The Gallery: What to Expect for Cybersecurity in 2017

state house gallery

CompTIA recently hosted a webinar titled “CYBERSECURITY: What to Expect in 2017” that I moderated. We had an in-depth discussion on the most important cyber issues facing our nation.  Our featured speakers were Signal Group Executive Vice President Greg Garcia and Austin Carson, the Legislative Director to Representative Michael McCaul (R-TX), Chairman of the House Committee on Homeland Security.

Greg served as the nation’s first Department of Homeland Security (DHS) assistant secretary for cybersecurity, and as a professional staff on the House Science Committee.  Austin helps lead the Congressional Staffer Technology Working Group, comprised of about 80 different Congressional offices. 

Looking into 2017, we face difficulties on the cybersecurity front on many different levels.  Austin said defining the cybersecurity responsibilities in Congress with the various sub committees will be challenging, and jurisdictional concerns will be heightened.  Because of recent legislation aimed at reorganizing and strengthening cybersecurity efforts with the Department of Homeland Security (DHS), there will be an opportunity to examine these issues more closely.

Another substantial issue that will be at the forefront is the Internet of Things (IoT) and digitally connected devices.  There is talk about the possibility of a physical world kinetic attack, including threats against critical infrastructure and industrial control systems that operate infrastructure.   Austin said these flashpoint events are starting to become top-of-mind for lawmakers, and his committee is currently working on cybersecurity assurance.  Discussions will also be had about what’s the appropriate role of the federal government –specifically DHS, NIST, FCC — including appropriate oversight and guidance as well as reaching out to private sector partners.  Austin also said there is already some conversations about regulating IoT—without over meddling.

Austin welcomed greater engagement with the private sector and invited them to work with CompTIA, and to come to the Hill and have conversations with his team about best practices. He looks forward to getting a highly-informed perspective on cybersecurity and what it looks like in practice for those on the ground.

Greg Garcia of Signal Group next discussed Trump administration priorities as they relate to possible cybersecurity policy.  He said that the new administration’s infrastructure spending priority will spur demand for digital next generation platforms and services (including IoT, smart cities and smart states) and the security solutions to protect them.  However, funding sources will be politically charged and to be determined.

Greg said Trump’s general deregulatory stance countered by cybersecurity policy statements suggest a potential for more regulatory/DOD-oriented posture; e.g., demanding an encryption backdoor on iPhones for surveillance.  Trump’s denials of Russian hacking notwithstanding, he added that we should expect more confrontational and retaliatory cyber operations, and the potential for damaging blowback. He noted that Trump’s calling for a reevaluation of cybersecurity critical infrastructure by the DOD and Joint Chiefs of Staff implies a potential shift in policy away from DHS jurisdiction.

He also discussed the business opportunities that exist for the private sector, including a DHS State Cyber Grants program.  Currently, there are two draft bills in the House and Senate that would establish a dedicated DHS Cyber Grant program for the states.  In fact, Signal is launching a coalition of companies—which includes CompTIA –to support that legislation.  The idea is to drive more funding to the states which are underfunding cybersecurity and, as a result, can’t take advantage DHS programs, standards of practice and training.  Without the states having some fundamental cybersecurity architecture, education, and training, they can’t take advantage of those DHS services.  Garcia said this is an opportunity to build out the state government’s information budgets, and to do it in a way that really addresses the administration’s infrastructure investments and may play out in more smart cities initiatives.

You can take a listen here.

David Logsdon, senior director of public advocacy for CompTIA. In this role, he runs the association’s New and Emerging Technologies Committee (focused on the policy surrounding social, mobile, big data/data analytics, cloud, the Internet of Things, and smart cities.

The Gallery is a forum for ideas and examination of matters facing state and local government. Readers, members of the media, academics or the business community are invited to submit guest columns to bailey{at}civsourceonline{dot}com. Member of the public sector? We’re interested in hearing from you too. CivSource does not endorse the views presented in The Gallery, but offers them in an effort to present more diverse coverage. CivSource will review all submissions but does not guarantee publication of all works submitted.