The US Federal Communications Commission has decided to reverse a previous interpretation of the Communications Assistance for Law Enforcement Act, withdrawing a related rulemaking it now considers legally flawed and too weak from a cybersecurity perspective. At the same time, the agency points to months of intensified work with communications providers in the wake of the Salt Typhoon hack, saying those efforts have led to more urgent and coordinated risk mitigation across American networks. Recent steps include strengthening the process for investigating cyber-related outages, creating a Council on National Security to coordinate with intelligence and security partners, imposing targeted cybersecurity risk management requirements on submarine cable operators, and banning untrusted “bad labs” from the equipment authorization program so that testing is not influenced by actors seen as national security risks.

These moves have sparked political concern, with critics warning that the overall direction could still weaken protections for consumers. Senator Gary Peters argues that rules put in place after Salt Typhoon were meant to safeguard Americans’ personal data and that rolling back “basic cybersecurity safeguards” would leave people more exposed while undermining efforts to harden national security. He urges the FCC to keep strong, common-sense standards that treat cyber risk as a core element of public trust and national defense. Against this backdrop, the commission is also undertaking its first comprehensive review of submarine cable rules since 2001, pushing both new applicants and existing licensees to certify that they have developed and implemented cybersecurity risk management plans, signaling that the resilience of global communications infrastructure remains under close scrutiny.

‍

Source: https://industrialcyber.co/critical-infrastructure/fcc-reverses-course-on-calea-as-national-security-risks-drive-tougher-cyber-expectations-and-resilience/