US Cybersecurity Strategy In The Trump Era

In a few months there will be a new Trump Administration in Washington with an opportunity to update  US national security policies.  So it’s good time to reflect on what  might might be done  differently for cybersecurity.

A quick search on the Internet will reveal many national cybersecurity initiatives. However, given the recent data theft of DNC emails and DDoS attack on Dyn it’s evident that current initiatives aren’t working. The question to ask is why?  The quick answer is that we don’t have a national cybersecurity strategy that everyone can implement.

Click on any cybersecurity initiative you desire and you’ll find comprehensive strategies developed by smart security experts.  While well intentioned the writers make the common mistake of laying out cybersecurity strategies that are too complex for most organizations.  Apart from the top 0.1% of US organizations (financial institutions and intelligence agencies), the 99.9% simply don’t have the resources to implement anything complex.

A workable national cybersecurity strategy needs to be built using simple tasks the 99.9% can implement to mitigate the most common cyber-attacks. For those organisations have a higher threat profile, a cybersecurity strategy should also offer a clear path that steps-up their security posture, when called for. Thus we need a basic requirement that everyone can implement (without exception) plus a step-up path when necessary.

Another challenge in developing a national cybersecurity strategy that uniquely American is that we are an open society where the bulk of IT tasks are outsourced.  Thus cyber attackers know exactly what we’re doing.  A national cybersecurity strategy must be based on verifiable tasks (not secret activities) that reduce cyber risk.

So here’s three things the nation can do to make it less vulnerable to cyber-attacks:

1/ Implement 2-Factor Authentication

Basic: Implementing two-factor authentication is the simplest mitigation against credential theft.  The great thing about 2-factor is there are so many free or low cost solutions out there from mobile phone texts messages to soft client tokens to email verification. So there’s really no excuse not to do this!

Step-up: For those organisations desiring to, step-up from 2-factor, there are new attribute-based access control solutions like software defined perimeter (SDP) that verify device and user identity as well as check for software tampering.

2/ Encrypt Data Stores  

Basic: Application data stores, email servers and collaboration applications should all have their data encrypted.  Ideally the private key must be on a different physical server from the storage unit and should only be assessable with 2-factor authentication.

Step-up: The next step up from encrypting data on servers is keeping it encrypted on user’s devices.  This requires a bit more work, such as issuing and managing device certificates, but makes it more difficult for cyber attackers to get to data even if they compromise the user’s device.

3/ Lockdown Servers

Basic: Scanning for open server ports is a favorite technique of cyber attackers to gain entry to an organization.  Thus closing un-used interfaces is one of the easiest mitigation techniques. This can be done by configuring the internal Firewall on Internet facing application servers.

Step-up: Implement the OWASP Top 10 controls to further insure your Internet facing servers are not vulnerable to front door attacks.  Additionally, locking down internal servers with host-based Firewalls or software defined network (SDN) is also recommended for those organisations with higher risk profiles.

Looking the short “short-list”, you’ll find the recommended tasks have been around for decades.  While not fancy they’re proven to be effective.  More important, there’s no excuse for everyone not being able to implement them!  One can only speculate that if the DNC had encrypted their email storage system and implemented 2-factor how history would be different? Or if stronger authentication would have lessened the DDoS attack on Dyn?

A national cybersecurity strategy is well within our reach. We just need to align available security tools and techniques against the most common threats. There is no reason why this cannot be done.

CTO Vision:    

Donald Trump Has A Plan for CyberWar:      US Has A Strategy To Defend Against Another Massive IoT Attack:

 

 

« AI Needed To Prevent Cyber-Attacks On Healthcare
Artificial Intelligence: AI Fact & Fiction »

Infosecurity Europe
CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

Resecurity

Resecurity

Resecurity is a cybersecurity company that delivers a unified platform for endpoint protection, risk management, and cyber threat intelligence.

Clayden Law

Clayden Law

Clayden Law advise global businesses that buy and sell technology products and services. We are experts in information technology, data privacy and cybersecurity law.

ZenGRC

ZenGRC

ZenGRC (formerly Reciprocity) is a leader in the GRC SaaS landscape, offering robust and intuitive products designed to make compliance straightforward and efficient.

Infosecurity Europe, 3-5 June 2025, ExCel London

Infosecurity Europe, 3-5 June 2025, ExCel London

This year, Infosecurity Europe marks 30 years of bringing the global cybersecurity community together to further our joint mission of Building a Safer Cyber World.

LockLizard

LockLizard

Locklizard provides PDF DRM software that protects PDF documents from unauthorized access and misuse. Share and sell documents securely - prevent document leakage, sharing and piracy.

DeviceLock

DeviceLock

DeviceLock is a leading provider of endpoint device/port control and data leak prevention software.

ISO Quality Services Ltd

ISO Quality Services Ltd

ISO Quality Services is an independent organisation that specialises in the implementation, certification and continued auditing of ISO and BS EN Management Standards including ISO 27001..

ID-SIRTII/CC

ID-SIRTII/CC

Security Incident Response Team for Internet Infrastructure in Indonesia.

NNIT

NNIT

NNIT​ is one of Denmark’s leading consultancies in IT development, implementation and operations, including cyber security.

National Center for Manufacturing Sciences (NCMS) - USA

National Center for Manufacturing Sciences (NCMS) - USA

NCMS is a cross-industry technology development consortium, dedicated to improving the competitiveness of the US industrial base. Strategic initiatives include industrial cyber security.

Corsa Security

Corsa Security

Corsa Security is leading the transformation of network security with a private cloud approach that helps scale network security services with unwavering performance and flexibility.

NTIC Cyber Center

NTIC Cyber Center

NTIC Cyber Center is an organization dedicated to making the National Capital Region (Washington DC) more resilient to cyber-attacks.

Specops Software

Specops Software

Specops Software is a leading password management and authentication solution vendor.

Liquid Intelligent Technologies

Liquid Intelligent Technologies

Liquid Intelligent Technologies is a leading communications solutions provider across Africa, providing reliable connectivity, hosting, co-location, and digital services including cyber security.

Protek International

Protek International

Protek International delivers world-class Digital Forensics, eDiscovery, Cyber Security, and related Advisory services.

GoPlus Security

GoPlus Security

GoPlus is working as the "security infrastructure" for web3, by providing open, permissionless, user-driven Security Services.

Unisys

Unisys

Unisys is a global information technology company providing industry-focused solutions integrated with leading-edge security to clients in the government, financial services and commercial markets.

Curatrix Technologies

Curatrix Technologies

Curatrix Technologies is a Managed IT Service provider based in Hampshire, UK, providing high quality and reliable Managed IT Services since 2015.

Cyber Industrial Networks

Cyber Industrial Networks

Cyber Industrial Networks objective is to service the needs of industry in achieving reliable, robust and secure infrastructure that supports productivity.

Blockaid

Blockaid

Blockaid is the onchain security platform for monitoring, detecting, and responding to onchain and offchain threats.

Blackwire Labs

Blackwire Labs

Blackwire.ai is the first multidisciplinary cybersecurity advisor, powered by AI and trained by cybersecurity experts to enhance your team's capabilities and improve resilience.