Telecom IT Cyber Threat Initiative

Major telecom and IT groups announce new initiative to jointly address cyber threats

February 23, 2018 |  Charlie Mitchell

The United States Telecom Association and the Information Technology Industry Council today are unveiling a new “Council to Secure the Digital Economy,” an effort springing from the cross-sector nature of botnet and other threats that could sabotage the emerging Internet of Things.

“When you look at modern ecosystem-wide cybersecurity challenges like botnets and others, it’s clear that it’s a global issue and a cross-sector issue,” John Miller, ITI’s vice president for global cybersecurity policy and law, told Inside Cybersecurity. “For the communications and IT sectors in particular, it seems essential that we work together.”

Robert Mayer, senior vice president for cybersecurity at USTelecom, said in the interview that the new council is a “perfect vehicle” for the two sectors to work together on cross-cutting issues like botnets, coordinated incident planning and international harmonization, among other issues.

These subject areas were all identified and addressed in the recently released draft report to President Trump on botnets and in the president’s 2017 cybersecurity executive order.

Mayer and Miller said the White House, Department of Homeland Security and other federal offices have been supportive of the new initiative.

Christopher Krebs, DHS’ senior official performing the duties of the under secretary, said in a statement: “I applaud ITI, US Telecom and their members for leaning forward and addressing the challenges of a more secure digital economy by building upon strategic initiatives from a more integrated and collaborative ICT approach. This is exactly the type of industry collaboration needed to help frame the important issues through a shared digital economy lens.”

According to a statement from the Council to Secure the Digital Economy that will be publicly released this morning: “CSDE brings together leaders and innovators from across the internet ecosystem to combat increasingly sophisticated and emerging cyber threats through collaborative action to drive effective cyber solutions across the public and private sectors. Founding partners include Akamai, AT&T, CenturyLink, Ericsson, IBM, Intel, NTT, Oracle, Samsung, SAP, Telefonica and Verizon.”

The council says: “With over 8 billion Internet of Things (IoT) devices in the market, the value of digital data flows in the global market is estimated at about $8 trillion in a single year. This tremendous growth, however, is accompanied by significant and costly cybersecurity risks. To help mitigate these risks, CSDE will draw on its cross-sector technical and policy expertise to collaborate with policymakers across the globe to develop effective and practical solutions to our shared cybersecurity challenges.”

USTelecom president and CEO Jonathan Spalter said, “The CSDE reflects a shared commitment across the leadership of the global information and communications technology sector to pursue security mitigation as intensely as digital innovation.”

ITI president and CEO Dean Garfield said, “This is a tremendous opportunity to convene top thought leaders, innovators, technologists, and policymakers to address and mitigate threats to our global digital economy.”

“IBM is pleased to be a founding member of the Council to Secure the Digital Economy because we feel that closer cooperation between the technology and telecommunications industries is essential to better securing our digital networks. Working together, we have a great opportunity to build greater trust and resiliency in the digital economy,” said Christopher Padilla, IBM’s vice president for government and regulatory affairs.

First steps

In the interview with Inside Cybersecurity, Mayer and Miller explained that the new organization won’t replace the ongoing work of sector-specific coordinating councils and other bodies that work with DHS and federal and state agencies.

But it will provide a focused, cross-sector entity for addressing many of the “industry-led activities” foreseen in the administration’s botnet report, for example.

The council plans to convene a working group “in the March timeframe” to discuss options and “prioritize efforts,” Mayer said, with a discussion to follow with the broader membership.

“We’re not saying that we’re speaking on behalf of the sectors — a lot of the credit goes to the individual companies that are stepping forward,” Miller emphasized, saying the initiative is about “accountability.”

Mayer said the new organization will allow participants to “begin to think as a collaborative group of organizations,” while Miller said the group intends “to be proactive on driving collaborative solutions that help secure the digital economy.”

Miller also said this effort isn’t seen as a “temporary exercise, but as something that can “make a difference and move the needle on policy.”

Mayer explained, “There are things industry can do and we expect to have those discussions. And there are things government can do, and we’ll be engaged in discussions with them to facilitate improvements in the cybersecurity of critical infrastructure. This is organic, an ongoing conversation about what we’re doing collectively and making sure there is alignment.” — Charlie Mitchell (