NEW YORK — The incoming Trump administration is being advised to train 100,000 hackers.
The new president should also make an effort to develop international norms for hacking, essentially drawing red lines to avoid cyber warfare or even armed conflict.
President Obama’s special Commission on Enhancing National Cybersecurity released its long-awaited report Friday night.
In it, the panel outlines a challenging to-do list that makes clear cybersecurity is a top national priority.
Computer hacking is now commonplace and more dangerous than ever.
To combat this growing threat, the Trump administration is being advised to take several steps.
Train 100,000 cybersecurity specialists by 2020
This is a huge number that some cybersecurity experts think is unrealistic. There’s currently a severe shortage of computer scientists who know how to hack — and to defend from hackers.
As a result, salaries are skyrocketing, making it even harder for the government to hire cybersecurity experts. In fact, lots of the talented hackers at the FBI and NSA are leaving for the private sector. It’s something FBI Director James Comey has voiced concern about.
Security specialists tell CNNMoney they’re worried that rushing to flood the job market would merely result in lower quality, less talented workers — not the elite cybersecurity experts the country needs.
Still, the Trump administration is being advised to create a “national cybersecurity workforce program” that would deliver lots of experts to businesses and government agencies across the country.
Develop international norms for hacking before it’s too late
Cybersecurity experts are particularly keen on this idea. Many have voiced concern that countries are breaking into each others’ computer systems recklessly, putting us at risk of situations that could lead to armed conflict.
“I’m greatly concerned that cyber conflict is the most escalatory kind of warfare we’ve come across,” said Jason Healey, a Columbia University scholar who’s working on a research paper on this topic.
Take a closer look at product liability when devices are hackable
Currently, we’re experiencing what cybersecurity expert Joshua Corman has called a “market failure.”
Lots of internet-connected devices have little or no security. But low-end device manufacturers currently have little incentive to spend the extra money to make products secure. And buyers aren’t paying attention.
That’s why one of the world’s leading computer security experts, Bruce Schneier, recently told Congress: “The market can’t fix this. The buyer and seller don’t care. Government has to get involved… What we need are some good regulations.”
If the government starts considering tech companies legally responsible for building hackable products, they might have more incentive to be more careful, experts say.
The Trump administration is being asked to have the issue examined by the Department of Justice, Department of Homeland Security and regulators at the Federal Trade Commission and Consumer Product Safety Commission.
Other recommendations
The Trump administration is also being advised to issue a “national cybersecurity strategy” in the first six months of his term, and appoint a new “cyber adviser” and “cyber ambassador.”
Most cybersecurity experts say the recommendations are mostly good.
“I think this would be a great start,” said Randy V. Sabett, a Washington lawyer who sat on the last commission that advised President Obama at the start of his presidency.
But some have noted that the panel didn’t point out the importance of encryption — encoding information so that it’s protected from criminals and spies.
Every incoming U.S. president gets series of recommendations from top cybersecurity experts. This time around, the commission included ex-NSA director Keith Alexander, MasterCard CEO Ajay Banga, plus other notable business executives, lawyers and academics.
