Trump 2.0 May Mean Fewer Cybersecurity Regs, Shift in Threats

  /     /     /  
Publicated : 23/11/2024   Category : security


Trump 2.0 May Mean Fewer Cybersecurity Regs, Shift in Threats


Given increased tensions with China over tariffs, companies could see a shift in attacks, but also fewer regulations and a run at a business-friendly federal privacy law.



President-elect Donald Trumps return and his promised shift to a more insular foreign policy will likely result in a new set of cyber threats, fewer regulations for most industrial sectors, and possible business-friendly federal privacy legislation, cybersecurity and legal experts say.
The president-elect is moving quickly with nominations for cabinet officials and other high-level appointees. While he named South Dakota Gov. Kristi Noem to lead the Department of Homeland Security, Trump has not yet named a candidate for director of the Cybersecurity and Infrastructure Security Agency (CISA), which leads government cybersecurity efforts.
Overall, however, companies should expect far less emphasis on regulations and more focus on protecting critical infrastructure and technology companies, says Michael Bahar, co-lead of global cybersecurity and data privacy at Eversheds Sutherland, a global legal advisory firm.
We are going to see — at the federal level — a deprioritization of cybersecurity regulations and cybersecurity enforcement, he says. One really important exception is where cybersecurity intersects with trade policy and national security and technology. Thats actually where youre going to see an increase of enforcement and at least a continuation of the regulatory environment.
Threats will likely shift depending on the changes in foreign policy initiated by the incoming Trump administration. Already, China has become
a major concern
for its cyber operations in the Asia Pacific, opposing US support for Taiwanese democracy and international opposition to
Chinas claims to large areas of the South China Sea
. Trumps stated support for Israeli settlers and for Russias annexation of parts of Ukraine will also likely drive increasing cyber threats.
With the departure from the policy of the Biden administration, the incoming US government will spur different rivalries, says Lou Steinberg, founder and managing partner of CTM Insights
As a new administration comes in — and theres a perception that maybe theres more support for Israel over Palestine, or more support for a deal with Russia, and maybe more toe-to-toe [tensions] with China — those will result in a different set of motivations, and so a different kind of response, Steinberg says. We need to realign to the new kinds of threats that come from a new political landscape.
The GOP platform hosted on the Trump for President site already prioritizes the safety of critical infrastructure and the industrial base against cyber threats. But that remains the only mention of cyber
in the entire document
.
The president-elects support for cybersecurity efforts shifted during his first term. In 2018, he signed the Cybersecurity and Infrastructure Security Agency Act, establishing the agency of the same name to lead efforts to protect critical infrastructure from cyberattack. Yet following his loss in the 2020 election, then President Trump
criticized CISAs statement validating the security of the elections
and
fired then-Director Chris Krebs
.
Still, the threat landscape has evolved since then, and in ways that align with the incoming Trump administrations priorities. Both China and Iran are considered larger threats, with a variety of officials pointing to Chinas effort to
establish a network of digital beachheads for a future possible conflict
as particularly dangerous.
President-elect Trumps pledge to set high tariffs on Chinese goods will likely increase tensions, and potentially lead to more significant attacks, causing China to shift its covert efforts to overt disruption, says Steinberg.
If China thinks were going to engage directly, their response could completely change, he says. Were likely to see a sustained attack against critical infrastructure — so yes power, yes water, yes communications. We usually think of [distributed denial-of-service] attacks as last[ing] a couple of days, not months, but the point will be to degrade our ability to respond.
Meanwhile, Iran will likely
ramp up efforts against US and Israeli targets
, following the president-elects deep support for Israel. Russia and Iran will likely continue to use disinformation against the US administration, but the approach may change, as both countries are focused on sowing discord, rather than supporting the agenda of one party over another.
The deprioritization of cybersecurity regulations — and promised efforts to shrink the federal government — will likely lead to less enforcement of cyber regulations against businesses. Yet data-protection and privacy regulations will likely see a shake-up, as states look to bolster privacy and give their attorneys general the ability to pursue violators.
As a result, the US could see federal privacy legislation, says Bahar, who also co-leads Eversheds Sutherlands Congressional Investigations group.
I think, at the state level, youre going to see an uptick — if thats even possible — of regulatory activity, in large part because there might be a perception that they need to step in to ... fill the void, he says. Its actually likely youre going to get a federal privacy law —  a very business-friendly federal privacy law — so that [companies do not have to deal with] that patchwork effect of state laws.
In the end, however, easing regulations may not result in less corporate focus on cybersecurity, because the latest cybercriminal attacks often threaten business operations, Steinberg says.
Weve seen more and more companies — even less regulated companies — start to worry about cyberattacks like ransomware, he says. So do I think a decrease in the regulatory environment might lead to a decrease in cybersecurity investment? Yeah, a little, but probably not in the defense industry, probably not in financial services, and maybe not in healthcare.
With increasing global tensions come increasing dangers, Steinberg says, and most companies will likely not be able to justify cutting budgets in the face of an uncertain threat landscape.

Last News

▸ IoT Devices on Average Have 25 Vulnerabilities ◂
Discovered: 23/12/2024
Category: security

▸ DHS-funded SWAMP scans code for bugs. ◂
Discovered: 23/12/2024
Category: security

▸ Debunking Machine Learning in Security. ◂
Discovered: 23/12/2024
Category: security


Cyber Security Categories
Google Dorks Database
Exploits Vulnerability
Exploit Shellcodes

CVE List
Tools/Apps
News/Aarticles

Phishing Database
Deepfake Detection
Trends/Statistics & Live Infos



Tags:
Trump 2.0 May Mean Fewer Cybersecurity Regs, Shift in Threats