Policy
Driving Toward 10G and Beyond: CableLabs Engagement in Standards Organizations and Industry Consortia
CableLabs continues to engage heavily with—and to play a key leadership role across—a broad group of global information and communications technology standards development organizations (SDOs) and industry consortia. These engagements enable CableLabs to influence emerging technologies and leverage our technical expertise and global recognition as a leading industry innovation lab to provide meaningful contributions and help advance these technologies to drive toward 10G and beyond. CableLabs is directly involved in over 90 distinct working groups across a broad range of technologies, including wireless, optical, security, immersive media formats and many others.
Through focused engagements with these SDOs and industry consortia, CableLabs influences global information and communications markets to drive advancements aligned with CableLabs’ objectives in fixed and mobile convergence, cybersecurity and broadband innovation (collectively, 10G). Figure 1 shows the breadth of organizations that CableLabs participate in to drive the convergence of wireless and wired networks and develop the technology required to fully realize the 10G vision.
Figure 1. CableLabs’ Standards Organization Engagements June 2020 – 2021.
Driving Convergence of Fixed and Mobile Access Across Wired and Wireless Networks
CableLabs and the cable industry are driving toward a new era of true convergence of fixed and mobile services where connectivity can be provided dynamically and seamlessly across access network technologies (e.g., fiber, hybrid fiber-coaxial (HFC) networks, Wi-Fi, mobile, shared spectrum models, such as CBRS and fixed wireless). Convergence will enable optimized connectivity for a more user-centric experience, unleashing a new wave of innovation in services and applications for consumers. Given the nature of the challenge, convergence will only succeed through cross-industry collaboration and cooperation to develop and define the interoperability requirements and technologies required.
CableLabs is helping to create open interface specifications across its convergence-related standards engagements to promote a diverse and competitive marketplace of vendors and suppliers (e.g., the Telecom Infra Project (TIP) and the O-RAN Alliance). CableLabs is helping enable the use of commercial off-the-shelf hardware and virtualization technologies for fixed, mobile and converged network functions. These functions include using cloud-native infrastructure to enable flexibility, elasticity, resiliency and telemetry, promoting technologies for closed-loop automation, zero-touch provisioning and self-healing of converged infrastructure and driving harmonization across multiple industries (e.g., 3GPP, OnGo Alliance, Wi‑Fi Alliance (WFA) and WInnForum).
Accelerating Broadband Innovation
The 10G platform is a combination of technologies that will deliver symmetric multi-gigabit Internet speeds with a vision toward enabling symmetric 10 gigabits per second (Gbps) services. The 10G platform will not only provide broadband at speeds 10x faster than what most consumers currently experience but will also allow for significantly lower latencies across the network. Advances in both the access network and home or local area network are required for consumers to realize the full benefit of 10G.
CableLabs is not only heavily invested in direct development of many of the 10G enabling technologies, including next-generation DOCSIS technologies, it also engages across a broad range of SDOs and industry consortia to guide and contribute to network technologies that are critical to the cable industry and part of the broader communications industry —for example, advancing optical technologies (e.g., defining the 25G/50G-EPON standard at the Institute of Electrical and Electronics Engineers (IEEE)) and boosting Wi-Fi performance (e.g., driving operator-required functionality into the WFA EasyMesh specifications). CableLabs also engages in industry efforts to accelerate next-generation broadband application development, including immersive media (e.g., at the Immersive Digital Experience Alliance, MPEG-I and Media Coding-Industry Forum (MCIF)), work to drive improvements and new solutions in network virtualization and cloud computing (e.g., at the Cloud Native Computing Foundation, Linux Foundation and Open Networking Foundation) and to stimulate adjacent innovation to help ensure full utilization of cable’s future networks (e.g., at Internet Engineering Task Force (IETF)).
Increasing Security
The cable industry has a long history in leading advancements in network security, as recently evidenced by its approach to 10G, which incorporates security as a core element. To drive increased security, CableLabs participates in SDOs and industry consortia that cover network technologies, as well as technologies both upstream and downstream from cable broadband service.
Our work to increase security encompasses several major areas:
- Mobile and Fixed Network Security: Driving increased network security through 3GPP, WFA, WBA, European Telecommunications Standards Institute (ETSI) and IETF
- Internet of Things (IoT) Security: Building secure interoperability into IoT devices through our work with OCF, WFA and CSA Matter pioneering paths to new security capabilities such as integrating CableLabs® Micronets as one of the enabling technologies referenced in the National Cybersecurity Center of Excellence (NCCoE) lab’s research on the mitigation of network-based attacks using Manufacturer Usage Description (MUD) for IoT security
- Mitigating Threats to Broadband Service: Collaborating to develop approaches for improved Distributed Denial of Service (DDoS) mitigation through our work at M3AAWG monitoring IP-address spoofing prevention, routing security and advancing gateway device security
CableLabs engages across a dynamic field of SDOs and industry consortia to create the connectivity standards, protocols and best practices to bring the 10G vision to life. Through proactive collaboration and direct technical contributions in a broad group of organizations, CableLabs is pushing toward a more user-centric experience through driving network convergence, accelerating broadband innovation and advancing security throughout the network.
Policy
More Than 70 State Legislators Experience the Future of Connectivity at CableLabs
For the past several years, CableLabs has annually hosted a large group of state legislators from dozens of states across the country to discuss the future of broadband connectivity. It was our privilege to repeat that honor recently, both to showcase the cable industry’s innovation roadmap and to listen to the interests and concerns of a diverse group of lawmakers.
Policymakers were excited to see firsthand the emerging network technologies that will enable increased cable broadband performance—faster symmetrical speeds, lower latency, enhanced reliability and better security. Collectively, the group of network technologies that will enable this increased performance is the cable “10G Platform,” which will equip cable networks to deliver 10 gigabit services.
CableLabs’ Rob Alderfer, Vice President of Technology Policy, kicked off the visit with an overview of the current state of cable broadband networks and the technologies on the horizon that will drive increased broadband performance. Gigabit-speed service is now available to nearly the entire footprint of the cable network in the United States. Although gigabit service is state of the art today, CableLabs sees an even faster future for connectivity with symmetrical multigigabit speeds coming soon to consumers through the 10G Platform. To help envision this future, CableLabs also screened its latest Near Future Video—“The Near Future: Diverse Thinkers Wanted”—to illustrate the applications and services that could be enabled by widely deployed 10G networks, including holo-rooms, on-call mixed reality (MR) and autonomous taxi fleets, among many others.
The state legislators then took part in a tour of CableLabs, including a series of demonstrations and discussions in the areas of wired network technologies, wireless network technologies, cybersecurity and immersive media.
Wired Network Technologies (Fiber and Coaxial)
In CableLabs’ Optical Center of Excellence, Curtis Knittle, vice president of wired technologies, demonstrated multi-gigabit broadband service in action, with speeds of nearly 5 Gbps being received by a single cable modem using DOCSIS® 3.1 network equipment—a clear step toward 10G. Curtis also provided an overview of the emerging wired network technologies that underpin the 10G Platform, including advances in DOCSIS technology (DOCSIS 4.0), fiber optic access networks (Full Duplex Coherent Optics) and distributed access architectures (Remote PHY and Remote MAC/PHY). Collectively, these technologies will scale to deliver 10 Gbps.
Wireless Network Technologies (Wi-Fi, Mobile and Fixed)
CableLabs continues to grow its investment in wireless network technologies, recognizing that the consumer’s broadband experience depends on a robust wireless connection. Joey Padden, a distinguished technologist at CableLabs, provided a live demo of gigabit Wi-Fi. Robust wireless connectivity, through home Wi-Fi networks, is essential to the delivery and full enjoyment of the full capability of the current cable broadband service and the 10G service of the future.
Joey led a discussion of the underlying technologies and constraints to future growth, including how a shortage of wireless spectrum is a major bottleneck for delivering on industry innovation. Policymakers can play a key role in helping enable the market by making more spectrum available for new and existing technologies, such as Wi-Fi. Recognizing the importance of spectrum policy, CableLabs is an active technical contributor to these important decisions, which were of high interest to the visiting lawmakers.
Cybersecurity and the Internet of Things
The Internet of Things (IoT) has the potential to enhance all our lives through increased efficiency, convenience and productivity. However, this proliferation of Internet-connected devices also creates meaningful risk for consumers, online services and the broader Internet. Insecure IoT devices can fuel cyberattacks, spread ransomware and steal sensitive personal information, among other concerns.
The 10G Platform seeks to mitigate these risks through a number of new technologies, including CableLabs® Micronets. CableLabs’ Mark Walker, Director of Technology Policy, and Kyle Haefner, Senior Security Engineer, demonstrated how new tools such as Micronets will allow cable broadband customers to stay ahead of attackers. Protecting consumers has proven to be a priority we share with legislators. CableLabs and the cable industry are leveraging decades of experience and leadership to help address the challenges and risks that insecure IoT poses.
Immersive Media (VR, MR and Light Fields)
The tour also provided the legislators with the opportunity to experience the latest in virtual reality (VR) and discuss the near future of immersive media technologies, including on-call MR and holographic light field displays. CableLabs’ Eric Klassen, Innovation Project Engineer, and Debbie Fitzgerald, Director of Technology Policy, led the discussion and provided legislators with a sense of the applications that cable’s 10G broadband networks will enable. To support the development and adoption of immersive media, CableLabs helped found the Immersive Digital Experience Alliance (IDEA), which is standardizing a new media format for the transmission of volumetric media, such as light fields.
Following the lab tours, the event wrapped with a future-focused session on emerging technology megatrends with CableLabs’ CEO Phil McKinney. Phil provided an innovator’s perspective on key trends that will significantly impact technology development. For example, he highlighted exponential increases in storage capabilities (e.g., biological-based and memristor technologies), artificial intelligence, robotics and bandwidth. Phil explained how these technology megatrends will fundamentally change how we each live, learn, work and play.
As CableLabs continues to build the technologies that will make 10G networks a reality, we recognize the importance of dialogue with policymakers through events such as this. It is critical that government officials have a sound understanding of the industry’s innovation roadmap, and it is equally important that industry listen to public policy interests. Together, we can build the future of connectivity.
Events
CableLabs Sponsors FCBA/IAPP “Data Is King”
Many of today’s most popular consumer products and services are powered by the exponential growth in the generation, collection and use of personal data, enabled by ever-increasing broadband capacity, processing power and storage. These products and services provide consumers with unparalleled personalization, efficiency and convenience. However, the technologies and practices surrounding personal data also create new dimensions of risk to individuals, institutions and society alike.
In response, governments both in the United States and around the world are under increasing pressure to develop new legislation and regulatory models to address these growing concerns. In the past year alone, we have seen the implementation of the European Union’s sweeping General Data Protection Regulation (GDPR), the passing of the California Consumer Privacy Act, and multiple hearings in the U.S. Congress stemming from numerous data breaches and other scandals involving the potential misuse of consumers’ personal data. Here at CableLabs, we recognize the interplay and potential impact of emerging privacy regulations on the direction of next-generation Internet applications.
In that spirit, CableLabs sponsored “Data Is King” – U.S. Privacy Developments and Implications for Global Markets and Technology Development, a recent event co-hosted by the Federal Communications Bar Association (FCBA) Rocky Mountain Chapter and the IAPP Denver/Boulder KnowledgeNet Chapter. The event gathered luminaries from across the policy and technology spectrum to explore trends and recent developments in privacy law and regulation, as well as the potential impact that these policies will have on the products and services of tomorrow.
The event was kicked off by Martin Katz (Chief Innovation Officer and Senior Advisor for Academic Innovation and Design at the University of Denver and the Executive Director at Project X-ITE). Katz discussed the existing gaps and fragmentation in today’s U.S. privacy regime and highlighted the drawbacks of the EU’s approach to comprehensive personal data protection legislation (GDPR). In Katz’s view, such an approach creates a significant and costly compliance regime that can stifle new startups and small businesses, and more generally, innovative new products and services. He emphasized that any comprehensive U.S. federal regime should recognize and seek to minimize compliance costs and ensure room for innovation while protecting consumer choice, trust and accountability.
Tracy L. Lechner (Attorney and Founder at the Law Offices of Tracy L. Lechner) moderated the first panel session, focused on trends and recent developments in privacy regulations domestically and internationally, with the following panelists: Beth Magnuson (Senior Legal Editor of Privacy and Data Security at Thomson Reuters Practical Law); Dale Skivington (Compliance and Privacy Consultant, Adjunct Professor at the University of Colorado, and Former Chief Privacy Officer at Dell); Erik Jones (Partner at Wilkinson, Barker, Knauer); and Scott Cunningham (Owner at Cunningham Tech Consulting and Founder of IAB Tech Lab).
The panelists agreed that the general position of industry has evolved from a preference for best practices with agency oversight to a recognized need for U.S. federal legislation. This shift has been spurred by a desire for a common compliance framework in light of developing differences in state laws and diverging international privacy regimes. The panelists emphasized that changing privacy regulatory requirements has forced organizations to make frequent and costly IT overhauls to ensure compliance that arguably create little to no value for consumers. For instance, GDPR’s expansive definition of “personal data” created a herculean project for large organizations to take the foundational step of identifying and classifying all the potentially covered data. The panelists agreed that state attorneys general could have a valuable and thoughtful role in enforcement, but they also believe that specific requirements should be standardized at the federal level and be based on an outcome- or risk-based approach, unlike GDPR’s highly prescriptive approach.
Mark Walker (Director of Technology Policy at CableLabs) led a second-panel discussion, focused on the interplay of privacy regulation and technology development. The panel featured Walter Knapp (CEO at Sovrn), Scott Cunningham and Danny Yuxing Huang (Postdoctoral Research Fellow at the Center for Information Technology Policy at Princeton University). Walker framed the panel discussion in historic terms, highlighting the privacy concerns generated through the widespread availability of the portable camera in the late 1800s, through the emergence of electronic eavesdropping capabilities in the 1960s and, more recently, through the broad adoption of RFID technology. For each of these examples, public concern drove legal and regulatory changes, but more fundamentally, the privacy “panic” subsided for each technology as society became more familiar and comfortable with each technology’s balance of benefits and drawbacks.
Through that lens, the panelists examined GDPR and highlighted the high associated compliance costs, from both a technical implementation and revenue perspective. Faced with these costs, many smaller publishers are choosing to cut off access to their content from covered geographies rather than trying to comply. In comparison, large Internet firms have the resources to ensure compliance even in a costly and highly fragmented regulatory environment. Until recently, the Internet has largely matured without defined geographic borders and has nearly eliminated global distribution costs for smaller publishers. However, this trend may be reversed in the face of an emerging fragmented and highly regulated environment, reducing the viability of smaller publishers and driving unintended market concentration.
Turning to emerging technologies, Huang described his research into the security and privacy implications of consumer Internet of Things (IoT). He provided an overview of a newly released research tool, Princeton IoT Inspector, that consumers can easily use to gain detailed insights into the network behaviors of their smart home IoT devices. Through this tool, consumers can gain a better understanding of how IoT devices share their personal information. He illustrated how IoT Inspector was able to identify the numerous ad networks and other domains a streaming video device communicated with while streaming a single television program; surprisingly, the streaming device communicated with more than 15 separate domains during that single streaming program.
The event closed with Phil Weiser, Colorado’s Attorney General, providing keynote remarks that outlined the current state of legislative efforts, explained potential approaches that address key privacy challenges and highlighted the role of state attorneys general in developing regulatory approaches and enforcing them. Attorney General Weiser recognized that although curbing a patchwork of state laws in favor of a single federal one would be the ideal outcome, it is unlikely to happen in a reasonable timeframe, saying:
A first best solution would be a comprehensive federal law that protected consumer privacy. Such a law, like the Dodd-Frank law, should authorize State AGs to protect consumers. When Congress starts working on such a law, I will be eager and willing to support such an effort. After all, differing laws and reporting requirements designed to protect privacy creates a range of challenges for companies and those working to comply with different—and not necessarily consistent—laws.
In today’s second-best world, I believe that States have an obligation to move forward. We should do so with a recognition that we need to collaborate with one another and develop approaches that recognize the challenges around compliance. We can use your help and engagement and we work towards just this end.
As CableLabs continues to focus on developing new and innovative network technologies, we must continue to ensure that we have a sound understanding of the rapidly evolving privacy landscape, both here and abroad. But, just as importantly, policymakers should have a sound understanding of how the various regulatory approaches may impact current and developing technologies. Events like this help bridge those gaps in understanding.
Policy
Driving Global Connectivity Well Beyond Cable Technology
CableLabs participates in more than 30 unique standards organizations, industry consortia, and open source efforts.
CableLabs is focused on developing innovative technologies, not only in the performance of cable’s hybrid fiber coax (HFC) networks, but also in many areas that extend beyond the traditional cable network, including wireless (both licensed and unlicensed), cybersecurity, network function virtualization (NFV), optical technologies for access networks, and the application of artificial intelligence (AI) and machine learning to network management and orchestration. To be successful, CableLabs recognizes that, in these areas beyond traditional cable technology, it must engage and work with the broader technology community to drive advancements. This effort is visible through CableLabs’ deep commitment to leading and contributing to standards organizations, industry consortia, and open source efforts in these broader areas.
Developing standards and industry specifications are at the core of CableLabs, which has been in the specification and standardization business since its inception over 30 years ago. In 1997, CableLabs released the initial version of the Data Over Cable Service Interface Specification (DOCSIS), the technology that enables broadband service to be provided over an HFC network. Standardization of the cable interface specification allowed the cable network operators to work at scale with the network equipment manufacturers to build the interoperable technology needed for cable to meet the exploding demand for broadband Internet access.
Ever since, CableLabs, along with its members and the vendor community, has continued to advance DOCSIS technology. Cable operators today have largely moved to DOCSIS 3.1 technology, enabling the availability of gigabit-speed broadband across nearly the entire cable footprint in the US, and driving towards a “10G” network capability. As cable has broadened its focus, CableLabs has responded by broadening its standards efforts and industry engagement.
Improving Wi-Fi and Enabling 5G through Wireless Standards Engagement
CableLabs contributes significantly to almost a dozen different standards organizations to improve wireless connectivity through standardization related mechanisms. Our work is not restricted to improvements in the traditionally separate spheres of in-home and mobile wireless and includes work toward a seamless network convergence for the future. Along those lines, CableLabs is engaged in the O-RAN Alliance, where we are leading an effort to establish an open virtualized RAN (“radio access network”) fronthaul specification which will allow for low-cost small cells with DOCSIS network backhaul.
At 3GPP, CableLabs is driving the Wireless-Wireline Convergence (WWC) effort to make the operation, management, and traversal of 5G wireless networks and 10G DOCSIS networks more seamless. CableLabs is also working to bring consumers a faster and safer in-home network experience through a next-generation adaptive security platform, CableLabs ® Micronets, which enables enterprise-level smart security at home. Beyond making home networks safer, we’re working to make them more powerful; exhibited by our role in achieving recent milestones with carrier-grade Wi-Fi certification through the Wi-Fi Alliance’s VantageTM and launch of the new EasyMeshTM certification program.
Driving Increased Performance of Optical Technologies in the Access Network through Broad Industry Collaboration
As cable drives its fiber infrastructure deeper into the HFC network, CableLabs has developed new technology for use of fiber in the access portion of the network and has promoted standardization of such technology. We are involved at several global standards development bodies—including IEEE, ESTI, O-RAN, and SCTE where we work to level-up all aspects of the fiber network. These efforts combine our internal specification development— work (such as Coherent Optics specifications) with broad industry collaboration in order to deliver dramatic improvements to the access network across all areas. This means that while working toward ever faster speeds through developing the next generations of PON protocols, the whole network ecosystem needs to be addressed, which includes innovation in network operations with projects such as Proactive Network Maintenance (PNM).
Building a Common, Secure, Foundation for IoT Devices of the Future
CableLabs envisions a future empowered by technologies that improve our lives—a future where augmented reality (AR)/ virtual reality (VR) head-mounted displays, video walls, AI-enabled media, ubiquitous Internet of Things (IoT) devices, light field holodecks and displays (as seen in our latest Near Future video) are just the beginning. However, in order for AR/VR devices to be populated with high-quality content, for video walls to connect seamlessly, or for our IoT devices to assist us securely, we will first need high-quality, secure, industry-driven standards on which the technology and applications can be built. This belief has led to our involvement in the Open Connectivity Foundation (OCF), an industry effort to develop a secure interoperability specification for IoT.
Catalyzing the Future of Immersive Media Experiences
Recognizing the importance of building consensus throughout the ecosystem, even beyond the broadband network, CableLabs is significantly involved in and contributing technical expertise toward a number of emerging technology areas, including significant projects in video, VR/AR, and immersive media. Essential to the actual adoption of standards, we recently played a founding role in establishing Media Coding Industry Forum (MC-IF) to address patent licensing of future MPEG codecs. In addition, we announced a new collaboration called IDEA (Immersive Digital Experiences Alliance) to establish and promote end-to-end delivery of immersive content, including light fields, over broadband networks.
To learn more about our work in standards, open source, and industry consortia please see our members-only (login required) Standards Strategy Update (April 2019) on current engagements.
Events
CableLabs Hosts “Cyber Risks in an IoT World”
Security provides the fundamental trust that enables the growth of broadband, and as the number of connected devices grows rapidly, all actors must make it a priority. The cable industry’s security expertise and investment positions it to play a constructive role in this rapidly evolving, global challenge. Here at CableLabs, we continue to focus on cybersecurity in our innovation and R&D work, and we recognize the interdependence of public policy and technology developments in this area.
In that spirit, we recently hosted an event at our facilities in Colorado entitled Cyber Risks in an IoT World, which was co-presented by the Rocky Mountain Chapter of the Federal Communications Bar Association (FCBA) and Silicon Flatirons. Our primary goal was to shine a spotlight on key elements of federal cybersecurity policy and the evolving risk faced by enterprises in light of the rapid proliferation of Internet of Things (IoT) devices. The event featured Evelyn Remaley, Deputy Associate Administrator at the Office of Policy Analysis and Development of the National Telecommunications and Information Administration, U.S. Department of Commerce, among other notable speakers and attracted over 60 attendees from the local and regional technology policy and legal communities.
CableLabs’ Rob Alderfer kicked off the event by laying out the broader context, including the trends that are driving increased risk to consumers and the basic functionality of the Internet. With the constant barrage of new cyber incidents, often driven by IoT devices vulnerable to exploitation, governments at all levels are taking notice and grappling with the rapidly evolving threat. Cybersecurity is no longer the domain of the IT department, but rather a key area of governance for all enterprises. You can read more about our vision for improving IoT cybersecurity here.
Clete Johnson (Wilkinson Barker Knauer, LLP) provided a primer on federal cybersecurity policy that cast the Internet and enterprise networks as the battlefields, espionage platforms, and crime scenes of the 21st century. The current regulatory landscape can be subdivided into several broad areas: the threat environment, the policy environment, government activities, and the developing policy consensus across government and industry. The threat environment is characterized by the increasing number of more and more severe attacks. These attacks originate from both non-state actors (organized crime groups, proxies for nation-states, hacktivists, and, potentially, terrorists) as well as state actors (Tier I intelligence services and their allies and partners). However, the line between non-state and state actors often blurs and these groups often overlap. Johnson also detailed the developing policy consensus that centers around dynamic, flexible risk management; a shared responsibility across all stakeholders; mutually beneficial public-private partnerships; and a move beyond the “punish the victim” enforcement. This developing consensus is largely embodied in the Cybersecurity Executive Order and its implementation.
Evelyn Remaley (NTIA) delivered the keynote presentation on the Cybersecurity Executive Order, the developing Botnet Report required by the Order, and, more broadly, the NTIA’s work in cybersecurity through the multi-stakeholder process. Remaley emphasized that NTIA recognizes the complexity of the ecosystem and sees it as a multi-textured and evolving global system that requires an agile, inclusive cyber policy approach. Two truths underlay that perspective:
- To protect innovation, there must be stakeholder-driven policy outcomes that are flexible enough to adapt quickly to changes in technology
- No single industry sector or the government will be able to solve the challenges facing the Internet ecosystem, because while the Internet is largely managed by the private sector, governments, civil society, and individuals all have key roles. Successfully addressing cyber threats requires collaborative efforts from across the Internet ecosystem. The ongoing effort to produce the Botnet Report is an example of this collaborative approach in action.
Panel Discussion with Evelyn Remaley
The panel discussion following Remaley’s presentation tackled both baseline questions around the incentives at play in the current IoT ecosystem and the upcoming Botnet Report’s role in addressing the risk of distributed threats, as well as practical questions about where the policy development process goes after the final report is released. Mark Walker moderated the panel discussion between Evelyn Remaley (NTIA), Michael Bergman (Consumer Technology Association), and Tracy L. Lechner (Brownstein Hyatt Farber Schreck, LLP). The panelists discussed the incentives misalignment that keeps a significant number of IoT providers from investing in better device security, including the perception that consumers do not place a significant value on security and that increased security comes at a significant cost (time and/or money). They also discussed the availability of effective security controls and the various industry efforts to drive increased adoption of those controls.
Panel Discussion on Risk Landscape for Enterprises
The final session entitled The Risk Landscape for Enterprises: Attacks, Recovery, Liability, and Compliance covered the cybersecurity threat landscape from the enterprise perspective. This panel was moderated by Blake Reid (University of Colorado Law School; Silicon Flatirons) who lead the discussion with Paul Diamond (CenturyLink), John Diana (LogRhythm, Inc.), Ryan Howe (Webroot, Inc.), and Deborah Shinbein Howitt (Lewis, Bess, Williams & Weese, P.C.). The discussion focused on the challenges enterprises of all sizes face when tackling the rapidly changing cybersecurity risk landscape, including limitations on resources and talent, as well as the task of understanding and complying with the numerous legal obligations coming onto the scene. Much like developing a cybersecurity program, building up the required legal policies begins with identifying the most critical data a business handles (e.g., healthcare information, social security numbers, credit card information) and then creating incident response plans that meet the most stringent obligations in those areas first. The NIST Cybersecurity Framework was highlighted as providing an enterprise with a structured approach to assessing cybersecurity risks and developing a robust cybersecurity program that matches its unique needs.
As CableLabs continues to focus on developing new and innovative security technologies, we must continue to ensure we have a sound understanding of the rapidly evolving cybersecurity policy landscape, both here and abroad. But, just as importantly, policymakers should have a sound understanding of current and developing technologies. Events like this help bridge those gaps in understanding.