How can the US prepare for these 2020 predictions?
Predicting everything that will happen in 2020 is an impossible task, however, the foundation has been laid for two security events to occur. First, all signs point towards the enactment of a federal data privacy law. The fact that the California Consumer Privacy Act (CCPA) is slated to be enacted on January 1, 2020; shows that the US is starting to take a more steadfast approach to consumer privacy. However, if every state were to enact their own laws, then organizations that operate within the US would have to navigate through 50 different mandates. One unified, federal regulation would make it far more seamless for businesses to continue operations, all while remaining compliant.
Second, it is likely that we will see foreign meddling occur in the 2020 US presidential election. This occurred in 2016, and there have already been reports of foreign entities attempting to interfere with US government agencies. In fact, the state of Ohio recently thwarted an attack from a Russian-backed organization on its voting systems. Let’s dive more into these predictions below.
In 2020, we will see a US federal data privacy law be drafted and considered.
This is needed to avoid a patchwork of differing data privacy laws from each state, to facilitate more nationwide business, and to enable international commerce -- facing numerous regulations can be a barrier that keeps foreign businesses from entering a market. Complying with data privacy laws can be a top challenge, particularly for small and medium-sized businesses that lack the same resources as larger companies that are better equipped to navigate all of the regulations with which they are faced. Some of the largest tech firms in the US as well as a group of 51 CEOs have already asked US lawmakers for a federal privacy law.
Foreign meddling will occur in the 2020 presidential election.
The Mueller Report found that Russians have and will continue to interfere in US elections (which is backed by the Senate Intelligence Committee’s findings), while Twitter has already shut down thousands of Iranian-backed disinformation accounts. It has also been proven that voting machines contain security flaws from decades ago, but that we’ve run out of time to find and correct the bugs in these machines before the 2020 election. Due to foreign interference, the hacking of voter registration databases, and the exploitation of flaws in voting machines, there will be even more controversy and concern over the integrity of the 2020 election than there was in 2016. However, this widespread concern should serve as a catalyst for change moving forward – even if it’s too late to make these changes for 2020. There is simply too much at stake to neglect these issues indefinitely.
What should businesses be doing to prepare?
Regardless of whether the idea of a federally regulated data privacy law is introduced this year, compliance is only a small fraction of the battle against threat actors. The truth is that compliance does not guarantee security, and organizations must have proactive and flexible controls in place that adapt to the latest threat tactics, techniques, and procedures (TTPs). Also, voters, legislators, and tech providers will need to align on a strategy to ensure greater cybersecurity throughout the election process, which will also augment the integrity of the US’s democratic system.
Anurag Kahol is CTO and co-founder, Bitglass. Before joining the company, he was director of engineering in Juniper Networks’ Security Business Unit. He received a global education, earning an M.S. in computer science from Colorado State University and a B.S. in computer science from the Motilal Nehru National Institute of Technology.