Community radio stations in the United States are worried about the impact of proposed cybersecurity requirements from the Federal Communications Commission.
“Any effort by the commission to impose mandatory cybersecurity requirements on community NCE radio stations in this proceeding would have the inevitable impact of diverting already severely limited resources away from the core mission of serving their communities,” wrote Sally Kane, chief executive officer of the National Federation of Community Broadcasters, in comments to the FCC.
[Related: “FCC Seeks Ways to Reduce EAS Cyber Threats”]
Noting that the group’s 210 members are primarily Latino, Native American, African American and rural noncommercial educational stations, Kane told the commission that many communities served by these stations have yet to enjoy the same level of broadband internet and other media services the rest of America takes for granted.
“For many community NCE radio stations, meeting the requirements of the commission’s proposed rules would require a significant budgetary impact on stations that already grapple with limited technical and staff resources. Beyond these technical and economic challenges, small NCE radio stations are also subject to significant FCC regulations — often the same regulations as those applicable to larger market stations owned by large corporate broadcasters — that impose high operating costs relative to station revenues.”
She said requiring cybersecurity risk management, reporting and infrastructure would place even more pressure on community NCE operators and on their employees, as well as pulling precious resources from programming.
Kane said community stations lack the funding, technological resources and expertise to detect the source of a cyberattack or to predict when one will occur.
“Large stations have entire teams dedicated to this type of technological requirement, but community stations, do not and could not.”
If these requirements do go through, she said the FCC should supply the resources to put infrastructure, monitoring and reporting in place.
Those resources, she wrote, should include engineers and contract professionals to conduct the work, implement infrastructure changes to bring analog stations online to digital infrastructure, provide access to dedicated fiber internet lines, provide security hardware and software required to track and detect cyberattacks, provide legal support, create a central universal tracking and reporting system, and provide funding to help stations with limited resources meet new requirements.
“Community radio’s role is to educate, inform and entertain the public. Its role is not to anticipate or investigate criminal activity leveraged against it or its systems,” Kane said. “That is the role of government, law enforcement, and legal professionals. It is an undue burden to require this of NCEs.”
