How Will U.S. Cybersecurity Look Under Trump?

Why Trust Techopedia

As the new Trump administration enters office, cybersecurity companies are closely following the transition, statements, speeches, and policy announcements — searching for signals to decode what is coming next in American cybersecurity.

The Trump team has already made it clear that it plans to roll back many regulations that it believes hinder innovation and market growth.

The ‘America First’ policy is also expected to draw harder lines for foreign threat actors and tighten sanctions and restrictions on China.

Techopedia rounded up cybersecurity experts with the experience and insight to answer the tough questions on regulations, national cybersecurity, and artificial intelligence (AI).

Key Takeaways

  • The Trump administration is expected to intensify its stance on cybersecurity threats from foreign actors.
  • There will be a focus on prioritizing countermeasures against state-sponsored attacks, particularly from nations like China, Russia, and Iran.
  • Experts talk about deregulations and plans to roll back policy.
  • CISA may prioritize cyber defense, but broader federal coordination will be needed.
  • Vulnerability disclosure programs could play an important role in AI and software security.

Threat Actors: A New U.S. National Security Direction?

HackerOne, a U.S.-based company that works with the government and its federal agencies, and uses the talent of the world’s largest community of ethical hackers, was our first stop.

Tehchopedia spoke to Ilona Cohen, Chief Legal and Policy Officer at HackerOne, about what we should expect.

Advertisements

She said:

“The first Trump administration took a strong stance on cybersecurity threats from foreign actors, particularly Russia, China, and Iran. This focus is expected to intensify in a second term.

“We can anticipate more targeted efforts to counter foreign cyber aggression, possibly through both offensive and defensive strategies.”

Cohen encouraged the Trump administration to retain elements of the cybersecurity executive order and highlighted that this should not be misconstrued to imply that HackerOne supports Biden’s AI executive order.

While HackerOne encourages the new administration to enact provisions for that order, Cohen spoke about the political reality.

“We expect the Trump administration to freeze pending regulations on day one pending their review.”

Deregulation vs Regulation: Security On the Line

What goes and what stays? That is the question when it comes to the expected deregulation wave.

Richard Caralli, Senior Cybersecurity Advisor at Axio, a cyber security, risk management, and cyber readiness company, spoke to Techopedia about the issue.

“The incoming administration has been characterized as the most pro-business in recent history, signaling to corporate America that deregulation will be a key initiative to improve profits and capital expansion.”

However, Caralli warned that deregulation could negatively affect cybersecurity improvement in key critical infrastructure sectors if the incentives to improve incident response and disclosure are weakened.

Dr. Leila Powell, Head of Data at Panaseer, a cybersecurity company specializing in continuous monitoring, told Techopedia that in 2025 organizations will have to accurately measure and demonstrate their security posture.

“In effect, more and more organizations will start to feel the inescapable gravity of the increasing weight of regulations,” Powell said.

Powell said that increased regulatory oversight, an evolving threat landscape, and unpredictable economic headwinds would put cyber firmly under the microscope of business leaders, transforming the role of Chief Information Security Officers (CISOs).

Maxime Lamothe-Brassard, Founder and CEO at LimaCharlie, a public cloud for SecOps, also spoke to Techopedia about the issue.

“There’s a significant trend unfolding in the cybersecurity landscape: a shift from the ‘Wild West’ of unrestricted ecosystems to highly gated environments.”

Lamothe-Brassard said that the push towards more controlled and secure environments is becoming inevitable.

“The aim is to move away from the chaos of unregulated systems toward manageable, scalable cybersecurity practices.”

Will the CISA Agency Created By Trump in 2018 Lead?

Much speculation has been circulating about the roles of different federal cybersecurity agencies and which agency will likely lead and coordinate national strategies.

In 2018, during his first term, President Trump created — through the Cybersecurity and Infrastructure Security Agency Act — the CISA agency, which sits within the Department of Homeland Security (DHS).

CISA has always had a leading role in the national effort to understand, manage, and reduce risk to the cyber and physical infrastructure that Americans rely on every day.

But CISA also works in other areas, like emergency communications.

Cohen from HackerOne said:

“We expect the new Trump administration to refocus CISA on cyber protection and scale back or defund disinformation initiatives, but not to dismantle CISA.”

Philip Lieberman, CEO of Analog Informatics, a provider of software in healthcare cloud, also spoke about the issue with us.

“To put it bluntly, there has been no national cyber-security policy for the U.S., irrespective of the Biden administration’s creation of the position of the Director in the Office of the National Cyber Director, the White House,” Lieberman said.

Lieberman added that previous administrations have grafted add-ons, such as CISA, with the duty of developing coherent policies and guidance.

“Frankly, the decision on cybersecurity policy depends on how the President wants to use his political capital, as it is a critical national security problem, and he does have authority,” Lieberman said.

Lieberman added:

“There needs to be new marching orders for the State Department and Law Enforcement (FBI-DOJ-DHS), and breach management authority must be returned to the federal government.”

Lieberman also spoke about the need for President Trump to incorporate cybersecurity into the upcoming budget to provide tax incentives for investment and a safe harbor for those who make investments and deploy the technology.

“Currently, there is no appointment for the Director of the Office of the National Cyber Director at the White House. If the President appoints someone from the cybersecurity industry with hands-on experience, there is a chance that things will get better.”

Ethical Hackers and Vulnerability Programs in Trump’s America

As we explored previously, Trump inherits a ‘hacked America’, with foreign threat actors having targeted everything from healthcare to water, communications, and U.S. government departments such as the Treasury, the need for ethical hackers seems evident.

However, there are still questions about the role bug bounty programs and vulnerability programs will have as the U.S. moves forward.

Tim Mackey, Head of Software Supply Chain Risk Strategy at Black Duck, formerly Synopsys Software Integrity Group, an application security testing (AST) provider, spoke to Techopedia about vulnerability CVD programs.

“If you look at the global cybersecurity landscape, one core theme emerges — Coordinated Vulnerability Disclosure (CVD) programs.

“Bug bounties, hackathons, red-teaming, penetration testing, or any other automated testing technique is a necessary component of any CVD program.”

Cohen from HackerOne said that vulnerability programs will play a key role in the new administration.

“Coordinated vulnerability disclosure practices, including the implementation of Vulnerability Disclosure Policies and the use of bug bounties by federal agencies have been supported by both the Trump and Biden administrations.”

“These programs are well-established in federal agencies, and we predict they are likely to be expanded,” Cohen said. “These same tools will increasingly be applied to identify vulnerabilities with AI systems and software.”

The Bottom Line

As Lieberman from Analog Informatics told us, “the new President is a disrupter and is passionate about his America First policies”.

However, Lieberman also said that “no President — of either party — has wanted to touch the third rail of cybersecurity national policy.” We believe this pretty much sums up the challenges and work ahead.

Advertisements

Related Reading

Related Terms

Advertisements
Ray Fernandez
Senior Technology Journalist
Ray Fernandez
Senior Technology Journalist

Ray is an independent journalist with 15 years of experience, focusing on the intersection of technology with various aspects of life and society. He joined Techopedia in 2023 after publishing in numerous media, including Microsoft, TechRepublic, Moonlock, Hackermoon, VentureBeat, Entrepreneur, and ServerWatch. He holds a degree in Journalism from Oxford Distance Learning and two specializations from FUNIBER in Environmental Science and Oceanography. When Ray is not working, you can find him making music, playing sports, and traveling with his wife and three kids.