Cybersecurity
Continuing Pandemic is Causing Broadband Operators to Adjust to New Cybersecurity Landscape

November 24, 2020 — As internet service providers are moving to enable numerous Wi-Fi services for their customers, security threats are looming larger than ever.
According to the Parks Association, the typical American family currently has an average of 12 connected devices per home, with the amount of Internet of Things devices utilized in each household rising every year; however, the majority of these devices lack the proper security or have no security at all.
In the face of manifold cybersecurity threats, Tier 2 internet service operators, or internet service providers which engage in peering with other networks, are working tirelessly to combat security threats alongside efforts to expand broadband access.
On Monday, representatives from Tier 2 operators gathered to explain their companies’ approaches to securing Wi-Fi networks, during a Broadband Communities webinar.
“Wi-Fi has evolved,” said Matt Krueger, vice president of product management at Shentel, “Six or seven years ago our job was to provide a single Wi-Fi connection. Now, we are on the security front.” According to Kreuger, Tier 2 operators’ role in network security has drastically evolved over the past five years.
“We pushed security responsibilities to the device originally,” said Krueger. Yet, in 2016, the service provider launched Eero, a company specializing in network monitoring tools, which moved the tracing of cybersecurity threats to the network.
According to Kreuger, Eero’s system allows Shentel to see where threats exist and where they initiate. “If there is a fishing attempt or a malware attempt, we are able to see what is being threatened on a device-level,” he said.
UTOPIA Fiber and Lumos discuss their role in network security
UTOPIA Fiber CEO Roger Timmerman detailed UTOPIA’s unique wholesale and open access model causes it to utilize a different approach to securing its networks.
“However, that does not keep us from getting involved,” said Timmerman. “We provide recommendations, but we do not provide ISPs with network security monitoring tools.”
Timmerman recommended that users only connect trusted devices to their Wi-Fi networks, and that they not attempt to discount crucial equipment, such as routers.
“Users cannot rely on old or cheap routers,” said Timmerman, adding that the life cycle of routers is typically three years, and that outdated equipment is likely to get hacked.
David Smith, vice president of technical operations at Lumos, detailed the company’s approach to securing its networks, saying that getting network security tools in the hands of customers is a high priority.
“We want to give customers the tools they need to control their homes,” said Smith.
Lumos partnered with AirTies to empower users to utilize the range of security functions offered by the Wi-Fi mesh technology, one of the most secure wireless networking strategies.
According to the security experts, technology and cybersecurity threats are going to keep adapting, with Wi-Fi 6 capable devices on the horizon.
“Shentel will be deploying Eero Wi-Fi 6 devices within the next 30 days,” said Krueger, saying “we want to get the devices out there so end users can begin to feel the benefits.”
Cybersecurity
CES 2023: Consumers Need to Understand Personal Cybersecurity, Says White House Cyber Official
Consumers must better understand how to weigh risks and protect themselves in the digital world, said Camille Stewart Gloster.

LAS VEGAS, January 7, 2023 – In addition to building a more robust cybersecurity workforce, policymakers should consider consumer education, said Camille Stewart Gloster, deputy national cyber director for technology and ecosystem for the White House, speaking Saturday at the Consumer Electronics Show.
CES 2023 has featured numerous discussions of cybersecurity in sectors ranging from transportation to Internet of Things home devices. On Thursday, an official from the Department of Homeland Security argued that manufactures should design and pre-configure devices to be secure, thus reducing the security burden on consumers.
For their own protection, consumers must better understand how to weigh risks and protect themselves in the digital world, Stewart Gloster said Saturday. “The sooner that people understand that their physical security and digital security are inextricably linked the better,” she argued. According to the panel’s moderator, Consumer Technology Association senior manager for government affairs John Mitchell, 82 percent of data breaches in 2021 involved “the human element, stolen credentials, phishing, misuse.”
Stewart Gloster’s team is working on a national cyber-workforce and education strategy, she said, which will address the federal cyber workforce, the national cyber workforce, cyber education, and “digital safety awareness.”
Stewart Gloster said workforce initiatives should promote the participation of “people of a diverse set of backgrounds who are highly skilled and multidisciplinary who can take a look at the problem space, who can apply their lived experiences, apply the things they’ve observed, apply their academic backgrounds to a challenging and ever evolving landscape.”
Cybersecurity
CES 2023: Cybersecurity for IoT Devices Should be Market-Driven
NIST’s cybersecurity guidelines for IoT prescribe desired outcomes, rather than specific and ‘brittle’ standards.

LAS VEGAS, January 6, 2023 – Cybersecurity protocols for Internet of Things devices should be industry-driven, Katerina Megas, program manager of the Cybersecurity for Internet of Things Program at the National Institute of Standards and Technology, said Friday at the Consumer Electronics Show 2023.
The popularization of IoT devices gives cyber-criminals increasing opportunities to breach networks, many say. Network-connected household devices – e.g., lightbulbs and home security devices – can be entry-points if security protocols are lacking. On CES panel on Thursday, a cybersecurity official at the Department of Homeland Security argued that manufacturers should design and preset devices to be safe, shifting much of the burden from the consumer.
“For a long-term, sustainable solution, the best approach really is for demand to be market driven,” she said, adding that NIST is “happy” to support the market when called on. To preserve flexibility, NIST’s cybersecurity guidelines for IoT manufacturers in general prescribed desired outcomes, rather than specific and “brittle” standards, Megas said.
“How you achieve those [outcomes] will vary depending on the maturity of your organization, the architecture of your product, perhaps preferences that you might have for you own internal processes,” she explained.
Megas said manufacturers, who well know their devices’ technical capabilities, often lack an understanding of how consumers actually use their devices. Megas said she has examined how to “help a manufacturer who has no insights into the final contextual use of this product, how can we help them…understand, ‘Here are the risks associated with my device.’”
At an American Enterprise Institute panel held in November, Megas endorsed an “ecosystem approach” to cybersecurity, arguing that network security is also indispensable.
Cybersecurity
CES 2023: Railroad Industry Needs Cybersecurity Update
Shawn Smith advocated heavily tailored, industry-specific approaches that can address to the unique needs of the rail industry.

LAS VEGAS, January 5, 2023 – To keep pace with today’s technological innovations and cyberthreats, the railway industry must retool its cybersecurity defenses, said Shawn Smith, vice president of business development of rail cybersecurity company Cylus.
The railway industry is working to patch old vulnerabilities as well as the new ones that have been create by developing technologies, Smith told Broadband Breakfast at the Consumer Electronics Show on Thursday. The need for enhanced cybersecurity has been a recurring theme at the conference, as have the implications of the ever increasing number of devices and technologies now relying on connectivity.
“We’re really fast-tracking an operator’s ability to keep pace with the change in the digital environment that they’re operating in (and) the interconnectivity that they’re seeing,” Smith said, adding that his team works to provide “visibility, threat detection, and response capability to keep pace with the change in their organizations.”
Smith said that many of the large rail players have developed responses for some cybersecurity risks, but lack the automation and planning tools necessary to maximize their effectiveness. He advocated heavily tailored, industry-specific approaches that can address to the unique needs of the industry.
Governments and industry players worldwide have of late been on high alert for cyberthreats, particularly since Russia invaded Ukraine in February 2022. Railways, like other infrastructure, are potential targets for nefarious actors, Smith said.
-
Broadband Mapping & Data3 weeks ago
As States Struggle to Challenge FCC Map, Local Communities Can Help Maximize BEAD Funding
-
Fiber4 weeks ago
Municipal Networks and Incumbent Providers Will Compete for Grant Funding in 2023
-
12 Days of Broadband4 weeks ago
Will Congress Permanently Extend the Affordable Connectivity Program?
-
Big Tech1 week ago
Broadband Breakfast Announces Big Tech & Speech Summit on March 9
-
#broadbandlive3 weeks ago
Broadband Breakfast on January 18, 2023 – Welcoming the Chinese New Year, Navigating a High Tech Cold War
-
12 Days of Broadband4 weeks ago
Legislators Discuss Banning TikTok Over Growing Security Concerns
-
Broadband Mapping & Data4 weeks ago
Circulating Open Letter Urges BEAD Delays Due to Inaccurate Maps and Lack of Challenge Resources
-
#broadbandlive3 weeks ago
Broadband Breakfast on January 11, 2023 – How to Challenge the FCC’s Broadband Map