Threats to internet routing infrastructure are diverse, persistent and changing — leaving critical communications networks susceptible to severe disruptions, such as data leakage, network outages and unauthorized access to sensitive information. Securing core routing protocols — including the Border Gateway Protocol (BGP) and the Resource Public Key Infrastructure (RPKI) — is an integral facet of the cybersecurity landscape and a focus of current efforts in the United States government’s strategy to improve the security of the nation’s internet routing ecosystem.
CableLabs has released an update to the “Cybersecurity Framework Profile for Internet Routing” (Routing Security Profile or RSP). The profile serves as a foundation for improving the security of the internet’s routing system. An actionable and adaptable guide, the RSP is aligned with the National Institute of Standards and Technology (NIST) Cybersecurity Framework (CSF), which enables internet service providers (ISPs), enterprise networks, cloud service providers and organizations of all sizes to proactively identify risks and mitigate threats to enhance routing infrastructure security.
The RSP is an extension of CableLabs’ and the cable industry’s longstanding leadership and commitment to building and maintaining a more secure internet ecosystem. It was developed in response to a call to action by NIST to submit examples of “profiles” mapped to the CSF that are aimed at addressing cybersecurity risks associated with a particular business activity or operation.
Improvement Through Feedback and Alignment
The first version of the RSP (v1.0) was released in January 2024 in conjunction with an event co-hosted with NCTA — the Internet & Television Association, featuring technical experts and key government officials from NIST, the Federal Communications Commission (FCC), the National Telecommunications and Information Administration (NTIA), the Cybersecurity and Infrastructure Security Agency (CISA) and the White House Office of the National Cyber Director (ONCD).
Following the release of the first version of the RSP, CableLabs conducted outreach to other relevant stakeholders within the broader internet community to raise awareness about this work and to seek feedback to help improve the profile. In addition, NIST released its updated CSF 2.0 in February 2024.
The RSP update reflects stakeholder input received to date and accounts for changes in the NIST CSF 2.0. In particular, the RSP v2.0:
- Aligns with NIST CSF 2.0’s addition of a “Govern” function and revisions of subcategories in the RSP’s mapping of routing security best practices and standards to the applicable key categories and subcategories of the NIST CSF 2.0’s core functions.
- Adds routing security considerations for most subcategories that previously did not include such information.
- Incorporates informative and relevant references within the context of the mapping rather than as a separate column of citations.
Advancing Routing Security Through Public-Private Partnership
Since its release, the RSP has been cited as a resource by various government stakeholders in recent actions and initiatives, including NTIA’s Communications Supply Chain Risk Information Partnership (C-SCRIP)’s BGP webpage, the FCC’s proposed BGP rules and ONCD’s Roadmap to Enhancing Internet Routing Security.
In addition, CableLabs continues to closely engage in public-private stakeholder working groups. They include the joint working group recently established by CISA and ONCD, in collaboration with the Communications and IT Sector Coordinating Councils. The working group was created, according to the ONCD roadmap, “under the auspices of the Critical Infrastructure Partnership Advisory Council to develop resources and materials to advance ROA and ROV implementation and Internet routing security.”
The Ever-Evolving Cybersecurity Puzzle
The RSP remains a framework for improving security and managing risks for internet routing, which is just one key piece of a larger critical infrastructure cybersecurity puzzle. As with any endeavor in security, the RSP will evolve over time to reflect changes to the NIST CSF, advances in routing security technologies and the rapidly emerging security threat landscape.
The RSP was developed by CableLabs’ Cable Routing Engineering for Security and Trust Working Group (CREST WG). The group is composed of routing security technologists from CableLabs and NCTA, as well as network operators from around the world.
Learn more about all CableLabs’ working groups, including the CREST WG, and how to join us in this critical work. Download the profile here, or view it using the button below.