Skip to main content
close search
site logo

What security experts expect from Biden's cyber strategy

The private sector is playing a more active role in national security. Now, security professionals are hungry for even more cross-sector collaboration.

Published Dec. 7, 2020
Samantha Schwartz's headshot
Samantha Schwartz Reporter
Former Vice President of the United States Joe Biden speaking with supporters at a community event at Sun City MacDonald Ranch in Henderson, Nevada.
The image by Gage Skidmore is licensed under CC BY-SA 2.0

First published on

Cybersecurity Dive

As the incoming Biden administration takes shape, security experts expect to see cabinet members with existing cyber experience — even if it's not their first love. 

President-elect Joe Biden's nominations for security-related cabinet members thusfar includes: 

  • Secretary of State: Antony Blinken
  • Secretary of Homeland Security: Alejandro Mayorkas
  • Director of National Intelligence: Avril Haines
  • National Security Advisor: Jake Sullivan

"The reason I think this is a sea change is almost every one of these people does have experience dealing [with] these issues," said Chris Painter, president of Global Forum on Cyber Expertise Foundation, during a virtual panel hosted by the  Institute for Security and Technology Wednesday. Painter has held several roles in the Justice and State Departments and the White House in a cybersecurity capacity. 

Experts say the incoming administration will be more in tune with cybersecurity than previous administrations. Sanctions on foreign governments are limited and cyberwarfare is an even playing field. But the government has to first overcome domestic hurdles in unified cyber strategies. 

Over the course of his career in the federal government, Painter has seen "people come in at that very high level, [but] they have very little idea of what cyber is," he said. Though there have been exceptions over the last thirty years, such as Former U.S. Attorney General Janet Reno's early concerns about handling cybercrime, cyber hasn't traditionally been featured on cabinet members' resumes.

National security is taking a more proactive stance toward cybersecurity including multilateral strategy throughout the federal and local government. "I think you'll finally see cyber and cybersecurity become a true national security, economic security and diplomatic priority," said Painter. 

"We may see a return to cyber being treated as a real bipartisan issue; that would be a great change," Painter said. 

While other national security roles are vacant awaiting appointment by the president-elect, experts say one key addition is having a cyber chief inside the White House. A position recommended by the Cyberspace Solarium Commission, it's seen as critically important, which other administrations lacked. The final National Defense Authorization Act has a provision establishing a national cyber director, Politico reported Thursday

Rocky road

The private sector is playing a more active role in national security, in part due to substantial efforts by Cybersecurity and Infrastructure Security Agency (CISA) and the Solarium Commission. "I think that you'll see that the Biden administration will be interested in bringing in people who have experience in industry," including former Facebook CSO Alex Stamos, said Mieke Eoyang, SVP of the National Security Program at Third Way, during the panel. 

Security professionals are hungry for more cross-sector collaboration. "It goes beyond network defense. If you want to touch law enforcement or the intelligence community in some way, you just want to do it one time," said Kemba Walden, attorney, the Digital Security Unit at Microsoft, and former counsel in DHS. 

Information sharing is the "only way" to "drive up the cost of cyberattacks on critical infrastructure," said Walden. 

With a robust cybersecurity posture and personnel familiar with its importance, Eoyang welcomes "a respite from bold moves." 

Over the course of the Trump presidency, the tech industry experienced major antitrust movements, calls for changing encryption practices, threatening application bans, a robust election security plan, federal cyber leadership shakeups and most recently a standoff between the White House, social media giants and Section 230

While security is caught in the middle of larger technological disputes, the private sector hasn't always been incentivized to cooperate with the federal space. Despite the technological savvy of the National Security Agency (NSA), it's "distrusted by the technology community and I understand why," said Eoyang. Some companies are "uncomfortable" working with the FBI due its encryption demands. 

CISA was founded to remedy those hangups, and ease any doubts. Since its inception and under former Director Chris Krebs's leadership, the agency became a more trusted body of the government for the private sector to engage with. Still, there are disparate pieces of the federal government working on cybersecurity, fragmenting any form of unified coordination. 

The federal government has historically approached cyber as a military response, like what was seen in the Trickbot disruption in tandem with Microsoft. But instead of limiting defense strategies to operational chaos, what if the U.S. engaged in arresting actors behind Trickbot, said Eoyang. Law enforcement and the appropriate retaliation is still being figured out in cyberspace. 

Law enforcement's role in private sector cooperation has been tense, seen most recently in the Treasury Department's Office of Foreign Assets Control (OFAC) ransom sanctions advisory. Ransomware "will focus people's attention on dealing with that and trying to get to perpetrators in a very different way than what we've seen in the past," said Eoyang. Because of ransomware's prevalence, the incoming AG is "going to just have to deal with" how organizations handle response and recovery. 

Cybercrime and ransomware will shape the Biden administration's cyber tenacity and appetite for legal action. Cyber leadership will need to balance law enforcement and national security with the economic side of the U.S. government. "The Biden administration will need to step back, get its house in order [and] coordinate some of those things," said Eoyang. 

Recommended Reading

Editors' picks

Company Announcements

View all | Post a press release
How Local Governments Can Leverage Smart City Indicators to Enhance Urban Competitiveness
From Market Intelligence & Consulting Institute(MIC)
November 20, 2024

Want to share a company announcement with your peers?

Get started

Editors' picks
Latest in Tech & Data
image/svg+xml
Industry Dive is an Informa business
© 2024 Industry Dive. All rights reserved. | View our other publications | Privacy policy | Terms of use | Take down policy.
Cookie Preferences / Do Not Sell