FOR IMMEDIATE RELEASE
July 25, 2023
Center for Cybersecurity Policy and Law
New Network Resilience Coalition Launches to Address Threats to Outdated Network Infrastructure on a Global Scale
WASHINGTON, D.C. - Industry leaders across networking, service providers and cybersecurity today announced the launch of the Network Resilience Coalition, an alliance focused on bringing together technology providers, security experts and network operators seeking to propose real-world solutions that dramatically improve the security of data and networks that support our global economic and national security.
Software and hardware vendors spend tremendous amounts of time and effort to ensure that all products and services are as strong and secure as possible. Unfortunately, it is common for organizations to lack robust patching and vulnerability management programs or to not install critical updates in a timely manner, despite their availability.
Not only does failing to upgrade or update hardware and software systems put the individual organization at risk, it can lead to cyberattacks on a global scale, targeting aging network infrastructure, as evidenced by recent advisories from the UK’s National Cyber Security Centre and the U.S.’s Cybersecurity and Infrastructure Security Agency as well as reports of state-sponsored activity.
Technology companies must find ways to address the continued problem of software and hardware updates and patches not being implemented, while also encouraging organizations to have better visibility into their networks to better mitigate cyber risks. The Network Resilience Coalition was formed to help address these issues in an open and collaborative way and to help improve network hardware and software resilience on a global scale. By bringing together infrastructure vendors and major network operators who are experienced in deploying patches in a timely manner, the coalition aims to address network hardware and software resilience challenges and inform good policy.
Founding members of the new coalition consist of leaders who have been addressing this problem at its roots, including, AT&T Inc., Broadcom, BT Group, Cisco Systems Inc., Fortinet, Intel Corp., Juniper Networks, Lumen Technologies Inc., Palo Alto Networks, Verizon and VMware.
“Network resilience is vital to the health of our economy and our interconnected world and there is a need to focus on how to improve the security of the larger ecosystem by all sides working together,” said Ari Schwartz, coordinator of the Center for Cybersecurity Policy & Law, a leading non-profit that brings together industry leaders with policymakers to find solutions that can help improve the digital security of networks, devices and critical infrastructure. “Too often we see organizations fall victim to a cyberattack because an existing critical update or patch wasn’t made.”
Coalition members will work together on a report that investigates the crux of these issues and produce clear, actionable recommendations for improving network security, for technology providers, technology users, and those creating or regulating security policy.
About the Center for Cybersecurity Policy & Law:
The Center for Cybersecurity Policy & Law is an independent organization dedicated to enhancing cybersecurity worldwide by providing government, private industry, and civil society with practices and policies to better manage security threats. Established in 2017 as a 501(c)(6) nonprofit, the Center combines policy expertise with convening power to bring industry leaders together with policymakers, form coalitions, and launch initiatives that produce real-world outcomes.
Hacking Policy Council Comments to New York State Department of Health on Proposed Hospital Cybersecurity Requirements
The Hacking Policy Council (“HPC”) submits the following comments in response to the New York Department of Health’s proposed addition to Section 405.46 to Title 10 NYCRR (“Hospital Cybersecurity Requirements).
Breaking the endless loop and reframing the encryption debate
Encryption advocates and law enforcement are stuck in an endless loop when it comes to debating encryption. It's time for industry and law enforcement to sit down, discuss challenges, listen to one another, and work together to create solutions.
Vulnerability Management Under The Cyber Resilience Act
Companies should begin preparing now for the EU’s Cyber Resilience Act, a significant development in product security regulation and will apply to software and connected device manufacturers in and outside EU borders.