Cybersecurity for the Next President

In light of the election yesterday, today is a good time to discuss what the next president is going to have deal with when it comes to cybersecurity. It really doesn’t matter whether or not the next president wants to deal with it, the hackers, both state sponsored and rogue will make that mandatory. Here are a few of the key cyber policy areas:

Cybercrime – It is costing businesses billions of dollars and has a significant impact on businesses.
China – China has always been a big player in both the cyber crime and cyber espionage game. Whether the next president can tame China – unclear.
Iran – Once a third rate cyber crime power, now it is a major player.
Russia – Can the next president trade removing sanctions or force Ukraine to give up parts of its country to Russia in exchange for cyber peace is unclear.
Disinformation – Whether it is Russia, China or others, are they willing to stop those campaigns is unclear. What will the next president trade for that?
Regulations – The current administration has been putting increasing pressure on industry and especially critical infrastructure to improve cybersecurity practices. If the next president has a plan to reduce regulation then likely those industries will ignore cybersecurity and it creates a feedback loop. If Russia, China and others see that industry is ignoring security they may not be able to resist the opportunity to attack.
SEC – Likely the next president will try and reduce SEC regulations requiring companies to let investors know about cybersecurity risk. That will work well if security breaches go down, but not so well if they increase.
CISA – The next president was not a friend to CISA when they said the 2020 election was the most secure ever and even fired the head of the agency by a tweet. What does that relationship look like this time?
Artificial intelligence – this one is mostly controlled by industry and if the next president wants to be industry friendly, he can’t regulate AI harshly. We are already seeing AI used for malicious actions and if nothing changes, that will continue.
Finally, end to end encryption – this is one that law enforcement has been trying to ban for decades. Is this their time to shine? Not clear, but possible.

As you can see, that is a pretty full plate. We shall see where these things rank on the next president’s agenda. Of course there are many ways to deal with this. Threats, negotiations, laws and pretending the problem doesn’t exist are all possible. Credit: Data Breach Today