Republicanpresidential nominee Donald Trump rolled out a national cybersecurity strategythat would in part direct the U.S. Department of Justice to form a joint taskforce to "crush" cyber crime.
He alsotook aim at Democratic nominee Hillary Clinton over her handling of emails anduse of a private email server while secretary of state, saying she is"totally unfit" with regard to internet security.
"HillaryClinton's only experience in cybersecurity involves her criminal scheme toviolate federal law, engineering a massive cover-up and putting the entirenation in harm's way," Trump said at an Oct. 3 event hosted by the RetiredAmerican Warriors PAC.
TheGOP hopeful said improving cybersecurity would be "an immediate and toppriority for my administration" and that he would conduct a "thoroughreview" of U.S. cyber strengths and weaknesses, with the country'ssensitive information facing "constant attacks" from foreign governmentssuch as China, North Korea and Russia, as well as individuals and organizedcriminals. He gave examples of major security breaches, including the theft of73 million emails from JPMorganChase & Co., 150 million passwords from and 40 million credit cardnumbers from Target Corp.
Despitethose threats, Trump said the Obama administration has "failed" oncybersecurity, including by not having strong enough counterattack capabilities.
"Thisis the warfare of the future," the celebrity businessman said."America's dominance in this arena must be unquestioned and today it'stotally questioned."
Heproposed having the DOJ form a joint nationwide task force with federal, stateand local law enforcement authorities, as well as international authorities, toaddress cyber threats and attacks. He said the task force should be similar toone that the DOJ formed with the FBI and other law enforcement agencies toaddress U.S. mafia activity.
Trumpalso said he would bolster the military's cyber offense and defensecapabilities and ask the secretary of defense and Joint Chiefs of Staff topresent recommendations for "strengthening and augmenting our cybercommand." To deter attacks, he said the U.S. must be able to launch"crippling cyber counterattacks" and be able to"incapacitate" responsible nonstate actors.
Heproposed forming a team of the "best" military, civilian andprivate-sector experts to review cyber systems and technologies. Trump alsopromised better identity protection and security training for governmentemployees and to stay current on new types of technology and threat risks.Those who violate government data classification rules will be "held responsibleto the fullest extent of the law," he said.
Trumplastly vowed to appoint an attorney general who will "reform theDepartment of Justice like it was necessary after Watergate," a direct hitat the response to Clinton's handling and deletion of emails.
Onher campaign website, Clinton's cyber platform includes"promoting cyber security at home and abroad" and holding China accountablefor cyberattacks against the U.S.Clinton said she wouldincrease the security of U.S. government networks, prioritize enforcement of"well-known" cybersecurity standards, such as multi-factorauthentication, and encourage government agencies to consider "innovativetools" to persuade hackers to disclose government cyber vulnerabilities.She also promised to bolster the government's ability to test its own defenses.
Interms of private-sector efforts, Clinton said she will support expandedinvestment in cybersecurity technologies, including public-privatecollaboration on innovation, "responsible information sharing" oncyber threats, and adoption of best practices.
BrianHarrell, director of security and risk management for consulting firmNavigant's energy team, said Trump "rightly recognizes" the internalthreat of employees with insider knowledge who could inflict damage to cybersystems and critical assets. Given Trump's stance on open markets and lessregulation, Harrell said one could assume he would not introduce newcybersecurity standards through executive order. That approach could bewelcomed by the electric power industry, which has faced frequently changingcybersecurity standards from the North American Electric Reliability Corp.,Harrell said.
"The[electric power] industry could likely benefit from some maturation andsteadiness with respect to industry cybersecurity standards," he said.
Harrellwas more critical of Clinton. "She lost all credibility when she had anunsecured email server in [her] basement, potentially exposing the UnitedStates to national security breaches," Harrell said. "Herlackadaisical attitude to sharing sensitive information should cause pause forconcern."
TheObama administration has sought to boost spending on cybersecurity, create afederal chief information security officer, and modernize government IT througha $3.1 billion fund as part of its Cybersecurity National Action Plan, aninitiative Clinton has said she would build upon if elected. The administrationalso recently released a response plan for major cyber incidents that would involvecoordination between government and private entities and rapid threatinformation-sharing among federal agencies.