Your source for CE industry intelligence
Rising Security Risks

NIST Head Says Private Sector Must Lead on Standards Development

Ensuring U.S. leadership in the development of telecom and other standards must be a top national priority, said National Institute of Standards and Technology Director Laurie Locascio during a Telecommunications Industry Association virtual conference Tuesday. Locascio and other speakers said industry, not governments, should lead on standards.

Start A Trial

A private-sector led approach to standards is an integral part of U.S. technology leadership,” Locascio said. “I cannot overstate the importance of coordination and cooperation with the private sector on standards development, as well as the importance of international cooperation.” NIST and the rest of the federal government want standards based on “the highest technical rigor,” she said. “Trust is the anchor for our work,” she said.

I know from personal experience that standards work is difficult,” Locascio said: “It takes technical competence, accurate data, patience, strong communications, solid negotiations skills, and, in many cases, diplomacy.”

The $54.2 billion Chips and Science Act, signed into law in August (see 2208090062), emphasizes the importance of standards, Locascio said. “The act is a transformative piece of legislation for the nation,” providing $39 billion for an incentive program aimed at U.S. chips production and $11 billion for research and development, she said. “We are working very hard to deliver on this program,” she said.

Giving the standpoint of someone formerly inside the government, Wilkinson Barker’s Clete Johnson said industry needs to lead on security. “It’s imperative that the technical experts in the private sector are leading the development of standards and specifications,” said Johnson, a former Senate aide and FCC and Commerce Department cybersecurity adviser. “There are great public servants, they work hard, they’re smart,” he said: “You do not want government bureaucrats coming up with standards. You want technical experts who are working on real networks to do that.”

Our work is not done” on security “and it likely will never be done,” said Mike Regan, TIA vice president-business performance: “This is a call to action to the industry. The challenge is being placed on us by the bad actors who continually apply sophisticated attacks into networks of all types.”

The focus of security has to be global “because networks are global,” said TIA CEO David Stehlin. “We recognize that many different technologies and architectures are needed to achieve full connectivity,” he said. Information and operational technology in smart buildings “are now connected and we must weave these systems into our overall thinking,” he said.

Security must be built in, or designed into products and networks in order to assure top performance,” Stehlin said. TIA’s QuEST Forum this year released the information and communications technology industry’s first cyber and supply chair security standard, SCS 9001, he said. The standard “operationalizes guidance found in various government frameworks,” he said.

The digital world is changing, with digital twinning, the metaverse, blockchain and “smart just about everything,” said Keri Gilder, CEO of U.K.-based provider Colt. “That digital universe relies on us as an industry to deliver the infrastructure safely, effectively and with consistently high standards,” she said: “We have access to more data than ever before, but it must be accurate, and it must be easy to interpret.”

Interpol found a sharp rise in cyber crime during the COVID-19 pandemic, Gilder said. “Economic instability and supply chain disruption led to greater vulnerability of businesses due to threats,” she said. Distributed denial-of-service attacks on Colt’s network are up by more than 10,000 per day, she said. “This is a substantial increase over where we were pre-pandemic. The more connected we all are … the more opportunities there are for criminals to benefit.”