Cyberattacks are growing in frequency and sophistication. Protecting individuals’ personal information and national security interests will require broad collaboration—across nations and across industries.
These challenges were a key focus of Telecom Policy Research Conference webinar, US Cybersecurity Policy for Data Breach, Ransomware and Supply Chain: What’s Working, What Isn’t and How to Fix It. The event was keynoted by Carole House, Director of Cybersecurity and Secure Digital Innovation at the National Security Council, and Brendan Carr, Commissioner at the Federal Communications Commission. “The stakes for securing [the United States’ critical technology] networks could not be higher, and the Biden Administration recognizes that,” said Ms. House.
Roundtable participants included Josephine Wolff, Assistant Professor of Cybersecurity at Tuft University’s Fletcher School; Thomas Vartanian, Executive Director of the Program on Financial Regulation and Technology at George Mason University’s Antonin Scalia Law School; and Karl Grindal, Ph.D. candidate at Georgia Tech University’s School of Public Policy.
Secure Supply Chains
Reliable supply chains are necessary to mitigate threats, the participants roundly agreed. Commissioner Carr noted a recently proposed rulemaking that was unanimously approved by the FCC. The measure would prohibit commercial use of products made by vulnerable suppliers on the FCC’s Covered List—whereas current restrictions only prevent government use. U.S. policymakers should also review companies whose supply chains originate in China, Commissioner Carr added. While that is not required in the FCC’s proposed rulemaking, regulators “need to be sure the Entity List covers the range of Chinese companies under the government’s thumb,” like Lenovo and Lexmark.