CSRIC Working Groups Lay Out Goals
Addressing better emergency alert origination and possible security risks 5G networks might inherit from previous communications networks, the FCC Communications Security, Reliability and Interoperability Council will issue reports next year and into early 2021, said CSRIC working group chairmen Tuesday. The 2018 false emergency alert in Hawaii (see 1801160054) shows there's no good emergency alert system differentiation between tests and actual alerts, said Craig Fugate, former Federal Emergency Management Agency administrator. Broadcasters voluntarily carry alerts, and without a strong working relationship between them and originators, there's a risk of fatigue, especially for amber and silver alerts, he said. Fugate said focus also is needed on cybersecurity and spoofing, to be sure alert originators are authenticated. He said the working group plans to produce recommendations by September 2020. Broadcasters increasingly use social media to communicate when they lose power to transmitters, newsrooms or towers due to disasters or major weather events, and social media will be a focus of reports on improving broadcast resiliency, said Florida Association of Broadcasters President Pat Roberts. It will look at updated best practices for prepping for natural disasters, he said. Its draft is due in January and final report in March, he said. Two working groups are looking at 5G security. Nsight Chief Technical Officer Lee Thibaudeau said network architectures sometimes incorporate security risks from other networks, and in 5G's case that could lead to confidentiality and network availability issues. He said the group looking at 5G vulnerabilities possibly carried forward from other wireless networks expects to have a report in June on those risks, followed by December 2020 recommendations on updates to 3rd Generation Partnership Project (3GPP) standards. Qualcomm Director-Engineering Farrokh Khatibi said his group's related reports on risks potentially introduced by 3GPP standards will come in September 2020, and on ways of mitigating those in March 2021. The 911 move from legacy to IP networks carries potential security risks, especially when those networks are blended, said Mary Boyd, West Safety Services vice president-government and regulatory affairs. A working group report identifying the security risks in legacy, transition and next-generation 911 networks is expected in June, she said, followed by a December report measuring the risk magnitude and remediation costs. Verisign Chief Security Officer Danny McPherson said a report on session initiation protocol security vulnerabilities that could affect communication service provision is expected by March 2021.