FCC Requests Comment On Implementation Of CSRIC III Cybersecurity Best Practices

In March 2012, the FCC’s third Communications Security, Reliability and Interoperability Council (CSRIC III) unanimously adopted voluntary recommendations for Internet service providers (ISPs) to combat three major cybersecurity threats: (1) botnet attacks; (2) domain name fraud; and (3) Internet route hijacking.

The FCC seeks comment from ISPs, the Internet community, consumer organizations, and the broader public on the implementation and effectiveness of the CSRIC III recommendations and/or alternatives that stakeholders have developed since the time of the CSRIC’s original work to address these challenges; and on the implementation status and effectiveness of voluntary recommendations, or alternatives, by ISPs and other members of the Internet community.

The FCC is particularly interested in comment on the following questions as they relate to the four broad areas of CSRIC’s best practices:

• What progress have stakeholders made in implementing the recommendations?
• What barriers have stakeholders encountered in implementing the recommendations?
• What significant success stories or breakthroughs have been achieved in implementing the recommendations?
• What are stakeholders’ views and/or plans for full implementation of the recommendations?
• How effective are the recommendations at mitigating cyber risk when they have been implemented?