As weak data privacy practices and security vulnerability remains a concern, security experts are beginning to see the need for more aggressive laws and regulations. However, a new survey indicates that cybersecurity professionals do not believe that the government entities who are in charge of creating and enforcing these new measures are capable of doing so.
Key security concerns
In August 2019, a vendor at the annual Black Hat USA conference conducted a survey of almost 400 attendees to find out how they felt about current security and privacy regulations. The company, Venafi, specialises in securing machine-to-machine communications for Global 5000 organisations and government agencies.
Findings from the survey revealed plenty on the worsening state of security and privacy as we make our way int 2020. 80 per cent of respondents said that more security legislation is required, particularly for social media platforms such as Facebook. 82 per cent do not believe their elected officials understand cybersecurity concerns enough to plan and develop effective security regulations. Finally, 93 per cent of security professionals do not trust social media companies to protect personally identifiable information.
Despite the fact that the survey came from a mostly US-based panel, there are global implications surrounding the question of whether the Us government can implement and enforce regulations. The Donald Trump administration is a particular example. They are currently in an ongoing PR battle with Huawei over the concerns about how the Chinese government could commit espionage on Western companies by putting “backdoors” into equipment.
Huawei and cybersecurity
As a result of these concerns, countries including the UK, France and Australia are issuing either complete or partial bans on allowing operators and enterprises to use Huawei gear. This is despite the lack of evidence of any such activity by Huawei. However, despite the high-stakes implications for global trade, many of the statements by government officials demonstrate the lack of understanding of the technical issues and focus more on politics and the larger geopolitical context.
If elected officials were to better educate themselves on cybersecurity, they could develop meaningful legislation that can be enforced. However, this may be a difficult achievement to reach, given that the average age of the US Senate currently stands at 63.
Join us for ESRM 2019
Join us for our Enterprise Security & Risk Management on 27th November. Listen as we discuss how we live in a world which is continuously changing at a rate not previously seen under any historical period. Managing risk, preparing for disaster, imagining previously unseen contexts and measuring your risk appetite are all a part of an enterprise’s duty as a global actor.
The key to remember is that action conquers fear, the fear of failure, the fear of the unknown in security and risk. Safety, security, risk and seizing opportunities are everyone’s responsibility.