service attack on Dyn, Inc, indicated that ISPs have not only the ability to reduce cyber risk associated with their services, but also the responsibility to do so. The FCC emphasized the increased risk to critical infrastructure that rely on Internet connections that could occur without proper risk management on the part of ISPs, as well as cyber risks related to supply chain and mergers and acquisitions.

“ISPs, like all modern businesses, have economic incentives that drive investment decisions. When deciding how much to invest to reduce cyber risk, the cost-benefit analysis of ISPs naturally considers the risks to the firm,” stated the FCC in its report. “Unfortunately, relying on market forces alone fails to adequately weigh the risks imposed on third parties who rely on the networks and services they provision. A cybersecurity gap confronts the public. With the ISPs facing limited competition and low return on cyber investment, this is a gap that the free market is unlikely to fill.”


This story in an excerpt of the original. The content originally appeared in Cyber Front Page News.
To read the full story, you must be a subscriber. If you are a subscriber, check your email for Cyber Front Page News on February 24, 2017.


Erin is an editor at Advisen. She has 15 years of journalism experience. Prior to Advisen, Erin covered property-casualty insurance for 13 years as editor-in-chief of The Standard, New England’s Insurance Weekly. Erin is based in Boston, Mass. Contact Erin at eayers@advisen.com.