Cybersecurity
Continuing Pandemic is Causing Broadband Operators to Adjust to New Cybersecurity Landscape

November 24, 2020 — As internet service providers are moving to enable numerous Wi-Fi services for their customers, security threats are looming larger than ever.
According to the Parks Association, the typical American family currently has an average of 12 connected devices per home, with the amount of Internet of Things devices utilized in each household rising every year; however, the majority of these devices lack the proper security or have no security at all.
In the face of manifold cybersecurity threats, Tier 2 internet service operators, or internet service providers which engage in peering with other networks, are working tirelessly to combat security threats alongside efforts to expand broadband access.
On Monday, representatives from Tier 2 operators gathered to explain their companies’ approaches to securing Wi-Fi networks, during a Broadband Communities webinar.
“Wi-Fi has evolved,” said Matt Krueger, vice president of product management at Shentel, “Six or seven years ago our job was to provide a single Wi-Fi connection. Now, we are on the security front.” According to Kreuger, Tier 2 operators’ role in network security has drastically evolved over the past five years.
“We pushed security responsibilities to the device originally,” said Krueger. Yet, in 2016, the service provider launched Eero, a company specializing in network monitoring tools, which moved the tracing of cybersecurity threats to the network.
According to Kreuger, Eero’s system allows Shentel to see where threats exist and where they initiate. “If there is a fishing attempt or a malware attempt, we are able to see what is being threatened on a device-level,” he said.
UTOPIA Fiber and Lumos discuss their role in network security
UTOPIA Fiber CEO Roger Timmerman detailed UTOPIA’s unique wholesale and open access model causes it to utilize a different approach to securing its networks.
“However, that does not keep us from getting involved,” said Timmerman. “We provide recommendations, but we do not provide ISPs with network security monitoring tools.”
Timmerman recommended that users only connect trusted devices to their Wi-Fi networks, and that they not attempt to discount crucial equipment, such as routers.
“Users cannot rely on old or cheap routers,” said Timmerman, adding that the life cycle of routers is typically three years, and that outdated equipment is likely to get hacked.
David Smith, vice president of technical operations at Lumos, detailed the company’s approach to securing its networks, saying that getting network security tools in the hands of customers is a high priority.
“We want to give customers the tools they need to control their homes,” said Smith.
Lumos partnered with AirTies to empower users to utilize the range of security functions offered by the Wi-Fi mesh technology, one of the most secure wireless networking strategies.
According to the security experts, technology and cybersecurity threats are going to keep adapting, with Wi-Fi 6 capable devices on the horizon.
“Shentel will be deploying Eero Wi-Fi 6 devices within the next 30 days,” said Krueger, saying “we want to get the devices out there so end users can begin to feel the benefits.”
Cybersecurity
Cybersecurity Requirements in BEAD Could Shape Internet Security Regulation More Widely
The Broadband Equity, Access and Deployment program requires ISPs and states to submit comprehensive cybersecurity plans.

WASHINGTON, November 2, 2023 – How states implement cybersecurity rules in the $42.5 billion Broadband Equity, Access and Deployment program could shape internet security regulations more widely, experts said during a virtual panel Wednesday.
The BEAD program, which will provide federal grants to states to disperse for broadband projects, requires providers to submit comprehensive cybersecurity plans based on standards from the National Institute of Standards and Technology. Panelists said flexibility in the plans allows customization but also establishes baseline expectations as critical infrastructure relies more on connected technology.
“I think the way that states and entities interpret these BEAD cybersecurity and supply chain requirements is really going to have a ripple effect across the whole community,” said Savannah Schaefer, an attorney of Wilkinson Barker Knauer, who advises clients on cybersecurity.
Federal Communications Commission rules are beginning to include similar mandates, meaning how states implement BEAD’s requirements could influence cybersecurity regulations more broadly, Schaefer said.
Melissa Newman, vice president of government Affairs at the Telecommunications Industry Association, said BEAD’s cybersecurity stipulations cite lengthy federal guidance documents providers must wade through. Her trade group developed a checklist to help companies understand the rules.
“You cannot be confident in the security of your networks and products without consideration of both cyber and supply chain security,” said Newman, TIA’s vice president of government affairs.
Supply chain management, knowing who provides equipment and software, is critical because cybersecurity threats can be embedded throughout a product’s lifecycle, she said.
Evan Rice, senior vice president of Guide Star, a division of CCI Systems, said providers should start by documenting current cyber practices, identifying gaps and making plans to address them. Cybersecurity must be incorporated holistically, from network construction to long-term operation, he said.
“Everyone understands that piece. The cybersecurity is the same. Once you build it, you have to operate it,” said Rice. Schaefer encouraged viewing BEAD as part of an ongoing process of shaping cybersecurity requirements.
Our Broadband Breakfast Live Online events take place on Wednesday at 12 Noon ET. Watch the event on Broadband Breakfast, or REGISTER HERE to join the conversation.
Wednesday, November 1, 2023 – Cybersecurity and BEAD
To qualify for funding under the Broadband Equity, Access and Deployment program, network operators must submit a comprehensive cybersecurity strategy in line with the National Institute of Standards and Technology’s cybersecurity framework. What impacts do these requirements have on broadband deployers, and what steps can they take to ensure compliance? How can operators strike the right balance between expanding their networks and safeguarding them against cyber threats?
Panelists
- Evan Rice, Senior Vice President, Guide Star
- Savannah Schaefer, Wilkinson Barker Knauer LLP
- Melissa Newman, Vice President of Government Affairs, Telecommunications Industry Association
- Drew Clark (moderator), Editor and Publisher, Broadband Breakfast
Evan Rice is an experienced IT executive with a focus on cyber security and operational excellence. Evan currently serves as the Senior Vice President of Guide Star, a division of CCI Systems. Evan has been with CCI Systems since 2012, starting as a Data Services Professional then moving to the Vice President of Information Technology role prior to his current position at Guide Star.
As an Associate at Wilkinson Barker Knauer LLP, Savannah Schaefer advises clients on a range of issues pertaining to cybersecurity, supply chain risk management, and emerging technology. Prior to joining the firm, Savannah represented companies in the information and communications technology sector at two trade associations where she led development and advocacy of the associations’ cybersecurity and supply chain legal and policy positions. She has also served in leadership roles in the IT and Communications Sector Coordinating Councils and on the Department of Homeland Security’s ICT Supply Chain Risk Management Task Force.
Melissa Newman has over 25 years’ experience in government affairs for the telecommunications sector. Prior to Melissa joining TIA as Vice President of Government Affairs, she worked at Transit Wireless heading the Legal and External Affairs departments; Wilkinson Barker Knauer, a premier telecommunications law firm in Washington, DC; CenturyLink (now Lumen) as Vice President, Federal Policy and Regulatory Affairs; and as Deputy Division Chief of the Policy Division in the Common Carrier Bureau of the FCC.
Breakfast Media LLC CEO Drew Clark has led the Broadband Breakfast community since 2008. An early proponent of better broadband, better lives, he initially founded the Broadband Census crowdsourcing campaign for broadband data. As Editor and Publisher, Clark presides over the leading media company advocating for higher-capacity internet everywhere through topical, timely and intelligent coverage. Clark also served as head of the Partnership for a Connected Illinois, a state broadband initiative.
WATCH HERE, or on YouTube, Twitter and Facebook.
As with all Broadband Breakfast Live Online events, the FREE webcasts will take place at 12 Noon ET on Wednesday.
SUBSCRIBE to the Broadband Breakfast YouTube channel. That way, you will be notified when events go live. Watch on YouTube, Twitter and Facebook.
See a complete list of upcoming and past Broadband Breakfast Live Online events.
Cybersecurity
White Houses Asks Congress to Fill Rip and Replace Funding Gap
The $3 billion shortfall was first flagged by the FCC in July 2022.

WASHINGTON, October 26, 2023 – The Joe Biden administration is asking Congress to fill the $3 billion gap in the Federal Communications Commission’s rip and replace program, among other domestic needs.
The ask came Wednesday as part of a $55.9 billion request for domestic aid, including disaster relief and child care subsidies. Also in the White House’s request was $6 billion to continue the Affordable Connectivity Program, the monthly internet subsidy that’s set to dry up in April 2024 without additional funding.
In 2020, Congress required broadband providers to replace equipment from some Chinese companies, including Huawei and ZTE, citing concerns that it could be used for espionage. The effort was funded with $1.9 billion to reimburse companies for the cost of switching out gear.
But in July 2022 the FCC, which oversees the program, said broadband providers would need $4.98 billion to get the work done. There have since been repeated calls from lawmakers and industry to shore up the fund. Bills have been introduced in both the House and Senate to fill the $3 billion gap, but they have yet to be passed.
The deadline for approved companies to request reimbursement for rip and replace work passed on July 15. By default, companies have one year from the approval of that request to remove the Chinese equipment, but the commission has been granting deadline extensions as providers complain of funding troubles.
House Republicans managed to elect a speaker on the same day as the funding request, ending weeks of deadlock.
Cybersecurity
Lawmakers Should Incentivize Cybersecurity in Private Sector: Cisco Executive
One weak link can threaten the entire system.

WASHINGTON, May 25, 2023 – A Cisco executive urged Congress at a Semafor event Thursday to provide more incentives for companies to ensure their cybersecurity posture is up to date.
While Jeetu Patel, general manager of security at the information technology giant, didn’t specify what types of incentives can be used, he said the incentives must push private infrastructure to have high security standards.
Both private and public sectors have a part to play in improving the nation’s security, he noted, adding private companies must build products that are secure by design.
There is “tremendous” need for cross-nation coordination around cyberattacks, said Patel. He urged lawmakers to democratize cybersecurity by simplifying the process, adding the nation must be united to gain traction against attackers.
The cybersecurity industry has not made conversations simple to follow or technology easy to use, he said. Simplifying cybersecurity is the only way we can democratize it and when it’s democratized, it can be made universal, said Patel.
He warned that the country cannot let the financial constraints of a few companies put the whole system at risk. Regardless of how affluent a country is, the weakest link controls the strength of the chain, he said.
Artificial Intelligence will change cybersecurity fundamentally, he noted. It is important to remember that AI tools are also available to attackers. Currently, the majority of attacks stem from fraudulent emails which AI can make more personalized and difficult to discern from real communication, he said.
Cybersecurity defenses must evolve
We need to develop an idea of civic responsibility for tech innovators and students in STEM fields, added Suzanne Spaulding, senior advisor of Homeland Security at the Center for Strategic and International Studies. Civic responsibility is the antidote to disinformation and is the change central to democracy, she continued.
Spaulding warned companies against relying on existing cybersecurity measures. Resilience is about having layers of plans and assuming they all will fail, she said.
This comes at a time of Congressional focus on cybersecurity. In March, two bills were introduced by Senators Jacky Rosen, D-Nev., and Marsha Blackburn, R-Tenn., to establish pilot programs in the Department of Defense and Homeland Security that would hire civilian cybersecurity personnel in reserve.
In 2021, President Joe Biden signed an executive order on improving American cybersecurity capabilities following the Colonial Pipeline ransomware attack and SolarWinds breach in 2020.
-
Broadband Mapping & Data4 weeks ago
NTIA OKs Virginia’s Broadband Plan, Commonwealth Launches BEAD Challenge Process
-
Fiber2 weeks ago
The High Cost of Fiber is Leading States to Explore Other Technologies
-
Broadband Mapping & Data4 weeks ago
FCC is Looking to Update its Definition of Broadband
-
Broadband Roundup4 weeks ago
Emergency Connectivity Funding, Comcast in Connecticut, Glo Fiber in Pennsylvania
-
FCC3 weeks ago
‘It Was Graft’: How the FCC’s CAF II Program Became a Money Sink
-
Funding4 weeks ago
NTIA Will Allow Alternatives to Letter of Credit for BEAD Funding in New Guidance
-
Expert Opinion2 weeks ago
Ryan Johnston: What Happens to BEAD Without the Affordable Connectivity Program?
-
Funding2 weeks ago
NTIA Confirms Licensed-by-Rule May Apply for BEAD Funding