Eight prominent U.S. communications companies announced the creation of a nonprofit cybersecurity collaboration on Tuesday, forming the Communications Cybersecurity Information Sharing and Analysis Center, abbreviated C2 ISAC. The founding members include AT&T, Charter, Comcast, Cox, Lumen Technologies, T-Mobile, Verizon, and Zayo.
The new organization is designed to enable members to exchange technical information and coordinate defenses against cyber threats that affect the communications sector. According to the announcement, the initiative responds to the reality that no single company has complete visibility into all threats or can mitigate every risk on its own.
C2 ISAC will serve as a venue where security practitioners and technical experts from member firms can share timely intelligence and align response strategies. The eight founding companies will also constitute the initial Board of Directors, made up of chief information security officers from each company.
Valerie Moon has been named executive director of C2 ISAC. The announcement highlights her prior roles at CISA, the FBI and other cyber organizations as relevant experience for the position. In a statement included with the formation notice, Moon said, "The C2 ISAC will strengthen individual member organizations and support the resilience of the nation’s critical communications infrastructure."
The new center builds on an existing government-private information-sharing framework. C2 ISAC expands on the National Coordinating Center for Communications - also known as the Communications ISAC or COMM-ISAC - which was established in 1984 to promote resilience and information exchange among government entities and private communications and IT companies.
Rich Baich, serving as the inaugural chairperson of the C2 ISAC board, said the organization is well positioned to broaden collaboration across the communications sector and assist members in addressing emerging risks. The statement said the organization expects to begin operations in June.
Summary
C2 ISAC is a nonprofit information-sharing center established by eight major U.S. communications companies to improve coordination on cybersecurity threats and defenses. Valerie Moon will lead the organization, and the founding companies will form the initial board of CISOs. Operations are expected to commence in June.
Key points
- Eight firms - AT&T, Charter, Comcast, Cox, Lumen Technologies, T-Mobile, Verizon, and Zayo - formed C2 ISAC to coordinate cybersecurity efforts.
- The organization will enable technical experts and CISOs to share threat information and coordinate defense strategies.
- C2 ISAC builds on the long-standing National Coordinating Center for Communications (COMM-ISAC) framework established in 1984.
Risks and uncertainties
- No single company has complete visibility into every cyber threat - a primary reason cited for creating the collaborative organization.
- Effective sector-wide coordination depends on timely and actionable information sharing among members, which the new center aims to facilitate.
- The pace and scope of the center's impact on real-world defenses will depend on how the organization operationalizes collaboration once it begins operations in June.