President Trump says Monday will be day one of his administration, and right off the bat he’ll face questions about his cybersecurity policy.
Here’s what cybersecurity experts will be looking at as the new administration gets to work and its policies take shape.
What happens to the Department of Homeland Security?
Donald TrumpDonald TrumpScarborough: Missed opportunities in Trump’s inauguration speech BuzzFeed editor: Public deserved to see Trump dossier Trump to sign executive order to withdraw from TPP MORE‘s most recent remarks about a cybersecurity plan came in a late November video message where he vowed that “on day one” he would ask “the Department of Defense and Chairman of the Joint Chiefs of Staff to develop a comprehensive plan to protect America’s vital infrastructure from cyberattacks and all other form of attacks.”
But it’s not entirely clear what the administration considers “vital infrastructure.” And preparing domestic critical infrastructure for attack, however, is traditionally the domain of the Department of Homeland Security, not the Pentagon.
While defining who does what is a subtle organizational issue, DHS and the FBI currently have their own arrangement for divvy their respective roles in U.S. cybersecurity.
The DHS is like the fire department, helping put out immediate problems and promoting safety. The FBI is like an arson investigation
unit, concerned with catching perpetrators but not restoring systems.
And the military is, well, still the military. The Pentagon currently is not really involved in the domestic equation beyond intelligence and being able to fight back if foreign actors are responsible.
Still unresolved: Will this change and how much of a role will Trump actual play?
Trump’s approach to handling cybersecurity appears to delegate the issue to subject matter experts. In an earlier plan he announced before the election, that was seemingly overtaken by his plan to give the Pentagon a role, Trump wanted to delegate cybersecurity responsibilities to a new team that included private sector members.
Critics say planning for the military to present a plan itself means there is still much more work to be done.
The Cabinet may be full, but what about the rest of the pantry?
The Washington Post is tracking 690 key positions that the Senate must confirm. As of Friday’s swearing in, 660 had no nominee.
The Trump administration needs more than Cabinet secretaries to function. Key intelligence, engineering and technology posts at the Department of Defense, State, Commerce and other posts need to be filled to run an efficient government.
Will Trump back off his criticism of China?
Trump’s penchant for Twitter diplomacy has put China on the receiving end of a number of perceived slights. That’s included ignoring the “One China” policy and contacting Taiwan’s leaders, to floating the country as a suspect in the election hacks before Trump acknowledged it was Russia.
The U.S. relationship with China may be tenuous. The two superpowers may never be the best of friends.
But many are worried that if Trump antagonizes China it could undue the progress the two countries have made in the cybersecurity realm.
Though most politicians point to the Office of Personnel Management hack as the quintessential example of Chinese cyber espionage, traditionally the biggest threat China posed was hacking to steal intellectual property from businesses.
One of the great successes of the Obama administration was curbing that type of economic espionage through an agreement between Secretary of State John KerryJohn KerryWeek ahead: Early questions for Trump on cybersecurity Kerry and his dog stroll through women’s march Trump fails to mention Clinton in inaugural address MORE and Xi Jinping that hacking to benefit state run businesses was unacceptable.
Upending the U.S. relationship with China risks those agreements and has cybersecurity experts on edge. And Trump’s threats to renegotiate deals he thinks are unfair to the U.S. could lead China to put those deals back on the table. The cybersecurity world will be watching closely to see if Trump will temper his combative instincts to protect those cyber arrangements.
What about Russia?
Trump has positioned his defense of Russia as a desire to cultivate a friendly relationship with a potentially useful ally. But in defending Russia against the hacking allegations, he has begun trying to erase many of the cybersecurity decisions we once thought were written in ink.
Congressional lawmakers are treating the breaches attributed to Russia as an existential threat to American democracy.
But Trump spent months questioning the intelligence linking the attacks to Russia, then questioning the hack’s impact on the election before finally accepting that Russia was responsible.
Trump though is not eager to punish Russia as some in Congress.
Last weekend, he floated using the hacking sanctions against Russia as a bargaining chip in arms control negotiations.
Determining how we continue to deal with Russia means more than influencing how Russia continues to act. It also means determining whether or not hacking is a law and order issue with firm lines that should not be crossed. How Trump handles this issue will set the tone for much of his cyber policy.
Civil liberties group sues FBI to release Russia response
FBI, other agencies probing possible Russian aid for Trump: report
Russians not sold on Trump offer to link sanctions relief to arms control: report
Obama commutes Chelsea Manning’s sentence
Manning’s attorney: Obama commutation ‘saved her life’
Assange lawyer: Manning commutation doesn’t meet extradition offer’s conditions
Assange hedges on extradition to US
Earnest: GOP intellectually dishonest on Manning pardon
Pence: ‘Mistake’ to commute sentence for ‘traitor’ Chelsea Manning
Obama pardons James Cartwright in leak case
Decline in two families of malware has researchers stumped
Russia letting Snowden stay longer