Regardless of your political preferences, we can all agree on one thing – cybersecurity worldwide is an explosive mess. It’s been a trending topic throughout 2016, especially with the presidential elections in the U.S. From major breaches like Yahoo and Tesco to DNC hack and fears the election might be compromised, cybersecurity has kept everyone alert. Now that one of the most ferocious election cycles in the U.S. history has come to and end, the outcome will unavoidably have consequences on legislation, consumers, and businesses.
As President-elect Trump reveals his plans for the first 100 days in the Oval Office, analysts and tech experts try to predict what his presidency means for the industry and the consumer. There is, however, one inherent flaw in many predictions – political affiliation. Trump supporters say his administration will be great at protecting Americans and the critical infrastructure from cyber threats, Trump opponents think otherwise. This affiliation clouds the judgment of both sides.
We could see how a disconnect from reality hinders the ability of analysts to provide accurate predictions during this election cycle. With Donald Trump winning the race, many polling firms and most of the Silicon Valley analysts and visionaries are shocked. Tracking and analyzing the big data of clicks, tech moguls have lost track of the nation’s intentions.
That said, let us leave individual political views aside and take a look at the upcoming trends that may shape the cybersecurity landscape in 2017.
The Obama administration introduced the Cybersecurity National Action Plan in 2016, seven years in the making. It focuses on cyber-security awareness and the digital security of the consumers, among other things, and we can expect that to remain a growing trend under Trump.
Cyber Review Team and Joint Task Forces
Trump’s 100 Day Action Plan and his vision on cybersecurity include the establishment of a cross-department Cyber Review Team and Joint Task Forces. A review of all U.S. cyber defenses and vulnerabilities will be conducted by experts from the military, law enforcement and private sector under the Cyber Review Team plan. The Joint Task Forces will coordinate Federal, State, and local response to cyber threats.
Restoring National Security Act
An important part of the 100 Day Action Plan is Trump’s intention to restore the National Security Act to protect the U.S. critical infrastructure from cyber attacks. Which means greater surveillance, in the long run, anyway you look at it.
Cutting the Red Tape
Trump also promised that two federal regulations would be repealed for every new regulation as a part of his plan to cut the red tape for the businesses. This could affect the cybersecurity legislation, especially the data breach notification liabilities for the companies.
Data Breach Notification Legislation
On the other hand, the supporters of legislation that would bind companies on how often and when they have to notify customers of a data breach will be pushing the legislation further. It’s a controversial topic for the Congress, and we might expect to see more proposals addressing data breach rules in 2017.
Trump has called for a boycott of Apple for the company’s refusal to assist the FBI in un-encrypting the iPhone in the notorious FBI vs Apple case. Further, Trump announced Mike Pompeo as his pick to head the CIA in his administration. Pompeo is known as a strong advocate of backdoors and mass surveillance for the greater good, as well as a prison sentence and execution for Snowden.
“I support legislation which allows the NSA to hold the bulk metadata. For oversight, I propose that a court, which is available any time on any day, is created to issue individual rulings on when this metadata can be accessed,” said Donald Trump during his election campaign.
This approach could bridge the proponents and opponents of mass surveillance by giving the agencies the coveted bulk metadata and by adding a layer of accountability to how they can access it. Still, we don’t expect this to go well with the privacy protection groups.
Trump’s vision on cybersecurity includes focusing on “offense and defense in the cyber domain.” “Developing offensive cyber capabilities” to counter state-sponsored and private attacks comes across as a decisive stance. With such major players at the table as Russia, China, Islamic State and numerous private parties, the cyber warfare could escalate to the hot phase in the upcoming year.
More on that topic, during the late-2015 Republican debate, Trump proposed to shut down “parts of the Internet where ISIS is.” As technically improbable as it sounds, such stance signals about Trump’s willingness to restrict certain Internet freedoms for the sake of national security.
Trump and the Silicon Valley
Trump and Silicon Valley is an important confrontation to keep an eye on, as many tech giants are on Trump’s radar – Amazon for tax avoidance, Apple for relocating its manufacturing overseas (and encryption), Facebook and Twitter for political affiliation. Some of the Silicon Valley’s moguls go as far as to calling for Calexit, California’s analog for Brexit. Even though the Republican minority in the Silicon Valley, represented by Peter Thiel, are willing to work with the new administration, many of the tech elites might not be so willing to cooperate.
Businesses and Consumers
Given the legislation in cybersecurity traditionally lags behind the industry and the threat landscape, we might expect, with a large degree of probability, that the consumers and businesses will be mostly left to their own devices in the midst of the state- and privately-sponsored skirmish of cyber attacks. As the new administration will be busy repealing and replacing all or parts of the ACA, reforming immigration laws, and forming the Joint Task Forces, Internet will be anything but the “safe space” – exactly the way it is now and has been for years before Trump. Expect harsh criticism, legitimate or biased, of any Trump’s initiative from the Silicon Valley corner, which does not add stability or certainty to the businesses struggling to protect their corporate data from espionage and mass surveillance, and remain compliant with the regulations at the same time.
Cybersecurity market will grow, there is no doubt about that. Allied Market Research published a “Cyber Security Market by Solution, Services, Deployment Type, User Type, Industry Verticals – Global Opportunity Analysis and Industry Forecast, 2014 – 2022.” It predicts the global cybersecurity market to reach $198 billion by 2022. In 2015, the U.S. was the leading contributor to the global revenue, but by 2022 Asia-Pacific is projected to dominate. Trump might not be a tech guru, but he knows business, and his administration will make sure the tide does not change for America in the cybersecurity market.
How? Industry experts already offer actionable advice:
- forgiving or deferring student loans for cybersecurity students to fill in the talent gap;
- creating a Cyber Advanced Research Projects Agency that would foster innovation in cybersecurity;
- elevating cybersecurity and coding to the fundamental subjects taught at schools;
- establishing the principle that nations must be held accountable for cyber attacks launched from their territories.
Proceed As Usual
With the potentially explosive internal landscape on the U.S. political arena, with some tech influencers unwilling to work with the new administration, businesses and consumers should adhere to the best cybersecurity practices as usual. Encrypt, use advanced authentication, strictly monitor BYOD, increase employee cybersecurity awareness, manage access privileges, invest in data protection and elevate cybersecurity to the C-suite level responsibility.
Should Trump’s administration enforce mass surveillance, more businesses, and consumers will finally deploy end-to-end encryption for their communications and data storage. Should there be extended privileges for the state agencies to demand the tech companies hand in their customers’ encryption keys and metadata without any accountability or transparency (i.e. no change from today’s disposition), more businesses and consumers will seek foreign providers that offer zero-knowledge services.
Forward-thinking businesses already deploy end-to-end encryption like FortKnoxster for all their secure communications, which is undoubtedly one of the growing trends in the industry.
Join FortKnoxster and start protecting your online privacy.
Visit our Facebook page and Twitter page for more inspiration.