President-elect Trump has vowed to make securing our digital infrastructure from cyber attacks one of the top priorities of his first 100 days in office. His won’t be the first administration to talk about the importance of cyber security, but unless the Trump administration collaborates with actual experts who know about cyber security there’s little chance he’ll succeed.
Ironically, it can be argued that weak cyber security—specifically the hack of DNC servers and the slow but steady drip of emails from Wikileaks—are actually responsible for Trump’s victory. As he prepares to be sworn in, though, he may be looking ahead to 2020 already and facing the realization that he may be on the other end of that sword next time around.
Trump doesn’t really have any policies, and the few things he has taken a stance on or put forth suggested strategies for he has also flip-flopped on more often than he changes his underwear. Suffice it to say, it’s challenging to guess at what exactly a Trump administration will do to focus on cyber security. So far, though, it seems that Trump plans to lean on the Department of Defense and the Joint Chiefs to come up with a plan.
“It’s clear Trump is not a technologist and has spoken out of both sides of his mouth when it comes to cybersecurity,” cautions Ajay Arora, co-founder and CEO of Vera. “Trump has indicated he will be more aggressive and intrusive when it comes to privacy and could cause a damaging relationship between companies and the trust consumers put into them.”
According to Rick Hanson, Executive Vice President at Skyport Systems, “It’s not enough for a president to ask the DoD and JCS to develop a comprehensive cyber plan. That is nothing new. We as a country need a clear focus from the top of the food chain down. A cabinet position that focuses on Cyber Security, as well as a strong focus and knowledge of the implications by the president himself. We can no longer rely on other agencies to build a plan.”
There is no indication that Trump has the slightest clue regarding the challenges of protecting our digital infrastructure or a strategy to address them. Unfortunately, there is little love lost between Trump and Silicon Valley, or vice versa, so finding qualified people willing to weigh in could be an even bigger challenge. Arora stresses, “Both sides need to look past those differences and focus on solving the actual problems at hand. The most important thing to do now, is to look at the core issues from a cyber security standpoint, whether it’s internal threat or external nation states and see what are the most important, most damaging and—most likely—not what provides the most headlines.”
“A plan must be built and executed by those who have an intimate knowledge of cyber infrastructure and the threat landscape that not only exists but is possible,” declares Hanson. “The sooner we secure our infrastructure from the core the more efficient we will be in maintaining the security of our cyber infrastructure. Regulations and guidelines must exist that define what our core infrastructure looks like from the bare metal. Security at the hardware level is essential for a truly secure infrastructure.”
Positions related to cyber security have been a bit of a revolving door in Washington DC—filled either by unqualified individuals or qualified people who don’t stay long once they find out how powerless and ineffective the position is. If the Trump administration wants to succeed, it needs to cooperate with experts in Silicon Valley, and—more importantly—grant the latitude, authority, and budget to do more than pay lip service to cyber security.