The Federal Communications Commission (FCC) recently recommended greater cybersecurity oversight for internet service providers, it remains to be seen whether the advice, issued in the final days of President Obama’s administration, will be followed.
The FCC’s report, requested by Congress last fall in response to the distributed-denial-of-service attack on Dyn, Inc, indicated that ISPs have not only the ability to reduce cyber risk associated with their services, but also the responsibility to do so. The FCC emphasized the increased risk to critical infrastructure that rely on Internet connections that could occur without proper risk management on the part of ISPs, as well as cyber risks related to supply chain and mergers and acquisitions.
“ISPs, like all modern businesses, have economic incentives that drive investment decisions. When deciding how much to invest to reduce cyber risk, the cost-benefit analysis of ISPs naturally considers the risks to the firm,” stated the FCC in its report. “Unfortunately, relying on market forces alone fails to adequately weigh the risks imposed on third parties who rely on the networks and services they provision. A cybersecurity gap confronts the public. With the ISPs facing limited competition and low return on cyber investment, this is a gap that the free market is unlikely to fill.”
This story in an excerpt of the original. The content originally appeared in Cyber Front Page News.
To read the full story, you must be a subscriber. If you are a subscriber, check your email for Cyber Front Page News on February 24, 2017.
Erin is the managing editor of Advisen’s Front Page News. She has been covering property-casualty insurance since 2000. Previously, Erin served as editor-in-chief of The Standard, New England’s Insurance Weekly. Erin is based in Boston, Mass. Contact Erin at [email protected].
