What will the state of cyber security look like under a Donald Trump administration?

The election is over, the votes have been counted, and thankfully, other than a few isolated reports of malfunctioning voting machines, Election Night was unremarkable from a cyber security perspective. Now, it’s time to turn our attention to President Elect Donald Trump and what a Trump Administration will mean for cyber security in the U.S.

Donald Trump’s Official Stance on Cyber Security

Cyber security is the only tech-related topic that Trump addresses directly on his official website. At this point, his plan has four main points:

• Appoint a “Cyber Review Team” composed of “individuals from the military, law enforcement, and the private sector” to perform “an immediate review of all U.S. cyber defenses and vulnerabilities, including critical infrastructure” and “provide specific recommendations for safeguarding different entities with the best defense technologies tailored to the likely threats.” The Cyber Review Team will also be tasked with establishing protocols and setting up “mandatory cyber awareness training” for government employees.
• “Instruct the U.S. Department of Justice to create Joint Task Forces throughout the U.S. to coordinate Federal, State, and local law enforcement responses to cyber threats.”
• “Order the Secretary of Defense and Chairman of the Joint Chiefs of Staff to provide recommendations for enhancing U.S. Cyber Command, with a focus on both offense and defense in the cyber domain.”
• “Develop the offensive cyber capabilities we need to deter attacks by both state and non-state actors and, if necessary, to respond appropriately.”

Much like HIPAA, Trump’s plan focuses on procedural generalities as opposed to technical specifics. However, this is to be expected of a presidential candidate who comes from a business background, not a tech background. The positive thing about the plan is its focus on taking proactive measures to prevent attacks, not just responding to them after they occur.

What to watch out for: Who Trump appoints to his Cyber Review Team. President Elect Trump should seek out experienced cyber security professionals with deep knowledge of the industry and the issues to hammer out the technical details of his plan.

The End of the H-1B Visa?

As a candidate, Trump famously took a hardline stance on immigration, including an initial pledge to eliminate the H-1B visa program that is heavily used by the tech industry. This has alarmed many tech employers, who claim that the H-1B is necessary because there is a shortage of qualified IT workers in the U.S., and that without being able to import talent from overseas, critical positions would go unfilled. This is an important issue in the cyber security field, which faces a severe skills shortage; there are approximately 200,000 unfilled cyber security jobs in the U.S., and demand is expected to increase by 53% by 2018.

However, it is important to note that Trump softened his stance on the H-1B at a Republican debate in March, claiming, “I'm changing. I'm changing. We need highly skilled people in this country.” Additionally, since his election, he has backed off from his initial zero-tolerance immigration stance overall.

What to watch out for: Whether Trump will abolish the H-1B is debatable. As a businessman, he used it to hire foreign workers, and his wife, soon-to-be-First-Lady Melania Trump, came to America on an H-1B. However, it is likely that Trump will make some changes to the H-1B program, and it is up to cyber security companies to ensure that our voices are heard as he makes decisions on this issue.

Cyber Security as Part of National Security

Throughout his campaign, Donald Trump referred to cyber security in the context of national security. At a debate against Hillary Clinton in September, he spoke of the gravity of the threat of foreign cyber terrorism against the U.S.:

…when you look at what ISIS is doing with the Internet, they’re beating us at our own game. ISIS.

So we have to get very, very tough on cyber and cyber warfare. It is — it is a huge problem. I have a son. He’s 10 years old. He has computers. He is so good with these computers, it’s unbelievable. The security aspect of cyber is very, very tough. And maybe it’s hardly doable.

But I will say, we are not doing the job we should be doing. But that’s true throughout our whole governmental society. We have so many things that we have to do better, Lester, and certainly cyber is one of them.

What to watch out for: It is possible that a Trump Administration will increase spending on cyber security at the federal level and impose more stringent requirements on state and local governments. Since the number and severity of data breaches and ransomware attacks are intensifying, these would be welcome changes.

Author's Bio: 

Michael Peters is the CEO of Lazarus Alliance, Inc., the Proactive Cyber Security™ firm, and Continuum GRC. He has served as an independent information security consultant, executive, researcher, and author. He is an internationally recognized and awarded security expert with years of IT and business leadership experience and many previous executive leadership positions.

He has contributed significantly to curriculum development for graduate degree programs in information security, advanced technology, cyberspace law, and privacy, and to industry standard professional certifications. He has been featured in many publications and broadcast media outlets as the “Go-to Guy” for executive leadership, information security, cyberspace law, and governance.