The agency’s acting chief has reached out to interagency partners and wants to create a team dedicated to network security issues.
The Federal Communications Commission plans to significantly raise the threshold for entities that could receive reimbursements after replacing equipment from Huawei and ZTE, which it has designated threats to national security.
In a unanimous decision, commissioners voted to advance a notice of proposed rulemaking that would allow entities with fewer than 10 million customers to receive a government refund for replacing the untrusted equipment. Under current rules, which flowed from a law—the Secure and Trusted Communications Network Act—meant to help small rural providers adapt to the national security designation, only entities with fewer than 2 million customers would qualify for a reimbursement.
But the Consolidated Appropriations Act of 2021 has since provided $1.9 billion for the program and amended the law, according to the proposal.
“In the CAA … Congress amended section 4(b)(1) of the Secure Networks Act to increase the eligibility criteria to those providers with 10 million or fewer customers,” reads the proposal, which will be open for comment for 21 days. “We propose to change our rules and allow providers with 10 million or fewer customers to participate in the Reimbursement Program.”
Depending on demand for the program, the proposal would still prioritize entities with fewer than 2 million customers, and non-commercial educational facilities before any other eligible applicants, according to the FCC.
“We know there are vulnerabilities that come with this equipment and those vulnerabilities could provide foreign interests with access to our networks, jeopardizing the security of communications in the United States,” FCC Acting Chair Jessica Rosenworcel said, adding “this is only the beginning.”
Rosenworcel invoked the hack involving network management company SolarWinds in calling for a forward-looking approach to securing national communications infrastructure.
“The damage from recent supply chain attacks, like the SolarWinds software breach, demonstrates the need for a coordinated, multifaceted, and strategic approach to protecting our networks from all threats,” she said. “With this new appropriation from Congress, we have an opportunity to do just that. But we also have an opportunity right now to refresh our networks and reinvigorate our approach to network security so that the United States leads in the future of innovation. We need to meet this moment with more than just a plan to address yesterday’s security challenges but with ideas for tomorrow’s as well.”
Toward this end, Rosenworcel said she has engaged with leadership at the National Telecommunications and Information Administration, the Cybersecurity and Infrastructure Security Agency and Anne Neuberger, deputy national security advisor for cyber and emerging technology, and that she is reenvisioning the way the FCC reviews national security issues.
“My office is exploring changes to the FCC process for reviewing matters related to national security, which right now are siloed within the agency’s various bureaus and offices,” she said. “If we are going to keep pace with the growing threats to our communications, we need a dedicated interagency and cross-bureau team of experts advancing a comprehensive approach to securing our nation’s communications. That work is already underway, and I look forward to the improved decision-making that will result.”