- A new telecom ISAC is launching to strengthen cybersecurity across the communications sector
- Founding members include AT&T, T-Mobile and Verizon
- More sophisticated cyber threats and AI are pushing carriers toward collective action
Cybersecurity threats just keep coming and evolving with AI. To better tackle the threats, eight U.S. communications companies – AT&T, Charter Communications, Comcast, Cox Communications, Lumen Technologies, T-Mobile, Verizon and Zayo – are getting together to provide a unified defense and share information.
Formally known as the Communications Cybersecurity Information Sharing and Analysis Center, aka C2 ISAC, the new non-profit is dedicated to boosting cybersecurity across the communications sector.
AT&T CISO Rich Baich serves as the inaugural chairman of the C2 ISAC board.
How difficult was it to get all these cybersecurity experts together?
“Once we began to think about how we wanted to look at our collective defense going forward, based on the changes that were going on geopolitically, as well as just the advancement of cyber, it was very easy for everybody to come together,” Baich told Fierce.
Not that it was all a walk in the park. They had to get their ducks in a row – which is to say, lawyers – as well as do all the things required to form a non-profit organization. The C2 ISAC begins operations in June.
Modeled after financial sector
Efforts to form the ISAC started more than a year ago, when a lot of ad hoc activities were going on but there was no formal organization. Both Baich and T-Mobile SVP for Cybersecurity Mark Clancy knew one another from their days in the financial services sector, which helped get the ball rolling.
Creating a place where companies share information like this comes with both risk and reward, Clancy said.
“One of the challenges we have is there’s risk in sharing and there’s benefit in sharing and we want to get that risk/reward curve right,” he told Fierce. “We’re just starting, but we thought it’s important to get this collaboration going.”
A lot of times, it just comes down to speed. The faster they can share pertinent information, the better.
“We’re in early days as a formal structure but the idea is, as things are happening, we can get as close to real time as events are occurring to be sharing,” Clancy said.
He likens it to a phone tree, where one person says, “Hey, I’m seeing this happening. Is anybody else?” If an incident affects only one entity, the response will be different than something that’s affecting multiple companies.
AI ups the ante
Historically, one of the biggest challenges is the pace at which an adversary can carry out an attack. Once you throw AI into the equation, that changes the game significantly.
Clancy said he recently joked on LinkedIn that his new hobby is using AI to read changes in companies’ 10-Qs related to risks from AI.
“It’s obviously going to have a profound effect on the threat landscape,” he said. “The biggest piece for me is the velocity of change that’s going to happen.”
All of this applies to suppliers, too. The communication service providers share a lot of the same vendors, which is where vulnerabilities to security show up fast and furious.
“That’s just the normal life cycle,” Clancy said. “The problem is that life cycle is really shortening and we have to be more nimble, more agile and communicating at higher frequency than we used to because the world has changed.”
The initial focus of C2 ISAC is on the operator space, but they will be deliberating about how they expand and what they do with key suppliers in the sector.
C2 ISAC structure
To help execute all of this is Valerie Moon, whose career includes more than 20 years at the Federal Bureau of Investigation (FBI). She will serve as executive director based in Washington, D.C.
The C2 ISAC will be structured with Moon overseeing day-to-day operations and the chief information officers at the eight founding companies serving as the initial Board of Directors.
A lot of people might be wondering if Salt Typhoon is what led to the formation of C2 ISAC, but Baich said there was no single event that triggered it. Overall, cyber threats are growing more complex and sophisticated and they need an organized framework for faster information sharing.
Fierce asked: Is it their intent to mirror what the financial industry is doing in terms of collaboration?
Not exactly. “We want to be better,” Baich responded. “Think of it like collective defense because we believe that’s where the greatest value comes from.”