One of the great Greek philosophers, Plato, once said, “Necessity is the mother of invention.” Looking at the threats of today, we realize that cyber threats are real. We live in an age where criminal activities in cyberspace are as real as the criminal acts done in the streets and thwarting their crimes is a growing necessity. So what are we going to do about it? What is the government doing to defend its people from such threats? Well, the necessity for a defense against cyber threats has moved the U.S. government to develop a plan of action to address this.
The Trump administration released its National Cyber Strategy in September 2018, outlining how government agencies will handle cybersecurity and cyberthreats. The White House has been delayed from rolling out the doctrine, which was expected 90 days after President Donald Trump’s inauguration in January 2017. Since the inauguration, several changes in leadership occurred—which included the loss of Tom Bossert, former Homeland Security advisor, and Rob Joyce, who was formerly the special assistant to the president and cybersecurity coordinator at the White House.
Nevertheless, the administration now has a definitive guide in addressing and deterring cyberattacks of varying degrees. This document is the U.S.’ first full cybersecurity policy in 15 years.
Trump Cybersecurity Policy in Detail
The strategy takes on an aggressive stance. “We will respond offensively as well as defensively,” Bolton stated when explaining about tackling the government’s adversaries. This is a different policy from the one that existed during former President Obama’s administration, which required the military to consult with the State Department, intelligence communities, and other agencies before addressing an attack. In the Trump policy, the military has freer rein. Federal agencies can now work with state and local governments—even private businesses—to improve defenses against cyberattacks.
The expression of the Trump Cybersecurity policy is written and arranged according to the pillars of the U.S.’ National Security Strategy. Below are the four pillars and the summary of their content.
Pillar I: Protect the American People, the Homeland, and the American Way of Life
- The government will secure federal networks and information by centralizing the management and oversight of federal civilian cybersecurity. Under this rule, the Department of Homeland Security (DHS) has greater power to access agency information systems for cybersecurity purposes.
The Federal Government will deploy secure and reliable technology. This includes better information-sharing processes between agencies—increasing threat awareness throughout the supply chain.
- Securing critical infrastructure is another priority for the administration. It will raise the base level of cybersecurity across all agency infrastructure and refine the roles and responsibilities of all those involved for clearer accountability. This will help address threats and vulnerabilities in the systems and will encourage inter-agency training and collaboration.
The Trump cybersecurity policy will manage threats according to risk magnitude. It will also reduce risks in seven key areas: national security, energy, banking and finance, communications, health and safety, information technology, and transportation.
The Federal Government will continue to protect the election cybersecurity standards, the electoral process, and the tools that deliver this service.
It will improve transportation and maritime cybersecurity to avoid economic disruptions on shipments and other investments. It will develop next-generation maritime infrastructure to protect against cyber exploitation.
The internet plays a vital role in advancing economic prosperity, knowledge, and security. Therefore, positioning, navigation, and timing (PNT); intelligence, surveillance, and reconnaissance (ISR); satellite communications, and weather monitoring are critical assets that must be protected from evolving cyberthreats.
- In combatting cybercrime and improving incident-reporting, laws will be enforced to identify and prosecute offenders, dismantle criminal infrastructure, limit the spread of threats, and prevent criminals from profiting from their activities.
The cybersecurity policy will modernize electronic surveillance, update computer-crime laws, and promptly respond to incident reports. It will reduce threats from international criminal organizations and will better locate and apprehend criminals abroad.
Pillar II: Promote American Prosperity
The Trump administration knows the profound influence of the United States in the tech ecosystem and cyberspace. Because of this, it wants to preserve this influence for its economic growth and innovation.
- The government will foster a vibrant and resilient digital economy by incentivizing an adaptable and secure tech marketplace. This includes the development, adoption, and evolution of security innovations and processes. It will eliminate policy barriers to accelerate innovations.
There will be a stronger investment in next-generation infrastructure. Thus, the government will explore using emerging technologies like artificial intelligence and quantum computing. The government will also promote the free flow of data across borders—hence, forgoing data localization and regulation for digital protectionism, which tends to negatively impact the competitiveness of U.S. businesses.
- The Trump cybersecurity policy will foster and protect U.S. ingenuity to keep American inventions and innovations flourishing. It will thoroughly review foreign investment and operations in the U.S. to protect the country’s operations, such as telecommunication networks.
The administration sees the protection of intellectual property rights as critical to its economic growth and innovation. It will implement a new intellectual property rights system to protect trademarks, copyrights, and patents. Trade secrets and emerging technologies will be protected from adversarial nations so that the U.S. can maintain its edge in research and development.
- Developing a superior cybersecurity workforce is integral in the campaign. It will hire only the best and brightest talent who can competently make significant contributions to the organization.
The administration will work with Congress to implement training and offer educational opportunities to create a strong and able cybersecurity workforce. There will be Federal recruitment, training, and upskilling of people across all backgrounds. This applies both to workers in America and the Federal cybersecurity workforce. It will also reward high-performing talent who defend and support the U.S.’ cybersecurity infrastructure.
Pillar III: Preserve Peace through StrengthThe Trump cybersecurity policy aims to identify, counter, disrupt, degrade, and deter destabilizing behavior in cyberspace. It reiterates that cyberspace criminality will no longer be treated as a separate category from offline ones.
- The government wishes to enhance cyber stability through norms of responsible behavior. It will encourage universal adherence to cyber norms. The U.S. will urge other nations to affirm specific principles that define proper online behavior. As more countries agree to these expectations, this increasingly becomes a recognized standard for appropriate online behavior.
- The U.S. government will also attribute and deter unacceptable behavior in cyberspace. This plan ensures that there will be consequences for irresponsible behavior in cyberspace. Diplomatic, information, military, financial, intelligence, and law enforcement powers will be used accordingly if any malicious activities will harm the U.S. and its partners.
Objective and actionable information will be shared with various U.S. government agencies and partners. This plan of action will help all involved to develop the right responses to protect American interests. The U.S. will also impose informed, agreed-upon consequences against cybercriminals.
There will also be a Cyber Deterrence Initiative—a coalition that will develop strategies to make sure criminals understand the consequences of their actions. It will also counter pernicious cyber influence and information operations. It will use all available tools at its disposal to expose and combat those who propagate disinformation online.
Pillar IV: Advance American Influence
The government claims that the world looks up to the United States for leadership, given that the U.S. was where the internet began. It plans to preserve long-term openness, interoperability, security, and the reliability of the internet.
- The Trump cybersecurity policy states that it will promote an open, interoperable, reliable, and secure internet. Therefore, it will protect and promote internet freedom as a basic human right. It also supports the free flow of international communications in all industries. Freedom of expression and national security go hand-in-hand. The government will also work with nations, industries, the academia, and civilians that share the same views and principles. Working together will then help advance human rights and internet freedom.
- The administration plans to build international cyber capacity by investing in global partnerships that complement the government’s work. It will also expand its efforts to share information and technology with other partners. Ultimately, there will be a rich collaboration to build capacity on all fronts of cybersecurity.
The Trump Cybersecurity Policy—A Bold Move
The Trump cybersecurity policy is an aggressive approach towards malicious online activity. As the first policy in 15 years, it’s indicative of the government’s acknowledgment and understanding of the new reality of the internet.
It’s a holistic and proactive approach to cyber vulnerabilities that plague the U.S. and other nations. It takes on a multifront approach—addressing needs to train personnel, educating civilians, and creating national and international associations that help further the right to privacy, freedom, and cybersecurity.
The Trump administration isn’t hesitant to use all its powers and efforts to apprehend cybercriminals. The implications and repercussions will undoubtedly affect international politics, and it is something the world needs to watch out for. Perhaps this is the beginning of a new cyber climate that the world is eventually moving towards to—one that is truly integrated into our everyday reality.