Threats to Internet routing infrastructure are diverse, persistent and changing – making critical communications networks vulnerable to severe disruptions, such as data leaks, network outages, and unauthorized access to sensitive information. Securing underlying routing protocols—including Border Gateway Protocol (BGP) and Resource Public Key Infrastructure (RPKI)—is a fundamental aspect of the cybersecurity landscape and the focus of current efforts in the U.S. government’s strategy to improve the nation’s cybersecurity. Internet routing ecosystem.
CableLabs has released an update to the Internet Routing Cybersecurity Framework Profile (Routing Security Profile, or RSP). The profile serves as the basis for improving the security of the Internet routing system. A practical and adaptable guide, the RSP is consistent with the National Institute of Standards and Technology (NIST) Cybersecurity Framework (CSF), which enables Internet service providers (ISPs), enterprise networks, cloud providers, and organizations of all sizes to proactively identify risks and mitigate threats to enhance Routing infrastructure security.
The RSP is an extension of the leadership and long-standing commitment of CableLabs and the cable industry to building and maintaining a more secure Internet ecosystem. It was developed in response to a call to action by NIST to provide examples of “profiles” assigned to the CSF that are intended to address cybersecurity risks associated with a particular business activity or process.
Improve through feedback and alignment
The first version of the RSP (version 1.0) was released in January 2024 in conjunction with an event co-hosted with NCTA – the Internet and Television Association, featuring technical experts and key government officials from NIST, and the Federal Communications Commission (FCC). the National Telecommunications and Information Administration (NTIA), the Cybersecurity and Infrastructure Security Agency (CISA), and the White House Office of the National Cyber Director (ONCD).
Following the release of the first version of the RSP, CableLabs reached out to other relevant stakeholders within the broader Internet community to raise awareness of this work and obtain feedback to help improve the profile. Additionally, NIST released the updated CSF 2.0 in February 2024.
The RSP update reflects stakeholder input received to date and represents changes to NIST CSF 2.0. In particular, RSP v2.0:
Conforms to the NIST CSF 2.0 addition of the “Management” function and subclass revisions in the RSP designation of best practices and security standards guidance for major classes and applicable subclasses of NIST CSF 2.0 core functions. Adds routing security considerations for most subclasses that did not previously include such information. Incorporates informative and relevant references into the context of the assignment rather than as a separate column of citations.
Developing guidance security through public-private partnerships
Since its release, the RSP has been cited as a resource by numerous government stakeholders in recent actions and initiatives, including NTIA’s Communications Supply Chain Risk Information Partnership (C-SCRIP) BGP page, the FCC’s proposed BGP rules and roadmap ONCD to enhance routing security.
In addition, CableLabs continues to participate closely in public and private sector stakeholder working groups. They include the Joint Working Group recently established by CISA and ONCD, in collaboration with the ICT Sector Coordinating Councils, “under the auspices of the Critical Infrastructure Partnership Advisory Board to develop resources and materials needed to enhance the implementation of ROA, ROV, and Internet Routing security.”
The ever-evolving cybersecurity conundrum
The RSP remains a framework for improving security and managing risks related to Internet routing, and is just a key piece of a larger critical infrastructure cybersecurity puzzle. As with any endeavor in security, the RSP will evolve over time to reflect changes in the NIST CSF, advances in routing security technologies, and the rapidly emerging security threat landscape.
RSP was developed by CableLabs’ Cable Routing Engineering for Security and Trust Working Group (CREST WG). The group consists of routing security technicians from CableLabs and NCTA, as well as network operators from around the world.
Learn more about all of the CableLabs working groups, including the CREST WG, and how to join us in this important work. Download the profile here, or view it using the button below.