Trump 2.0 may mean fewer cybersecurity regs, shift in threats

President-elect Donald Trump’s return and his promised shift to a more insular foreign policy will likely result in a new set of cyber threats, fewer regulations for most industrial sectors, and possible business-friendly federal privacy legislation, cybersecurity and legal experts say.

The president-elect is moving quickly with nominations for cabinet officials and other high-level appointees. While he named South Dakota Gov. Kristi Noem to lead the Department of Homeland Security, Trump has not yet named a candidate for director of the Cybersecurity and Infrastructure Security Agency (CISA), which leads government cybersecurity efforts.

Overall, however, companies should expect far less emphasis on regulations and more focus on protecting critical infrastructure and technology companies, says Michael Bahar, co-lead of global cybersecurity and data privacy at Eversheds Sutherland, a global legal advisory firm.

“We are going to see — at the federal level — a deprioritization of cybersecurity regulations and cybersecurity enforcement,” he says. “One really important exception is where cybersecurity intersects with trade policy and national security and technology. That’s actually where you’re going to see an increase of enforcement and at least a continuation of the regulatory environment.”

Threats will likely shift depending on the changes in foreign policy initiated by the incoming Trump administration. Already, China has become a major concern for its cyber operations in the Asia Pacific, opposing US support for Taiwanese democracy and international opposition to China’s claims to large areas of the South China Sea. Trump’s stated support for Israeli settlers and for Russia’s annexation of parts of Ukraine will also likely drive increasing cyber threats.

With the departure from the policy of the Biden administration, the incoming US government will spur different rivalries, says Lou Steinberg, founder and managing partner of CTM Insights

“As a new administration comes in — and there’s a perception that maybe there’s more support for Israel over Palestine, or more support for a deal with Russia, and maybe more toe-to-toe [tensions] with China — those will result in a different set of motivations, and so a different kind of response,” Steinberg says. “We need to realign to the new kinds of threats that come from a new political landscape.”

Administration — and Threats — to Focus on Critical Infrastructure

The GOP platform hosted on the Trump for President site already prioritizes the safety of critical infrastructure and the industrial base against cyber threats. But that remains the only mention of cyber in the entire document.

The president-elect’s support for cybersecurity efforts shifted during his first term. In 2018, he signed the Cybersecurity and Infrastructure Security Agency Act, establishing the agency of the same name to lead efforts to protect critical infrastructure from cyberattack. Yet following his loss in the 2020 election, then President Trump criticized CISA’s statement validating the security of the elections and fired then-Director Chris Krebs.

Still, the threat landscape has evolved since then, and in ways that align with the incoming Trump administration’s priorities. Both China and Iran are considered larger threats, with a variety of officials pointing to China’s effort to establish a network of digital beachheads for a future possible conflict as particularly dangerous.

To read the complete article, visit Dark Reading.