ROLLING MEADOWS, Ill.--(BUSINESS WIRE)--While the US presidential campaign has occasionally focused on cyber security, the topic demands more urgent attention from the individual elected as the 45th President of the United States, according to leading cyber security and business technology association ISACA.
In an opinion column published in The Hill, ISACA recommends that cyber security be a significant component of the next president’s 100-day agenda, especially given its overlap with geopolitical and economic issues. Bolstering the US cyber approaches and responses is essential for critical infrastructure, national defense operations, and ultimately the US and global economies.
In the article, Theresa M. Grafenstine, CPA, CISA, CGEIT, CRISC, CIA, CGAP, CGMA, ISACA Vice Chair of the Board and Inspector General, US House of Representatives, outlines five top critical cyber security priorities that need to receive ample attention in the first 100 days of the 45th President’s new administration:
Bringing Order to Cyber Security Across All Levels of American
Government. An essential priority in the first 100 days must be
for the new president to work with Congress to take a more holistic
approach to address the ever-shifting threats present in the country’s
cyber security landscape.
- Until now, regulatory and enforcement agencies at the local, state and federal levels have been addressing cyber security issues with limited coordination and in piecemeal fashion, creating challenges for executing defense and response measures.
Dealing with Nation-State Attacks. The incoming president must
address the growing nation-state cyberattacks head on.
- Cyber is quickly becoming the new theater of war. Unlike traditional war, where rules and societal expectations, such as the Geneva Convention, have been in place for decades, cyber security lacks defined international norms. The new president will have the dual burden of dealing with nation-state attacks, as well as distinguishing between ‘cyberterrorist’ and ‘cyber freedom fighter.’ When it comes to international cyber security, adherence to an outmoded dogma of ‘an eye for an eye’ escalates to blindness in days, not months or years.
Skilling Cyber Security Professionals. More work must be done
to support the long-term construction of a robust educational pipeline
for skilling, reskilling and upskilling cyber security professionals.
- Legislative and other initiatives, such as tuition reimbursement and similar support for those obtaining cyber security degrees, are a good start. Further steps must focus on the profession in its entirety, with additional incentives for those who choose careers in the public sector, or protecting critical infrastructure.
Global Cyber Security Collaboration. The work on international
norms for cyber security must become an ingrained part of all meetings
of global leadership groups such as the G-7, G-20, ASEAN, APEC, and in
any technology-focused EU-US interactions.
- While there has been increased dialogue and work between nations, much more remains to be done. Likewise, as the new president interacts with world leaders one-on-one, cyber security needs to be a portion of those discussions.
Modernizing IT in Government. There must be a comprehensive and
sustained commitment to evolving government at the pace of innovation.
- The scorecard for US government IT is not pretty. Reviews have moved the government into the ‘mediocre’ category, at best. This must change, and quickly. Measures like H.R. 6004, the Modernizing Government Technology Act, are a good step in the right direction. More is needed.
With the nearly daily drumbeat of news about cyberattacks in the United States and around the world, ISACA urges the next US president to make these recommendations a top priority – both in the first 100 days of the new administration and throughout the next four years.
ISACA is a champion of Cyber Security Awareness Month as an organization dedicated to promoting a safer, more secure and more trusted Internet. Additional cyber security guidance and resources can be found at https://cybersecurity.isaca.org/info/cyber-aware/index.html.
ISACA® (isaca.org) helps global professionals lead, adapt and assure trust in an evolving digital world by offering innovative and world-class knowledge, standards, networking, credentialing and career development. Established in 1969, ISACA is a global nonprofit association of 140,000 professionals in 180 countries. ISACA offers the Cybersecurity Nexus™ (CSX), a holistic cybersecurity resource, and COBIT®, a business framework to govern enterprise technology. ISACA also advances and validates business-critical skills and knowledge through the globally respected Certified Information Systems Auditor® (CISA®), Certified Information Security Manager® (CISM®), Certified in the Governance of Enterprise IT® (CGEIT®) and Certified in Risk and Information Systems Control™ (CRISC™) credentials.
LinkedIn: ISACA (Official), https://www.linkedin.com/company/isaca