Officials reaffirmed the administration’s view that software-defined networking is the best way to secure next-gen telecommunications.
The President’s National Security Telecommunications Advisory Committee will vote Aug. 12 on whether to approve a report the group is preparing on the cybersecurity implications of using software-defined networking to secure 5G networks.
The NSTAC is made up of senior executives from across the information and communications technology industry.
A first draft of the report will be available for initial feedback from the full committee in April, said Ray Dolan, co-chair of the subcommittee on SDN, during a teleconference the group held today.
Top industry and administration officials have been promoting the practice of building networks by separating out the software from components and making them interoperable across multiple vendors as a way to reduce reliance on a single vendor, namely Chinese telecommunications giant Huawei.
Attorney General William Barr recently caused a stir in dismissing the idea as “pie in the sky” and calling for more immediate action.
But during the call, administration officials including Josh Steinman, deputy assistant to the president for cybersecurity, and Bradford Willke, acting director of stakeholder engagement and cyber infrastructure resilience at the Cybersecurity and Infrastructure Security Agency again pushed the technology as the primary solution for securing fifth-generation networks.
“Obviously 5G is at the top of our list right now,” Steinman told the committee, noting work the White House is doing with major U.S. companies to create common engineering standards and open, virtualized networks.
Steinman also highlighted U.S. participation in international standards bodies, the security of position, navigation and timing systems, the cyber workforce, attribution for malicious attacks, election security and vulnerability disclosure, as priorities for the president.
Willke seized on the mention of vulnerability disclosure to promote CISA’s efforts to secure legislation that would allow the agency to subpoena internet service providers for the contact information of private-sector critical infrastructure owners found to have vulnerabilities in their systems. He gave further insight into how CISA intends to use the power, if granted.
He said it would allow CISA "to stitch together exactly whose attention to go get to put some energy and pressure on to removing those vulnerabilities from the ecosystem.”
It would be "an important tool in our arsenal," he said.