Working Group 4 of the FCC’s Communications Security, Reliability, and Interoperability Council IV (CSRIC) has released a final report on “Cybersecurity Risk Management and Best Practices.” The report fulfills the FCC’s directive to CSRIC IV that it develop recommendations on how to provide demonstrable assurances that communications providers are reducing cybersecurity risks through the application of the voluntary National Institute of Standards and Technology (NIST) Framework for Improving Critical Infrastructure Cybersecurity, or an equivalent construct. Over 100 cybersecurity experts from the communications sector, federal and state government, the equipment manufacturer industry, and the financial and energy sectors helped contribute to the creation of the report. Via Public Notice, the FCC’s Public Safety and Homeland Security Bureau has requested public comment on the report. Comment is sought generally on the cybersecurity risk management recommendations and alternatives to those recommendations. Comments are due on or before May 29, 2015, and reply comments are due June 26, 2015.