In an effort to bring faster connection speeds to rural America, on July 24th, 2023, the Federal Communications Commission announced the next phase of its Alternative Connect America Model, known as Enhanced A-CAM. This ambitious program builds upon the original ACAM funding awarded in 2019, which raised the minimum rural broadband speed target to 25/3 Mbps, which was deemed sufficient at the time.
As with all things tech, what was previously deemed adequate can quickly be considered “underserved.” This next phase of funding, known as Enhanced-ACAM, has an ambitious goal to raise the speed target minimums even higher to 100/20 Mbps to all locations served by the program, including some of the most difficult and costly areas to service in the country. A total of 447 providers are participating in the program, which will deploy high-speed broadband to over 2.6 million homes and businesses.
PROGRAM UPDATES
Following is a summary of updates to the program. E-ACAM:
- Requires participating carriers to deploy voice and 100/20 Mbps or faster broadband service to 100% of eligible locations in their areas.
- Maintains the Commission’s long-standing technology-neutral approach for deploying services in rural areas of the country.
- The program makes $13.5 billion in support available over a ten-year extension of the current A-CAM term.
- Utilizes the FCC’s National Broadband Map and Broadband Data Collection to determine locations to which participating carriers are obligated to deploy.
- Aligns deployment milestones with the Broadband Equity, Access, and Deployment (BEAD) Program, requiring participating carriers to deploy to all locations within four years.
- Complements existing federal, state, and local funding programs, including the BEAD Program, allowing carriers that elect to participate in the Enhanced A-CAM program the opportunity to establish an enforceable commitment to locations they serve.
- Requires participating carriers to participate in the Affordable Connectivity Program.
- Creates an opportunity for legacy rate-of-return carriers to bring 100/20 Mbps to their customers in exchange for a period of fixed support, followed by a transition to the Enhanced A-CAM model.
Need Help Today? Schedule a Free 20 Minute Planning Session
REPORTING REQUIREMENTS
- It is critical that E-ACAM recipients understand that with this new round of funding comes new reporting requirements, whose deadlines are quickly approaching.
- By January 1st, 2024
- Recipients must Implement an Operational Cybersecurity Plan
- Must reflect the latest NIST Cybersecurity Framework
- Must reflect Best practices from CISA’s Cross-Sector Performance Goals and Objectives or Center for Internet Security Critical Security Controls
- Recipients must implement the Supply Chain Risk Management Plan by Jan 1, 2024
- Must incorporate the Key Practices in NISTIR 8276 – Key Practices in Cyber Supply Chain Risk Management
- Must incorporate Observation from Industry, and related supply chain risk management guidance from NIST SP 800-161r1
- Recipients must Implement an Operational Cybersecurity Plan
- By January 2nd, 2024:
- Recipients must submit both plans to USAC and Certify Compliance
- Implement Operational cybersecurity and supply chain risk management plans
- Plans be submitted to USAC, and Certify they have done so
- Recipients must submit both plans to USAC and Certify Compliance
- By January 1st, 2024
FAILURE TO COMPLY
Failure to have documentation submitted by the published deadlines will result in a withholding of 25% of monthly support until compliant.
NEXT STEPS – How to Comply
iLLUM Advisors can help you meet these deadlines, on-time and very affordably!
iLLUM Advisors can help protect you. iLLUM understands the complexities of the new requirements and already has processes in place to collect and submit the cyber security documentation. Just as it is impossible to find a new accountant in April, iLLUM is urging anyone who wants support with filing this compliance documentation to contract our services by November 15th, 2023.
Don’t risk losing a portion of your funding by waiting until the last minute. Click here to schedule a call with us today.
- Create a Cyber Incident Response Plan:
Every company should have a comprehensive Cyber Incident Response Plan (CIRP) in place. This plan should detail how the organization will respond to different cyber threats, from detection to mitigation to recovery. This not only ensures you act swiftly when an incident occurs but also demonstrates to the SEC and investors that you’re proactive about cybersecurity. - Foster Real-Time Monitoring and Reporting:
With the SEC’s emphasis on prompt reporting, companies must have real-time monitoring solutions. Investing in advanced threat detection and reporting tools can help businesses identify and report incidents quickly. - Establish a Strong Communication Strategy:
After detecting a cyber incident, it’s vital to have a communication strategy ready. This includes internal communication to staff and stakeholders, as well as external communication to investors, customers, and, if necessary, the public. - Review and Update Disclosures Regularly:
It’s not enough to craft a robust cybersecurity disclosure once and then forget about it. Companies need to review and update their disclosures regularly, especially after a significant incident or if the cybersecurity landscape changes materially. - Engage Legal Counsel Familiar with SEC Guidelines:
Considering the legal implications and the nuances in the SEC’s guidelines, it’s wise to involve legal experts who are familiar with these regulations. They can provide guidance on how and what to disclose to stay compliant. - Promote a Cybersecurity Culture:
Last but not least, foster a cybersecurity culture throughout the organization. Every staff member should be trained on best practices, the importance of cybersecurity, and their role in maintaining it.
The Big Picture
While the deadline may seem burdensome, it is necessary that recipients of the Enhanced A-CAM funding act today. Compliance not only reduces the chance of loss of funding and regulatory risks but also ensures that companies are better prepared against cyber threats.
Leveraging industry-accepted best practices and standards provided by organizations such as the National Institute of Standards and Technology (NIST) will aid management in assessing their current security and security governance posture and ability to comply with this new FCC requirement.
Need Help Today? Schedule a 20 Minute Conversation to learn what you need to do
iLLÜM Advisors
At iLLÜM we are passionate about helping our clients overcome IT challenges without simply throwing money at additional technology point solutions. We accomplish this by enabling their existing IT teams to deliver transformative solutions with velocity and improve cyber risk postures.
Our team of senior IT leaders, project managers, and industry-leading IT management platform help organizations tackle their most pressing IT challenges. All our service options are provided on month-to-month subscriptions, so organizations of all sizes can receive expert IT guidance and project management on-demand, within budget and without the costs associated with long-term commitments.