Picks of the Week: Cybersecurity Lacking from 2016 Campaign Trail
Clinton’s Emails Drown out Cyber Debate | The Hill
While Hillary Clinton continues to face scrutiny for her email practices and the use of a private server during her tenure as Secretary of State, few of the 2016 Presidential candidates have discussed the more serious cybersecurity issues affecting the nation.
Securing the nation’s critical infrastructures and digital assets from cyber risk had been expected to be a focal point during the primaries and the election, given the growing scope, volume, and sophistication of cyber threats to the U.S. government, companies, and citizens alike.
Yet only a few candidates in either party have published proposals for combating cyber threats. And when asked about the issue on the campaign trail or at the debate podium, many of the candidates have given cursory responses or pivoted to other topics. Surprisingly, even the damaging breach of the federal Office of Personnel Management (OPM)—which was likely carried out by China and exposed sensitive personal information of over 32 million Americans, both federal employees and defense contractors—hasn’t gotten much attention since it was first disclosed last summer.
Until now, much of the conversation we have seen on the campaign trail around cybersecurity matters has focused almost exclusively on the federal investigation into Clinton’s emails, which could conclude later this year, and the question of how to take on ISIS online.
As The Hill explains in one of their articles this week, “candidates have their own reasons for shying away from the cyber debate. On the Democratic side, observers see little upside to bringing up the issue. Clinton, the front-runner, is looking to distance herself from allegations her email server was insecure, potentially exposing national security secrets to foreign hackers. Insurgent Democratic candidate Sen. Bernie Sanders (I-Vt.), meanwhile, is not an expert on Internet security and is unlikely to win new supporters by emphasizing it. On the Republican side, strategists say the topic simply doesn’t resonate with the GOP primary base.”
It is certainly true that there is a disconnect between the importance that voters place on cybersecurity as an issue, and how important it actually is to both their personal lives and the national security and economic stability of their country. The average voter and Internet user still lacks a basic understanding of the Internet’s interdepencies and inherent threats, and may not realize how nearly every aspect of modern society and the economy today depends on the accessibility, reliability, and security of Internet connectivity. And for those who care about cybersecurity, it is difficult to know where each candidate stands on the issue.
Policymakers and other government leaders, on the other hand, continue to struggle to be taken seriously in this space because of their own poor defenses—both CIA Director John Brennan and Department of Homeland Security Secretary Jeh Johnson had their personal email accounts broken into—and the lack of strong cybersecurity best practices across government agencies. Few of them have actually taken the time to educate themselves about the most pressing cyber threats and the basics of cybersecurity, and even fewer are taking proactive steps to make cybersecurity a priority.
As I have argued before, our leaders have a responsibility to master and develop good cyber policy and secure the country’s most valuable, sensitive information and infrastructure. All presidential candidates should be more articulate and proactive on cybersecurity issues, just like they are on issues from debt to healthcare to immigration. The future president, regardless of their party, will have to make cybersecurity (e.g. resiliency, privacy, and security) a top priority for their administration and think of this issue in terms of both national security and economic stability. This means that politicians and public officials at the highest levels need to have a deeper knowledge of cybersecurity, and—more importantly—not let relevant cybersecurity issues, such as economic espionage, encryption, and security of critical infrastructure, be lost in a political turf war. So far, even the few cyber issues raised during the national debates or on candidates’ platforms have often circled back to Clinton’s email scandal. The issue over Secretary Clinton’s email use seems to have taken a new urgency in recent days, since the US Department of State announced that they would withhold private emails chains from Clinton’s server that contain top-secret information, and as the battle for the two parties’ nominations heats up. In fact, while Clinton has spent much of her campaign trying to distance herself from this scandal, the policy plans of both Carson and Bush mention the controversy, and even Senator Sanders—who had previously refrained from invoking this dispute—has now raised the issue.
Hopefully, we won’t have to wait for a breach of even greater proportions than the OPM hack or of even greater strategic significance than the Snowden revelations to land cybersecurity discussions on the forefront of the campaign trail! – Francesca Spidalieri, Senior Fellow For Cyber Leadership