More than half (55 percent) of information security professionals anticipate cybersecurity will factor as a key issue in the 2016 U.S. Presidential race.
Last month, as part of Black Hat USA 2015, Tripwire conducted a survey of 210 information security professionals. Of those respondents, more than a third (39 percent) revealed their expectation that cybersecurity would become a central issue in the 2016 Presidential race. An additional 15 percent agreed; however, they tempered their responses by stating that any political attention drawn to cybersecurity would not ultimately matter because “the problem is too complex.”
“There is a big difference between having a candidate that has a cybersecurity policy and a candidate who has an understanding of cybersecurity,” said Dwayne Melancon, chief technology officer at Tripwire. “There have been past difficulties in passing effective legislation and often unrealistic expectations regarding the government’s role in the cybersecurity space.”
“It will be important for any candidate to not only articulate their concern for cybersecurity but to also share a concrete plan for how they will incorporate the expertise of respected experts who can help craft practical, effective, and sustainable cybersecurity policies,” added Melancon.
Meanwhile, 32 percent of the survey’s participants believed that some of the candidates would discuss cybersecurity but that those conversations would consist largely of rhetoric and hardly any substantive policy recommendations. The remaining 14 percent of respondents felt that cybersecurity would not factor as a key issue in the 2016 Presidential race.
The fact that most respondents felt cybersecurity would become a topic of discussion among presidential hopefuls influenced how they approached other parts of Tripwire’s survey. For instance, when asked whether they would vote for a presidential candidate that does not have a strong position on cybersecurity policy, close to three-quarters (68 percent) of participants stated “no.”
This finding suggests that politicians will need to outline how they would approach cybersecurity at some point in their presidential campaigns, especially in light of the growing number of data breaches and targeted attacks against American retailers.
“Politicians haven’t become more literate on the cybersecurity issue, but they certainly have become more aware of the financial results of inaction,” said Tim Erlin, director of IT security and risk strategy for Tripwire.
“There’s no doubt that recent incidents, such as last year’s Sony hack and the recent OPM breach, have raised the political profile of cybersecurity in this country, driven not by a renewed interest in technology but by the increasingly disastrous effects of successful attacks. While the majority of respondents view cybersecurity policy as a key issue, there has been little agreement on the details of how government should be involved,” Erlin said.
Most political candidates still have yet to outline a definitive cybersecurity policy. For instance, Republican hopeful Jeb Bush, who has limited his comments on cybersecurity to placing greater restrictions on the encryption standards available to private tech companies like Apple and Google, has yet to make any reference to it on his actual campaign website.
“There’s a place to find common ground between personal civil liberties and [the National Security Agency] doing its job,” the former Florida governor is quoted to have said. “I think the balance has actually gone the wrong way.”
Bush went on to explain that encryption “makes it harder for the American government to do its job” and called for “a new arrangement with Silicon Valley” to address what he termed as a “dangerous situation.”
Up-and-coming Republican candidate and former Hewlett-Packard CEO Carley Fiorina echoed Bush’s sentiments when she stated that tech giants should “collaborate and cooperate” with the federal government in tackling cybersecurity issues, including encryption.
“We need to tear down cyber walls not on a mass basis but on a targeted basis,” she said.
Meanwhile, neither the Republican frontrunner Donald Trump nor the Democratic leader Hillary Clinton has yet addressed the issue of cybersecurity. The former may eventually do so after his hotel chain began investigating a credit card hack earlier this year. It is unlikely that the latter will do so anytime soon, however, as is evident by her having made no mention of cybersecurity in her “Four Fights” website category. Ultimately, an appeal to information security is sure to only prolong the private email scandal that continues to plague Clinton in the media.
A third-party website has published the cybersecurity record of Bernie Sanders, who is challenging Clinton for the Democratic seat, but he himself has yet to address the topic in his official campaign. You can read about his views on the issue here.
We will also have to see to what extent the candidacy of John McAfee, who recently announced he will be campaigning for the 2016 Presidency under his newly created “Cyber Party,” pans out.
To read more about Tripwire’s participation at Black Hat USA 2015, including this study and another survey it conducted during the event, please click here.
Title image courtesy of ShutterStock