Eight major U.S. communications providers, including AT&T, Charter Communications, Comcast, Cox Communications, Lumen Technologies, T-Mobile, Verizon and Zayo, launched on Tuesday the Communications Cybersecurity Information Sharing and Analysis Center, or C2 ISAC, to strengthen cyber threat collaboration across the telecom sector. The move aims to secure the future of critical communications infrastructure.
The industry-led initiative was created in part to address concerns that federal government participation in existing information-sharing groups discouraged open discussion among providers. By operating as a private-sector organization, C2 ISAC aims to enable more candid intelligence sharing and faster coordination around threats targeting critical communications infrastructure.
The effort recognizes that cyber threats have grown more sophisticated and complex, while rapidly evolving with AI (artificial intelligence) technologies. Such an environment underscores the need to reassess and strengthen the sector’s frameworks for faster, more actionable information sharing.
The founding companies will make up the initial Board of Directors, composed of the chief information security officers.
Valerie Moon will serve as executive director and will oversee day-to-day operations. She brings extensive experience in cybersecurity, homeland security and public-private cooperation, including leadership roles at the Cybersecurity and Infrastructure Security Agency (CISA), the Federal Bureau of Investigation (FBI) and other key cyber organizations.
C2 ISAC builds on decades of coordination between the telecom industry and the federal government through the Communications ISAC, also known as the National Coordinating Center for Communications. Established in 1984, the group supports resilience and cyber threat information sharing between government agencies and communications and IT providers. Unlike most ISACs, however, the Communications ISAC operates within the federal government under the CISA rather than as an independent private-sector entity.
“Cybersecurity threats are more sophisticated and persistent than ever,” Rich Baich, inaugural chairperson of the C2 ISAC board, said in the statement. “With Valerie Moon serving as the executive director, the C2 ISAC is well-positioned to expand trusted collaboration across the communications sector and help members address emerging risks.”
“The C2 ISAC will strengthen individual member organizations and support the resilience of the nation’s critical communications infrastructure,” Moon said. “I look forward to getting started.”
Expected to begin opening next month, the non-profit is dedicated to strengthening cybersecurity across the communications sector.
The launch of C2 ISAC comes as global telecom operators intensify cyber coordination efforts following the sweeping China-linked Salt Typhoon espionage campaign that compromised major communications networks and exposed deep weaknesses in telecom security and information sharing.
U.S. officials described the intrusions as among the most serious breaches ever to hit the sector, with attackers targeting carriers, including AT&T, Verizon and Lumen Technologies. Investigators said the operation exploited telecom infrastructure, lawful intercept systems, edge routers, and remote management platforms to establish long-term covert access for surveillance and intelligence collection. The scale of the attacks has triggered calls across government and industry for stronger real-time coordination, secure-by-design network architectures and faster cross-sector threat intelligence sharing.
The fallout from Salt Typhoon attacks also accelerated international telecom resilience initiatives as governments and operators confront increasingly persistent nation-state activity targeting critical communications infrastructure.
Authorities in Singapore confirmed in February espionage activity linked to another China-associated group, UNC3886, against the telecom sector, while Canadian officials warned last June that suspected Salt Typhoon actors compromised telecom network devices through exploited Cisco vulnerabilities. Security researchers have additionally reported Salt Typhoon-linked intrusions against European telecom providers, underscoring the global nature of the campaign.
At the same time, industry reports show cyberattacks against telecom organizations becoming more aggressive and AI-enabled, with ransomware activity surging sharply across government, education and communications sectors.
In March, seven governments in the Global Coalition on Telecoms released a set of 6G Security and Resilience Principles at Mobile World Congress 2026, setting early guardrails for how next-generation mobile networks should be designed, deployed, and protected. Backed by industry partners, the framework outlines expectations for safeguarding 6G infrastructure against cyber and physical threats, strengthening supply chain resilience and ensuring continuous, reliable service. Coalition members said they will now work with industry and international stakeholders to translate the principles into implementation measures as 6G development accelerates.
