The Federal Communications Commission (FCC) released draft final rules last week that aim to strengthen the security of the nation’s public alert and warning systems against emerging cybersecurity threats.
The nation’s Emergency Alert System delivers warnings to the public through radio and television, and the Wireless Emergency Alerts deliver warnings to consumers’ cell phones.
FCC Chairwoman Jessica Rosenworcel introduced the draft rules to the commission on June 28, proposing a requirement for communications providers that have emergency systems to create, update, and implement cybersecurity risk management plans.
The rules would also require Emergency Alert System participants, such as broadcasters and cable providers, to notify the FCC of equipment defects within 24 hours of discovery, which would provide the FCC with greater awareness of system availability and help identify persistent technical problems in this equipment.
In addition, the rules would ensure that Emergency Alert System participants have contingency plans for delivering alerts to the public.
The draft final rules “would reduce risks to communications networks, in keeping with a whole-of-government effort to establish cybersecurity requirements to support national security and public safety,” the FCC said.
On June 20, the Department of Homeland Security urged regulators to ensure that owners and operators of communications networks and other U.S. critical infrastructure are implementing controls to improve their security and resilience to cybersecurity threats, including through the establishment of minimum cybersecurity requirements.
If the commission adopts the draft final rules, they will be publicly released, the FCC said.
