Cybersecurity has never played a bigger role in the election process in the United States than in the current presidential election. From suspected Russian hacks to email servers, following the digital escapades of this election has been a veritable survey of possible exploits. Given such a backdrop, you’d think the candidates vying for the job of President of the United States of America (POTUS) would make cyber security a top priority.
While the statements to date have been less than satisfying, the president-elect needs an effective cyber security plan, complete with rapid implementation, to protect more than their reputation: the future health of the American economy may depend upon it.
Where Things Stand
President Obama’s administration set forth cybersecurity initiatives that have moved game pieces forward on the global chess board, but not to the full extend needed. The Cybersecurity National Action Plan (CNAP), as it is known, has worked on some key points:
• Establishes the Commission on Enhancing National Cybersecurity, a community of top thinkers from outside the government to work with federal resources on privacy and public safety.
• Increased the budget to modernize federal technology. In light of the hack of the Office of Personnel Management (the HR department of the federal government), largely due to outdated technology, the White House recognized the susceptibility of any and all government offices and the need for modernization.
• In addition to funds for infrastructure, approved a $19 billion cybersecurity budget for the coming fiscal year. The next POTUS will be set up with a budget that is a 35% increase over 2016, but will need to manage those funds effectively.
• Launched a national cybersecurity awareness campaign, in conjunction with key technology firms, to better protect online accounts and services for Americans. The focus on email communications, government interactions and financial transactions, ideally, will better protect both citizens and businesses of any size.
During the presidential debate season, candidates were asked about cybersecurity concerns. Unfortunately, the nature of this election season (seemingly greater emphasis on personal style than policy structure), meant that viewers got no real answers.
Hillary Clinton spoke to some of the main threat sources and the ongoing concern over Russian politically-motivated attacks. She said, “We’re going to have to make it clear that we don’t want to use the kinds of tools that we have. We don’t want to engage in a different kind of warfare. But we will defend the citizens of this country.” This vague reply was followed by a personal statement about Donald Trump being unfit for presidency.
Donald Trump began by saying he agreed with parts of what Clinton said, denied the Russian-origin of the attacks and then said, “We have to get very, very tough on cyber and cyber warfare. It is—it is a huge problem. I have a son. He’s 10 years old. He has computers. He is so good with these computers, it’s unbelievable. The security aspect of cyber is very, very tough. And maybe it’s hardly doable.”
If you watched the debate looking for the outline of a plan, neither reply really provided it.
What We Know
Cybersecurity has never been more important. An individual can spend nearly $1000 and 20 hours on a personal cybersecurity attack. For businesses the costs can skyrocket, with an individual business spending thousands of dollars, millions in some cases, or possibly going out of business as the result of a cybersecurity incident. By 2019 the cost of cyber crime is projected to reach $2 trillion.
That data is why cybersecurity is a federal issue: every citizen in the nation is affected by cybercrime. Such potentially widespread national impact could crash the entire market. No other crime issue has such sweeping repercussions. Isn’t that sufficient reasoning to make cybersecurity a top priority for the next president?
What We Need to Know
The next level of cybersecurity will require political cooperation, with answers to stop tough questions:
• How can existing agencies such as the NSA, FBI, CIA and Department of Homeland security best work together, or be restructured for today’s cybersecurity defense?
• What level of “spying” on its own citizens is appropriate for the protection of others, and how to does that contrast with the implicit or implied constitutional right to privacy?
• What requirements and also what resources can be instituted at a federal level to protect US citizens and also businesses from cyber attack?
• What is the realm of responsibility for protection, and what prosecution rights will there be in a cyber verse that is increasingly irrespective of national boundaries?
These and other questions will be required of the next POTUS. Who is best qualified to answer them? That’s the responsibility of voters.