{"id":216532,"date":"2026-05-18T03:00:00","date_gmt":"2026-05-18T07:00:00","guid":{"rendered":"https:\/\/testing.news-you-need.com\/index.php\/2026\/05\/18\/telecom-sector-launches-its-own-private-isac\/"},"modified":"2026-05-19T11:20:33","modified_gmt":"2026-05-19T15:20:33","slug":"telecom-sector-launches-its-own-private-isac","status":"publish","type":"post","link":"https:\/\/testing.news-you-need.com\/index.php\/2026\/05\/18\/telecom-sector-launches-its-own-private-isac\/","title":{"rendered":"Telecom sector launches its own private ISAC"},"content":{"rendered":"

Telecom sector launches its own private ISAC<\/a><\/p>\n

https:\/\/www.cybersecuritydive.com\/news\/telecom-cybersecurity-c2-isac-launch\/820553\/<\/a><\/p>\n

Publish Date: 2026-05-18 03:00:00<\/a><\/p>\n

Source Domain: www.cybersecuritydive.com<\/a><\/p>\n

Author: <\/a><\/p>\n

Using an unordered list, summarize the following article with between 4 and 8 key points. <\/p>\n

Major U.S. telecommunications companies launched a new information sharing group on Tuesday in a bid to redouble their collective efforts to combat AI-powered cyberattacks, state-sponsored espionage and other increasing threats to communications networks.
\nThe Communications Cybersecurity Information Sharing and Analysis Center, or C2 ISAC, will give telecoms a private venue for exchanging sensitive information such as newly discovered vulnerabilities and tips about threat actor behavior. The eight founding members are AT&T, Charter, Comcast, Cox, Lumen, T-Mobile, Verizon and Zayo. Their chief information security officers will sit on the C2 ISAC\u2019s board, while Valerie Moon, a former top official at the Cybersecurity and Infrastructure Security Agency (CISA) and the FBI\u2019s Cyber Division, will serve as the group\u2019s executive director.<\/p>\n

The group\u2019s formation comes as major cyberattacks like China\u2019s Salt Typhoon espionage operation highlight the growing risks facing the U.S. telecom sector \u2014 and as the Trump administration\u2019s pullback from key cybersecurity partnerships forces the private sector to take a leading role.
\n\u201cThe main driver for us is our recognition that the threat environment has evolved, and we as a sector and private entities need to evolve and really keep up with the pace and velocity [at which] that’s happening,\u201d Mark Clancy, T-Mobile\u2019s chief security officer and a C2 ISAC board member, told Cybersecurity Dive in an interview.
\nAs telecoms scrambled to respond to Salt Typhoon, Clancy added, \u201cthe need for us to collaborate on a private-to-private basis really became amplified.\u201d
\nThe telecom industry already shares threat intelligence and best practices under the auspices of the Communications ISAC, also known as the National Coordinating Center for Communications. But that group, created in 1984, is unique among ISACs in that it sits within the federal government, at CISA, rather than being a private entity. That arrangement has discouraged some companies from sharing sensitive data through the group, according to Clancy.
\n\u201cThere\u2019s been concerns and hesitations about it,\u201d he said.
\nBy excluding government agencies from discussion channels, Clancy said, the C2 ISAC hopes to encourage more candid and sensitive discussions. \u201cWhen you have public-sector entities involved, there\u2019s more review and deliberation about what gets put into that channel,\u201d he said, \u201cwhere[as] we can be a little more raw and early in sharing information.\u201d<\/p>\n

Telecom companies have realized over the years that they were \u201cbeing too restrictive in what we were sharing\u201d in the Comms ISAC, Clancy said, including withholding data about seemingly low-level threat activity that was \u201cactually tethered to bigger activity.\u201d With the C2 ISAC\u2019s industry-only membership, he said, \u201cwe can be a little more direct.\u201d
\nTelecom companies will still participate in the Comms ISAC, Moon, the C2 ISAC\u2019s executive director, told Cybersecurity Dive in an interview \u2014 in part because the new group will focus exclusively on cybersecurity issues, leaving physical hazards to the existing ISAC.
\n\u201cWe really see this as a complementary effort,\u201d she said. \u201cWhen you think about each of these companies and their adherence to ensuring that the privacy of their data is very much at the forefront of their minds, they see this as a trusted space.\u201d
\nHow telecoms share cybersecurity intel
\nInformation sharing has benefited the telecom sector in ways far beyond indicators of compromise, with companies using the existing ISAC and bilateral relationships to exchange data and insights about a wide range of activity that they\u2019re seeing.
\nAfter T-Mobile uncovered telltale signs of SIM boxes \u2014 devices that hackers use to generate hard-to-block spam calls and messages \u2014 the company shared its findings with other telecoms, which helped them identify and block SIM boxes on their networks.
\nCollaboration is the only way to address a threat like SIM boxes, Clancy said, because while T-Mobile can identify an individual box on its network, the command-and-control server for that box may reside on a different telecom\u2019s network. \u201cIn order to figure out what\u2019s happening, you\u2019ve got to look at both sides,\u201d he said.
\nT-Mobile has benefited from the industrywide sharing of other best practices, too.
\n\u201cI learned a technique for dealing with some of the residential proxy networks from another operator that was really clever,\u201d Clancy said, \u201cand I\u2019m, like, \u2018Yeah, we\u2019re going to go do that.\u2019\u201d
\nBeyond exchanging threat data
\nCandid information sharing is the core of the C2 ISAC\u2019s mission, but its leaders may want to expand its remit in the future.
\n\u201cWe could build automation platforms and other [technologies] that are easier to coordinate on the private-to-private side than going through some public-sector rulemaking process,\u201d Clancy said.
\nFor coordinated operations like botnet takedowns, companies probably won\u2019t use the new ISAC for the foreseeable future, but Moon said board members are interested in discussing how that would work. \u201cIt just depends on what the operation is and where the authorities lie and what we are trying to accomplish.\u201d
\nThe group is \u201cin its nascent stages,\u201d she added, and some of its goals \u201care yet to be determined.\u201d
\nAlso undetermined: How quickly the group will add new members.
\n\u201cThere are more than eight companies in the communications sector, and so we won\u2019t be fully effective until we increase that membership base,\u201d Clancy said, \u201cbut we haven\u2019t formally laid out our timeline.\u201d
\nGovernment dysfunction looms large
\nThe C2 ISAC will launch at a time of unprecedented cuts to government cybersecurity funding, personnel and programs, and the group\u2019s leaders are closely tracking what those changes mean for their work.
\n\u201cObviously, what\u2019s happening in the public sector informs what we need to do,\u201d Clancy said, alluding to \u201cvarious issues with agencies and funding and the legislative process.\u201d
\nIn particular, he encouraged the Department of Homeland Security to fast-track the creation of a replacement for the now-shuttered Critical Infrastructure Partnership Advisory Council framework, which facilitated candid discussions between industry and government \u2014 although he said the reauthorization of the Cybersecurity Information Sharing Act had given the private sector \u201csufficient capability and authorities\u201d to exchange intelligence with the government.
\nWhile government agencies won\u2019t sit in on C2 ISAC discussions, the group still plans to share its findings with federal agencies, whether directly or through the Comms ISAC.
\n\u201cWe could have a more freewheeling private-to-private conversation [and] we could distill the useful, important bits and push them \u2026 over to the government side,\u201d Clancy said.<\/p>\n

Salt Typhoon exposed glaring security weaknesses
\nThe high-profile Salt Typhoon attacks underscored what previous breaches had already established: telecom companies\u2019 networks are rife with security vulnerabilities that can open the door for major intrusions. Carriers\u2019 networks are often full of computer systems that have been combined over decades of acquisitions, mergers and spinoffs, resulting in inadequate visibility and weak security controls. These sprawling IT environments are difficult to fully assess, let alone protect.
\nIt remains unclear how the C2 ISAC will address that pressing issue facing the sector. But companies say they\u2019ve made significant improvements since Salt Typhoon.
\n\u201cWe\u2019ve all made huge investments in cybersecurity and improved our operational capabilities,\u201d Clancy said. \u201cThe challenge in this space is, are you getting better faster than the environment\u2019s getting worse? That\u2019s the race you\u2019re in. And the environment\u2019s getting worse pretty fast.\u201d
\nTelecom providers believe they will be better at combating hackers the more closely they work together.
\n\u201cBy formalizing real-time intelligence sharing among industry leaders,\u201d Verizon CISO Nasrin Rezai said in a statement to Cybersecurity Dive, \u201cwe are building a unified defense that no single company could achieve alone.\u201d<\/p>\n

<\/p>\n","protected":false},"excerpt":{"rendered":"

Telecom sector launches its own private ISAC https:\/\/www.cybersecuritydive.com\/news\/telecom-cybersecurity-c2-isac-launch\/820553\/ Publish Date: 2026-05-18 03:00:00 Source Domain: www.cybersecuritydive.com…<\/p>\n","protected":false},"author":1,"featured_media":216533,"comment_status":"closed","ping_status":"","sticky":false,"template":"","format":"standard","meta":{"fifu_image_url":"https:\/\/imgproxy.divecdn.com\/74XZxawe0qhHYREcdo0j-LgJ_VVhZfcDADe9iYgq9hw\/g:nowe:0:207\/c:2047:1157\/rs:fit:770:435\/Z3M6Ly9kaXZlc2l0ZS1zdG9yYWdlL2RpdmVpbWFnZS85NzcyNjM2OTA1XzE5NTNiMGUzNGRfay5qcGc=.webp","fifu_image_alt":"","footnotes":""},"categories":[15],"tags":[26,24,34],"class_list":["post-216532","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-cybersecurity","tag-ai","tag-cybersecurity","tag-threat-actor"],"_links":{"self":[{"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/posts\/216532"}],"collection":[{"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/comments?post=216532"}],"version-history":[{"count":1,"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/posts\/216532\/revisions"}],"predecessor-version":[{"id":216534,"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/posts\/216532\/revisions\/216534"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/media\/216533"}],"wp:attachment":[{"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/media?parent=216532"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/categories?post=216532"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/tags?post=216532"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}