Cybersecurity in the Trump Era
- Markus Melin, Head of Security Services at Tieto
- 15.11.2016 08:45 am cybersecurity
So now we have it: the underdog of all polls, Donald Trump, won the presidency. As the president of the USA has a strong mandate to govern we must also ask ourselves: what will Trump mean for cybersecurity?
Here is what I gathered from the information we have at the moment.
1. Cybersecurity is now a political issue
As we all know, security has been a top priority in political debate for a long time. I’m glad to witness that the understanding of security is evolving and that cybersecurity was also included in the US presidential elections.
In the first television debate, the candidates were asked their stance on cyber attacks. The answers were rather vague but the most important thing is that from now on every politician should prepare to answer these kind of questions. And the public has the right to expect reasonable answers.
Also, the hacking of Hillary Clinton’s emails and distributing the content was a major issue. In that sense cybersecurity was top-of-mind for months. Many journalists made the conclusion that cyber attacks are a way to interfere and influence election outcomes. As companies’ reputation can be harmed with cyber leaks, why not also politicians'.
2. Expect security investments
If we are to trust the plans laid out during the campaign, Trump will make a grand maneuver to audit the cyber security status of federal institutions. Given the general protectionism of Trump policy, I think this is a safe bet.
The statement goes: “Order an immediate review of all U.S. cyber defenses and vulnerabilities, including critical infrastructure, by a Cyber Review Team of individuals from the military, law enforcement, and the private sector.” There is a praiseworthy mention on using the best security technology available. Also establishing new protocols and mandatory cybersecurity training for the staff is notable and hopefully the new status quo of every organisation.
Based on the strong focus on new technology we can also expect investments to R&D for public and private security actors.
3. Free trade faces headwind
It is known that Mr Trump is not an unconditional supporter of free trade. Even though the upcoming president has especially barked at cheap import from Mexico and Asia, the commercial negotiations between the USA and the EU on TTIP are now put to halt.
As we are living in a more and more digital era where data and commerce flows over boundaries, Trump policy forces everybody to take a step back. Possible tariffs and tolls would of course make also software trade across the Atlantic more difficult.
4. What about the consumer?
When it comes to citizens as consumers, there are at least two points-of-view to consider.
First, there's the public control mechanisms over Internet and surveillance of individuals. The authoritarian policy of US federal institutions will most likely remain the same in the Trump era. Adding this to the interest of keeping Americans safe means that monitoring capabilities won't be diminished – more likely vica versa.
Second key theme is privacy and the security regulation of private sector. We don’t know how Trump administration will approach this in the US. The battle against Apple might resurface but that is not the whole story.
Take a look at what is happening in Europe. GDPR and the new imperative of privacy by design will come into effect on May 25th 2018. This accounts for US companies as well: every enterprise that handles customer information of EU citizens – Facebook, Google, etc. – must submit to the new security regulations. It can be expected that the law's enforcement will be strict. Will USA follow the same lines on its own market?
It remains to be seen how Trump presidency will affect companies’ decision-making on where they want to store their data. For EU citizens using US-based software and products there shouldn’t be reason to worry: GDPR covers all their consumer data no matter where the data center is located.
So, we have some open questions and the details of Trump security policy will remain to be seen. Cybersecurity won’t be undermined and that is a good thing.