Export Compliance Daily is a Warren News publication.

CTA Warns Against Imposing FISMA Requirements on Cyber Mark Registries

CTA advised that the FCC not require that registry operators in the cyber trust mark program meet Federal Information Security Modernization Act (FISMA) or comparable commercial standards. Representatives from CTA met with FCC Public Safety Bureau staff. “Certification to FISMA…

Sign up for a free preview to unlock the rest of this article

Export Compliance Daily combines U.S. export control news, foreign border import regulation and policy developments into a single daily information service that reliably informs its trade professional readers about important current issues affecting their operations.

standards is a lengthy process and incurs a high cost to bring the entity into compliance and to earn certification,” CTA said in a filing Wednesday in docket 23-239. Adopting that standard, as the bureau suggests, “may prevent most or all prospective Lead Administrator and Cyber Label Administrator (CLA) candidates from participating,” the group said. In a June public notice, the bureau tentatively concluded that the FISMA requirements should “attach to the Lead Administrator and CLAs, who both collect and maintain information and operate information systems on behalf of the FCC” and sought comment on that conclusion. CTA also said program participants “need specific guidance on how manufacturers can use the Mark on certified products, including details like placement, border, colors and other ‘branding’ elements that are commonly associated with a protected mark.”