It’s been suggested to President-elect Donald Trump that he should appoint a cybersecurity ambassador, who should focus on creating rules to align the world’s efforts to reduce cyber attacks.
The Presidential Commission on Enhancing National Cybersecurity presented a 100-page document that outlines suggestions on how to improve the US’s ability to prevent cyber attacks and other digital threats.
The 16 points of the report are presented as recommendations to Mr. Trump rather than as orders to President Obama. Trump has no obligation to follow any of the recommendations.”
“Now it is time for the next administration to take up this charge and ensure that cyberspace can continue to be the driver for prosperity, innovation, and change both in the United States and around the world,” Obama advised Trump.
Responsibility taken away from the public
The Commission wants to remove the burden of security from the public, and encourages a “top-down” approach. It advises organizations to ensure security by default and design, “for everyone’s benefit.”
100,000 cybersecurity experts
Another target of the Commission is to eradicate identity theft by 2021. To do this it is expected that Trump will need to hire 100,000 cybersecurity experts.
“Even if he were to do so, eradicating identity theft by 2021 is still a rather ambitious target – don’t you think?”
Throughout the presidential election, Trump never went into much detail about what his plans would be for US cybersecurity. His plans are still rather vague but, according to The New York Times, Trump has summoned tech leaders to a round-table meeting. It’s unknown what topics are to be discussed.
What little Trump has said about his plans is available on his website:
- Order an immediate review of all U.S. cyber defenses and vulnerabilities, including critical infrastructure, by a Cyber Review Team of individuals from the military, law enforcement, and the private sector.
- The Cyber Review Team will provide specific recommendations for safeguarding different entities with the best defense technologies tailored to the likely threats, and will followed up regularly at various Federal agencies and departments.
- The Cyber Review Team will establish detailed protocols and mandatory cyber awareness training for all government employees while remaining current on evolving methods of cyber-attack.
- Instruct the U.S. Department of Justice to create Joint Task Forces throughout the U.S. to coordinate Federal, State, and local law enforcement responses to cyber threats.
- Order the Secretary of Defense and Chairman of the Joint Chiefs of Staff to provide recommendations for enhancing U.S. Cyber Command, with a focus on both offense and defense in the cyber domain.
- Develop the offensive cyber capabilities we need to deter attacks by both state and non-state actors and, if necessary, to respond appropriately.
Regardless of Mr. Trump’s plans, organizations should continue to provide an adequate budget for cybersecurity, and spend their money wisely on a harmonized cybersecurity system that focuses on identified risks and covers people, processes, and technology.
ISO 27001 is the international standard for a risk-based information security management system (ISMS). To learn how an ISMS will benefit your organization, download our free green paper Cybersecurity & ISO 27001: Addressing the cyber threat landscape.