When a subscriber connects to a video call, streams a movie or manages their finances online, they shouldn’t have to worry about security. Trust should be built into the architecture beneath every interaction.
As networks grow more open, more intelligent and more interconnected, however, cyber threats also evolve. The industry’s path toward seamless, adaptive connectivity will only hold up if it’s built on a foundation that can withstand an increasing attack surface.
That’s why Security & Privacy Evolution is one of the key themes in the Technology Vision. Every layer of the network needs security and privacy woven in at every point.
Security & Privacy in Action
Security and privacy advancements keep users protected as networks evolve. From AI-driven threat detection to fully authenticated network architectures, this vector makes security foundational and embeds it throughout the network.
Addressing Tomorrow’s Security Threats Today
The Security & Privacy Evolution Vector addresses the need for security and privacy for all users and devices in any connectivity context.
By applying advanced cryptographic solutions, AI, identity and routing tools, this vector supports security across network layers with security policies and scalable applications that grow with the network. It prioritizes built-in privacy protections and resilience so networks can withstand disruptions and attacks without compromising either security or performance.
Priorities include:
- Interconnection, Operations and Network Security (IONS) – Developing secure routing and advancing approaches for fully authenticated networks across broadband infrastructure to support the development of secure, intelligent telemetry standards while addressing malicious traffic and evolving cyber threats.
- Cryptography – Collaboratively developing industry guidance for migrating to new cryptographic solutions, including post-quantum algorithms. By building flexibility into digital certificates and operator networks, operators can adapt to emerging threats while helping manage equipment replacement costs.
- AI Security – Leveraging AI to enhance cybersecurity while promoting responsible AI development and use. We engage in thought leadership to inform responsible AI practices, evaluate regulatory risk and develop shared reference models and collaborative forums addressing security, privacy and anti-abuse considerations within AI and machine learning (ML).
- Secure Smart Homes and Devices – Creating seamless, secure and privacy-protected broadband experiences that build subscriber trust and improve ease of automation and operation. Our standards leadership enables us to build technologies that can be integrated incrementally into vendor devices.
- Federated Identity, Authentication and Privacy – Establishing a framework for robust device and user identification, authentication and authorization across mobile, Wi-Fi and terrestrial networks. We also contribute to advancing protocols and standards that empower users and enable protections for privacy.
- Future-Ready Labs – Improving and adding capabilities to our labs to implement and test new security and privacy technologies. These efforts support the industry’s use of digital certificates and trusted network operations.
Why Now?
The move toward open, interoperable architectures that enables so much innovation also introduces new interdependencies and interface exposures. AI and automation are critical advancements, but they also require new frameworks for ensuring those systems behave securely. The time to begin addressing evolving cyber threats is now, not when the risk becomes overwhelming.
Operators who build security into their network evolution strategy today will be better positioned to move faster, maintain subscriber trust and meet the increasingly complex expectations of a more interconnected world.
Protecting the Network at Every Layer
The Security & Privacy Evolution is developing across four key zones: the home, the enterprise, the core network and internet protocols. Advancements include:
- Securing the Home and Enterprise – Security starts at the modem and extends to every connected device in a subscriber’s home or business. CableLabs’ Gateway Device Security Best Common Practices provide an NIST-referenced framework for how these devices should behave. Inside the home, CableLabs leads ongoing work in the IoT security space, including active participation in the Connectivity Standards Alliance and the Matter standard. These efforts help ensure the proliferating world of connected devices doesn’t become a liability for operators or users.
- Zero Trust for the Core Network – In September 2024, CableLabs published the Zero Trust and Infrastructure Security Best Common Practice. This industry guideline aims to secure the infrastructure elements that form the backbone of broadband networks by adapting zero trust architecture for the core network. It also gives operators a concrete framework for adopting it across physical and virtualized environments.
- Cryptographic Resilience and Post-Quantum Readiness – The arrival of quantum computing at scale threatens current encryption standards for cryptography. CableLabs is actively working with operators and vendors to prepare networks across DOCSIS, optical and mobile environments. Strategies include quantum key distribution (QKD) and post-quantum cryptography (PQC), both promising solutions that address threats posed by quantum computers.
- Routing Security and Secure Protocols – CableLabs published its Routing Security Framework Profile in 2024 to give routing engineers and operators practical guidance. A 2024 update incorporated NIST’s Cybersecurity Framework 2.0 and now serves as a community framework example on the National Cybersecurity Center of Excellence (NCCoE) website.
- Privacy as Architecture – User-centric privacy — meaning privacy protections that are proactive, not reactive — is a core principle of this vector. That includes ongoing work on privacy-enhancing technologies like federated learning, differential privacy and homomorphic encryption. These tools allow data to be used for AI and network improvement without compromising individual subscriber privacy.
Explore Security as a Shared Foundation
The Security & Privacy Evolution Vector supports the Technology Vision’s broader goal of moving forward into the Adaptive Era of broadband. By making security foundational and embedding it in every layer of the network, this vector helps operators combat emerging cyber threats, strengthen privacy and trust, and support next-generation applications.
To continue moving forward with network and platform evolution, the industry needs networks that can automatically detect and respond to anomalies, infrastructure secured by zero trust principles, consistent, industry-agreed security standards and privacy protections that give users and operators confidence in the safety of their data.
Join us in Colorado on April 27–29 for Tech Summit 2026 and see the Security & Privacy Evolution Vector in action.
Conference Sessions
- Cryptographic Resilience: The Next Chapter for DOCSIS Network Security – This session explores the quantum-computation threats facing DOCSIS, fiber, mobile and Wi-Fi network security, examines how technology policy is shaping DOCSIS security strategy and reveals why this security migration is fundamentally different from past upgrades. Understand the timeline, technical implications and strategic decisions related to network security to ensure cryptographic resilience and protect customer data in the post-quantum era.
- Defense Against the Dark Arts: Residential Proxies and the Cost to Operators – The rapid proliferation of proxyware and malware has transformed ordinary subscriber connections into a powerful engine for today’s most damaging cyberattacks. This session demystifies the residential proxy ecosystem: how these networks operate, why subscribers unwittingly participate and the staggering costs operators absorb as malicious traffic masquerades as legitimate use. Learn how operators are detecting and mitigating this growing threat, understand the economics driving it and explore practical strategies to protect infrastructure stability, subscriber trust and quality of experience.
See the full Tech Summit agenda, and make plans to join us in Westminster.
