T-Mobile and seven operators form C2 ISAC to bolster cybersecurity

Eight leading U.S. communications firms — including T-Mobile, AT&T and Verizon — have established the Communications Cybersecurity Information Sharing and Analysis Center (C2 ISAC) to strengthen sector-wide defenses against escalating cyber threats. The new nonprofit aims to accelerate information exchange and collective response among member operators.

According to company statements and industry reporting, the C2 ISAC expects to begin operations in June and will be governed by a board composed of chief information security officers from the founding members, with AT&T CISO Rich Baich serving as inaugural chair and Valerie Moon named executive director. The center will cover tactical to strategic intelligence sharing, including indicators of compromise and vulnerability disclosures.

From a market perspective, the initiative addresses a material operational risk for carriers that share vendors and critical infrastructure. Formalizing rapid threat sharing and coordinated mitigation can reduce the chance of prolonged service disruptions and regulatory scrutiny, which are factors that can weigh on valuations during cyber incidents. While immediate price reactions may be muted, improved sector resilience could lower risk premia over time. (This is an inference based on industry commentary.)

Analysts and industry observers cited by trade press note that a private-sector-only ISAC model can speed collaboration by avoiding some legal and procedural hurdles inherent in public–private forums. The C2 ISAC's founders emphasized speed and trust as critical benefits, and said the group could expand membership beyond the initial U.S.-focused operators.

For investors, the near-term watchpoints will be how quickly members operationalize information-sharing protocols, the scope of data exchanged, and any measurable reduction in incident response times. If the C2 ISAC succeeds in shortening detection-to-remediation cycles, it could meaningfully improve business continuity metrics for major carriers and support a lower cyber-risk assessment by the market.