Early Wednesday morning on November 9th, Donald Trump was named President-elect of the United States. The deeply divisive race was the first to put cybersecurity (literally) centre stage at the candidate’s debates, throughout campaigning and in popular conversation. While no hackers tampered with votes on election night, “cyber”, as Trump calls it, was pivotal to its results.
Following attacks on Hillary Clinton’s and the Democratic National Committee’s (DNC) email servers last summer, and the subsequent dissemination of their contents onto Wikileaks, the progressive candidate’s credibility was called into question. In the final days of the election, many speculated that Clinton’s silicon bullet was an “October surprise” FBI investigation into her private email servers, which compounded earlier controversies. Hindsight aside, there are two certainties moving forward: Donald Trump will be President of the United States and he will have to address his people’s growing cybersecurity concerns.
In remarks made at a Retired American Warriors event, he stated, “To truly make America safe, we must make cybersecurity a major priority for both the government and the private sector.”
CBS quotes Trump as saying if elected, he would make cybersecurity an “immediate and top priority for my administration.”
Conversely, at the first candidate’s debate, he also famously said, “I have a son. He’s 10 years old. He has computers, it’s unbelievable. The security aspect of cyber is very, very tough. And maybe it’s hardly doable.”
Turning to his campaign’s cybersecurity page, which TechCrunch describes as “incredibly and perhaps dangerously vague”, Trump promises to review America’s cyber defenses and vulnerabilities, including critical infrastructure like energy and banking. This will be conducted by a “Cyber Review Team” composed of experts from the military, law enforcement and the private sector, who will offer recommendations and develop mandatory protocols and awareness training for government employees.
He will also ask the Department of Justice to create Joint Task Forces across America to coordinate law enforcement responses to cyber threats. The Secretary of Defense and Chairman of the Joint Chiefs of Staff will: “provide recommendations for enhancing U.S. Cyber Command, with a focus on both offense and defense in the cyber domain”. In short, the President-elect will be taking a militaristic approach to cybersecurity.
Perhaps what’s most of concern to private citizens and companies is how aggressive (read: cavalier) he will be with their privacy. After calling for a boycott of Apple products when the tech giant refused to unlock an iPhone associated with last year’s San Bernardino shootings, many worry Trump’s law-and-order outlook will lead to expanded governmental surveillance and access to encrypted data.
As Fortune notes, forcing companies to offer backdoor access to their products is vehemently opposed by the tech industry as it weakens security for everybody. Republic Senator Richard Burr, who tried legislating and mandating similar access last year, was re-elected on Tuesday — with the GOP also now controlling Congress and the Senate. If the future president wishes to disregard privacy and encryption, he will certainly have allies in both Houses.
Opinions on how much power Trump will exercise vary. On the more wary side, Hank Thomas, COO at Strategic Cyber Ventures and a veteran of the National Security Agency, is quoted by Fortune as saying, “I imagine (Trump) is going to be a guy who is probably going to mandate back doors. I don’t think he’s ultimately going to be a friend to privacy, and the fearful side of me says he will get intelligence agencies more involved in domestic law enforcement.”
Of a more temperate tone, Brian White, COO of RedOwl Analytics, tells Bloomberg, “I think we have to remember there are other branches of government that need to be engaged to enable him to continue to be more aggressive … I think of all the priorities he has coming up, going after and changing encryption in this country is not going to be at the top of the list.”
Following an election season marked by unpredictability, forecasting Trump’s next steps may be futile. In these early days, all the cybersecurity community can ultimately do is encrypt, wait and see.
Leave a Comment