FCC pushes undo on cyber rules for US telecom firms
Security leaders call the rollback ‘shockingly incompetent,’ warning it removes critical controls implemented after one of the largest breaches in telecom history.
The US federal government is rolling back mandates intended to protect critical infrastructure following the widespread Salt Typhoon attacks.
The Federal Communication Commission (FCC) has reversed a January 2025 Declaratory Ruling requiring US telecom providers to adopt and certify stricter cybersecurity measures. The ruling took effect under the Communications Assistance for Law Enforcement Act (CALEA), which requires telecom providers and manufacturers to design their services and equipment in a way that allows for surveillance when legally requested by law enforcement.
But the reversal has been slammed by the FCC’s own commissioner, and security experts are looking askance.
“This is the cyber equivalent of hanging a ‘come kick me’ sign on critical infrastructure and national cyber security,” said David Shipley, CEO of Beauceron Security.
Read the Full Story on at CSO Online