FirstNet本周发布了一份公告,概述了其拟议的网络安全要求,并要求评论人士10月16日之前提供意见,不过FirstNet的一位官员昨日表示,该组织正考虑几项延期请求
. 政府和企业部门备受关注的数据泄露事件,将更多的注意力集中FirstNet的网络安全上. FirstNet的高级安全架构师Glenn Zimmerman强调,FirstNet正寻求提出创新解决方案的回应,这些解决方案“将本质上震撼网络世界”
FirstNet本周发布了一份公告,概述了其拟议的网络安全要求,并要求评论人士10月16日之前提供意见,不过FirstNet的一位官员昨日表示,该组织正考虑几项延期请求
鉴于公共安全通信的敏感性,公共安全通信的成员多次将网络安全作为FirstNet的一个关键组成部分,无论是从操作角度还是从隐私角度来看。政府和企业部门备受关注的数据泄露事件,将更多的注意力集中FirstNet的网络安全上
八月,网络安全协会4月1日的网络安全组织(APCO)会议上首次发布的安全策略草案(APCO)和网络安全组织(APCO)的两个关键部分将不会4月1日发布的网络安全组织(APCO)战略草案中提出
FirstNet的高级安全架构师Glenn Zimmerman强调,FirstNet正寻求提出创新解决方案的回应,这些解决方案“将本质上震撼网络世界”
然而,FirstNet直到周一下午才发布网络安全公告(点击此处查看完整文件),并要求10月16日之前提交回复。一些行业和公共安全人士告诉IWCE的紧急通信,11天的时间内作出回应是非常困难的,特别是如果目的是就一个技术和法律上与网络安全一样复杂的问题提出新的想法
昨天,FirstNet承认可能会延长回复截止日期
根据FirstNet发言人Ryan Oremland的一份声明,“我们已经收到了一些要求延长时间的请求,并正考虑这些请求。”
但延长网络安全公告的回复期限可能会给FirstNet带来困难,该公司计划今年年底发布最终征求建议书(RFP)。即使目前的10月16日的最后期限内,处理和整合对网络安全公告的许多预期响应并将其整合到最终征求建议书中也不是一项简单的任务。如果最终的征求建议书要得到董事会的批准并今年年底发布,那么延长答复期限将使这项工作更加困难
上周召开的FirstNet董事会会议上,新任首席执行官Mike Poth表示,FirstNet仍有望今年年底发布最终RFP,但他承认,如果需要更多时间来解决可能影响其成功的关键方面,RFP可能会2016年初发布
网络安全公告中,FirstNet详细说明了官员们过去注意到的许多关键点。FirstNet的主要优势于,它有机会将网络安全政策整合到其网络设计中,而不是试图事后将网络安全添加到现有网络中。然而,FirstNet面临着一个重大挑战,因为它需要提供最高级别的网络安全,但它必须以一种允许公众安全快速、方便地访问其所需应用程序的方式进行,特别是应对紧急情况时
FirstNet this week released a public notice outlining its proposed cybersecurity requirements and have asked commenters to provide their input by Oct. 16, although a FirstNet official yesterday said that the organization is considering several requests for a time extension.
Given the sensitive nature of public-safety communications, members of the public-safety communications repeatedly have cited cybersecurity as a key component for FirstNet, both from an operational and privacy perspective. High-profile data breaches in both the government and corporate sectors have focused even more attention on the cybersecurity of FirstNet.
In August, FirstNet officials speaking during the organization’s Industry Day and at the Association of Public-Safety Communications Officials (APCO) conference indicated that the FirstNet cybersecurity strategy—one of two key sections not included in the draft request for proposal (RFP) released in April—would be released in September.
Glenn Zimmerman, FirstNet’s senior security architect, emphasized that FirstNet is seeking responses that propose innovative solutions that are “going to essentially rock the cyber world.”
However, FirstNet did not release the cybersecurity public notice until Monday afternoon (click here to access the full document) and called for responses to be submitted by Oct. 16. Several industry and public-safety sources told that responding in an 11-day time period would be very difficult, particularly if the purpose is to propose new ideas on a subject that it is as technically and legally complex as cybersecurity.
Yesterday, FirstNet acknowledged that it may extend the response deadline.
“We have received a number of requests for additional time and are considering them,” according to a statement from FirstNet spokesman Ryan Oremland.
But extending the response deadline for the cybersecurity public notice could create difficulties for FirstNet, which plans to release its final request for proposal (RFP) by the end of the year. Even with the current Oct. 16 deadline, processing and integrating the many anticipated responses to the cybersecurity public notice into the final RFP would not be a simple task. Extending the response deadline would make the endeavor more difficult, if the final RFP is going to be approved by the board and released by the end of the year.
During last week’s FirstNet board meeting, new CEO Mike Poth said that FirstNet remains on track to release the final RFP by the end of the year, but he acknowledged that the RFP could be released early in 2016, if additional time is needed to address key aspects of the document that could impact its success.
In the cybersecurity public notice, FirstNet details many of the key points that officials have noted in the past. FirstNet's key advantage is that it has the opportunity to integrate cybersecurity policies into the design of its network, instead of trying to add cybersecurity after the fact to an existing network. However, FirstNet faces a significant challenge in that it needs to provide the highest level of cybersecurity, but it has to be done in a manner that allows public safety access to the applications it needs quickly and easily, particularly when responding to emergencies. |
