The Obama Administration has recommended that incoming President Donald Trump execute a comprehensive cybersecurity strategy, including the training of 100,000 white hats.
A special Commission has delivered a report outlining cybersecurity as one of the greatest challenges that the US faces—as reflected in President Obama’s 2017 budget, which calls for a more than 35% increase in federal cybersecurity resources.
The incoming Trump administration is first being advised to train 100,000 hackers by 2020 as part of a “national cybersecurity workforce program” that would deliver experts to businesses and government agencies across the country—addressing the much-publicized workforce skills shortage.
The Commission also recommends establishing international norms for hacking—a kind of Geneva Convention for ethics in cyberwar; and to establish a precedent for product liability when internet-connected devices have little or no security. The Trump administration is being asked to have the issue examined by the Department of Justice, Department of Homeland Security and regulators at the Federal Trade Commission and Consumer Product Safety Commission.
Obama said that he has asked the Commission, which included ex-NSA director Keith Alexander, MasterCard CEO Ajay Banga, plus other notable business executives, lawyers and academics, to brief the president-elect’s transition team at its earliest opportunity. He also called on Congress to fully fund the cybersecurity needs outlined in the 2017 budget and elsewhere before the end of the year—investing in areas such as securing federal information technology systems, protecting critical infrastructure, and investing in the cybersecurity workforce.
The Trump administration is also being advised to issue a national cybersecurity strategy in the first six months of his term, and to appoint a new cyber-advisor and cyber-ambassador.
“Agencies are increasingly centralizing their cybersecurity efforts and relying on the Department of Homeland Security (DHS) for shared services like vulnerability detection, network discovery and monitoring, intrusion detection and prevention, and cybersecurity assessments of high priority IT systems,” Obama said in a statement. “Consolidating DHS’ cybersecurity and infrastructure protection missions within a single DHS line agency—as my Administration has proposed, and as the Commission recommends—would further strengthen DHS’ ability to support federal and critical infrastructure cybersecurity.”
He added, “In total, the Commission’s recommendations affirm the course that this Administration has laid out, but make clear that there is much more to do and the next Administration, Congress, the private sector and the general public need to build on this progress. Deepening public-private cooperation will help us better protect critical infrastructure and respond to cyber incidents when they occur. Expanding the use of strong authentication to improve identity management will make all of us more secure online. Increasing investments in research and development will improve the security of products and technologies. Investing in human capital, education, and the productivity of the cybersecurity workforce will ensure that this country’s best and brightest are helping us stay ahead of the cybersecurity curve. Continuing to prioritize and coordinate cybersecurity efforts across the federal government will ensure that this critical challenge remains a top national security priority. And furthering the promotion of international norms of responsible state behavior will ensure that the global community is able to confront the ever-evolving threats we face.”