As concerns about ransomware and other cybersecurity risks grow, the National Association of Broadcasters is urging the FCC to develop a standardized cybersecurity risk management plan template for broadcasters centered around the Emergency Alert System.
The NAB voiced concerns that small and mid-sized broadcasters may struggle to create sufficient cybersecurity plans due to limited resources and lack of in-house expertise.
In meetings held between September 9 and September 11, representatives from the NAB, including NAB Associate General Counsel Legal and Regulatory Affairs Larry Walke, met with FCC staff members Michael Sweeney, Greg Watson, Justin Faulb, and Edyael Casaperalta. The discussions focused on the security of the EAS and the challenges broadcasters face in complying with proposed FCC regulations.
In an Ex Parte filing, Walke writes, “Simply pointing stations to the generic, comprehensive NIST Cybersecurity Framework for guidance will not suffice. The Commission’s proactive development of a template cyber risk management plan is likely to increase compliance with the FCC’s requirements, and in turn, the security of the EAS.”
The NAB highlighted that many broadcasters do not have in-house cybersecurity specialists and would need to hire costly external consultants to develop compliant cybersecurity risk management plans. They expressed that an FCC-provided template would help stations identify critical steps and adapt the plan to their operations, ensuring meaningful compliance without imposing undue burdens.
The organization also questioned the FCC’s proposals regarding the timely repair of faulty EAS equipment and the reporting of equipment failures. They argued that since the FCC does not play a role in repairing EAS equipment and repair times are often beyond broadcasters’ control, these requirements may not effectively enhance the system’s security.
As the Emergency Alert System largely depends on AM radio, it is imperative that stations be protected from any outside interference that could compromise national security, especially as EAS remains a core tenet of the AM Radio For Every Vehicle Act.
