President Cyberagenda

When the new president takes up residence at 1600 Pennsylvania Ave., cybersecurity will be on the shortlist for action. What’s a president to do?

TechNewsWorld asked more than a dozen experts what should be at the top of the new leader of the free world’s cyberagenda. Following are some of their responses.

“The president has to set the tone early on cybersecurity — within the first 100 days — and say right off the bat that this matters,” said Sam Curry, chief product officer at Cybereason.

The first priority should be protecting government systems, he explained.

“New cabinet secretaries have to understand that their mission can’t be done without secure systems,” said Curry. “Far too often, cybersecurity is not even on the list of priorities for initiatives and agencies and staffing.”

All government agencies should be required to adopt a formal assumption of breach framework, recommended Jeffrey Carr, CEO of Taia Global.

“This means that they acknowledge that they are currently in a state of breach,” he explained, “and must immediately act to identify and secure their critical assets as well as build in resiliency.”

Share the Wealth

Information sharing is another issue that needs executive attention.

Some progress has been made in sharing cyberintelligence between public and private sectors during the current administration, but the next administration should ramp up those efforts, recommended Scott J. White, director of the cybersecurity program at The George Washington University.

“The United States has the largest intelligence-gathering apparatus in the world,” he pointed out.

“Who is it gathering that intelligence for? If it’s gathering intelligence just for its own internal consumers in government, then we’re making a mistake,” White continued. “We have to be able to get real-time, threat-based cyberintelligence to the private sector.”

Public-private cooperation is important in organizing the nation’s cybersecurity efforts, maintained Damien Van Puyvelde, an assistant professor at The University of Texas at El Paso.

“This is something that President Obama has been focusing on, and it’s something I’d expect the next president to focus on,” he said. “If the president wants a strong economy, then the president needs to make efforts to make sure the private sector is protected from cybercrime and cyberthreats.”

Do No Harm

The new president should concentrate on initiatives that strengthen cybersecurity and not weaken it, maintained James Scott, a senior fellow at theInstitute for Critical Infrastructure Technology.

Critical infrastructure organizations protect their sensitive data through strict access controls and data encryption, he explained, yet legislation has been introduced in Congress to undermine those protections.

“Legislation that would weaken those controls by imposing nonessential access, such as backdoors, or that would weaken consumer protections such as encryption, are demonstratively harmful to the cybersecurity of the nation,” Scott said.

“Legislators would better spend their time, attention and resources focusing on correcting or mitigating the fundamental root faults in systems and processes that enable attackers to compromise systems, and that prevent public and private sector organizations from mitigating the risk before harm is realized,” he added.