As concerns over data privacy, IT and network security continue to grow, a recent survey of information security professionals shows a growing demand for tighter security regulations. Unfortunately, these same professionals don’t think officials responsible for addressing growing vulnerabilities are up to the challenge.
As concerns over porous data privacy practices and increasingly sophisticated security vulnerability continue to grow, it is becoming increasingly clear to security experts that more aggressive laws and regulations are required. Unfortunately, according to a new survey, cybersecurity professionals don’t think their government entities in charge of creating and enforcing these new measures are up to the task.
Key security concerns
In August, one vendor at the annual Black Hat USA 2019 conference in Las Vegas, US, billed as ‘the world’s leading information security event,’ conducted a survey of nearly 400 attendees to find out how they felt about the state of security and privacy regulation. The company, Venafi, specialises in securing machine-to-machine communications for Global 5000 organisations and government agencies.
The survey revealed some important findings on the worsening state of security and privacy heading into 2020:
- 80% of respondents said that more security legislation is needed, especially for social media sites such as Facebook and Instagram that store personal data.
- A slightly higher percentage, 82%, said they don’t think their elected officials understand cybersecurity concerns well enough to develop effective security regulations.
- At the same time, 93% of security professionals do not trust social media companies to protect personally identifiable information.
While the Venafi survey drew from a mostly US-based panel, concern over whether the US government is up to the task of implementing and enforcing regulations has global implications. Most notably, the Donald Trump administration remains embroiled in a back-and-forth PR battle with Chinese telecoms equipment vendor Huawei over concerns about the possibility of putting “backdoors” into equipment that could enable the Chinese government to commit espionage on Western companies.
Huawei and cybersecurity
This concern has resulted in a number of countries, including the US, UK, France, Australia, New Zealand, and Japan issuing complete or partial bans on allowing operators and enterprises to deploy Huawei gear despite a distinct lack of evidence of any such activity by Huawei. However, despite the high-stakes implications for global trade, more often than not, the statements of many US government officials reflect a very tenuous grasp on the actual technical issues and a disproportionately greater focus on politics and the larger geopolitical context.
The solution to this challenge appears clear: Elected officials owe it to their constituents to become better educated on cybersecurity in order to develop meaningful legislation on security and privacy that can actually be enforced. However, considering that the average age of the US Senate currently stands at 63, that may be like asking an old dog to learn new tricks.