Software Integrity

 

U.S. cybersecurity plans under a new administration

Little is known about Donald Trump’s actual policies regarding cybersecurity except that it is being discussed as a top-level priority in the new administration.

As a candidate, Trump articulated a four-part strategy, however, among security experts it was deemed fairly light-weight in response to the growing threat.

“It sounds like a fairly rational, high-level playbook … but much of this is already being done to a certain extent,” Jared DeMott, chief technology officer at Binary Defense Systems, told CNN Money.

The points in the Trump plan are:

  1. Perform a massive audit of the U.S. government’s digital assets and networks. While this is currently going on, it is occurring on an agency by agency basis. To audit the entire government may not be possible.
  2. More “cyber” police. This too is something that the government is already doing. The FBI and Secret Service both have public and private collaboration programs with industries and law enforcement agencies. For example there are various Electronic Crime Task Forces in major cities around the U.S.
  3. Enhance the U.S. Cyber Command. This goal is unclear. The U.S. Cyber Command is currently operated by the head of the National Security Agency. There has been talk of separating the organizations, however, Republicans in the U.S. Congress have expressed a desire to keep the status quo on this.
  4. Develop better cyber weapons. This, too, is already under development and it is unclear what a new administration would do beyond the current work.

Missing from the proposal are clear rules for companies and governments on when a hack counts as acceptable espionage or an act of aggression — or an act of war.

Perhaps these points will be made stronger during the transition period. Or perhaps after the new administration takes office. Either way, cybersecurity is at least being discussed.