CTA Warns Against Imposing FISMA Requirements on Cyber Mark Registries
CTA advised that the FCC not require that registry operators in the cyber trust mark program meet Federal Information Security Modernization Act (FISMA) or comparable commercial standards. Representatives from CTA met with FCC Public Safety Bureau staff. “Certification to FISMA…
Sign up for a free preview to unlock the rest of this article
If your job depends on informed compliance, you need International Trade Today. Delivered every business day and available any time online, only International Trade Today helps you stay current on the increasingly complex international trade regulatory environment.
standards is a lengthy process and incurs a high cost to bring the entity into compliance and to earn certification,” CTA said in a filing Wednesday in docket 23-239. Adopting that standard, as the bureau suggests, “may prevent most or all prospective Lead Administrator and Cyber Label Administrator (CLA) candidates from participating,” the group said. In a June public notice, the bureau tentatively concluded that the FISMA requirements should “attach to the Lead Administrator and CLAs, who both collect and maintain information and operate information systems on behalf of the FCC” and sought comment on that conclusion. CTA also said program participants “need specific guidance on how manufacturers can use the Mark on certified products, including details like placement, border, colors and other ‘branding’ elements that are commonly associated with a protected mark.”