US telcos partner for cybersecurity initiative

• US operators have launched C2 ISAC to strengthen cybersecurity in the industry
• AT&T, Charter, Comcast, Cox, Lumen, T-Mobile US, Verizon and Zayo have all signed up
• The partnership will share resources, knowledge and real-time intelligence of threats

Less than a week after the three biggest telcos in the US unveiled plans to launch a satellite joint venture, AT&T, Verizon and T-Mobile have announced a new cybersecurity partnership, alongside another five US telcos.

AT&T, Charter, Comcast, Cox, Lumen, T-Mobile US, Verizon and Zayo have agreed to establish the non-profit Communications Cybersecurity Information Sharing and Analysis Centre (C2 ISAC) with the aim of strengthening cybersecurity across the communications sector.

C2 ISAC aims to build on decades of public-private collaboration with the US National Coordinating Center for Communications, also known as COMM-ISAC.

The operators said the launch of C2 ISAC is the industry’s recognition that no single service provider has full visibility over cyber threats. The partnership will see the rivals commit to sharing resources, expertise and real-time intelligence of potential cyber threats in a bid to help members anticipate and tackle risks more quickly and effectively.

Valerie Moon will serve as executive director. She brings extensive experience in cybersecurity, homeland security and public-private cooperation, including a stint as chief strategy officer at the US government’s Cybersecurity and Infrastructure Security Agency (CISA), and senior roles at the FBI and other key cyber organisations.

“The C2 ISAC will strengthen individual member organisations and support the resilience of the nation’s critical communications infrastructure,” said Moon. “I look forward to getting started.”

C2 ISAC is due to go live in June and comes at a vital time for US operators, who have been hit by a number of major cyber breaches in recent years.

In its latest cybersecurity report, Verizon revealed that hackers are increasingly using AI to detect software vulnerabilities, which has ‌shortened the time that targets have to respond to threats.

According to Verizon, the use of software flaws in data has surpassed the use of stolen credentials for the first time. It noted that in a review of more than 31,000 incidents, some ​31% of all breaches started with the exploitation of a vulnerability, and added that “AI is fundamentally reshaping the cybersecurity industry”.

The operator itself had 6 million of its customers’ data stolen when, in March, one of its largest reseller partners, Russell Cellular, was breached. AT&T was hit by two major breaches in 2024, one of which saw personal information of about 73 million current and former customers unlawfully accessed.

“Cybersecurity threats are more sophisticated and persistent than ever,” said Rich Baich, inaugural chairperson of the C2 ISAC board. “With Valerie Moon serving as the executive director, the C2 ISAC is well positioned to expand trusted collaboration across the communications sector and help members address emerging risks.”

- James Pearce, Editor, TelecomTV