Consumer Electronics Daily was a Warren News publication.

5G Fund FNPRM Includes New Section on Cybersecurity

The FCC added a section on cybersecurity and supply chain risk management to the final Further NPRM on a 5G Fund. That was the biggest change from the draft, based on a side-by-side comparison. Commissioner Geoffrey Starks highlighted the additional security questions when the FNPRM was approved by commissioners last week (see 2309210035). The FCC also released comment deadlines -- Oct 23, for initial comments, Nov. 21 for replies. The FCC is seeking comment on “whether to require 5G Fund support recipients to implement cybersecurity and supply chain risk management plans as a condition of receiving … support,” the notice said. It notes a similar requirement in the FCC’s enhanced alternative connect America cost model order (see 2307240064). The FNPRM now asks about requiring submission of plans that reflect the latest version of the National Institute of Standards and Technology “Framework for Improving Critical Infrastructure Cybersecurity, and that reflects an established set of cybersecurity best practices, such as the standards and controls” established by the Cybersecurity & Infrastructure Security Agency or the Center for Internet Security. “Would it be appropriate for 5G Fund recipients to submit to [Universal Service Administrative Co.] their updated cybersecurity and supply chain risk management plans within 30 days of making a substantive modification thereto, as Enhanced A-CAM recipients must?” the FNPRM asks: “What are the differences (if any) between 5G Fund recipients and Enhanced A-CAM recipients that might warrant different approaches to ensuring cybersecurity?” The FNPRM was in Monday’s “Daily Digest.”