Bloomberg Law: Privacy & Data Security brings you single-source access to the expertise of Bloomberg Law’s privacy and data security editorial team, contributing practitioners,...
By Jimmy H. Koo
Oct. 5 — Sen. Tim Kaine (D-Va.) and Gov. Mike Pence (R-Ind.) butted heads on cybersecurity for national security and immigration enforcement during the 2016 U.S. vice presidential debate.
Given the increasing frequency of cybersecurity attacks, such as the hacking of at least 500 million Yahoo! Inc. accounts (15 PVLR 1881, 9/26/16), cybersecurity will be an important issue that the next administration must address. Although Kaine and Pence's cybersecurity platforms may lack in detail, their cybersecurity-related records in their home states may provide insight into their priorities and policy stances on the issue.
Privacy and security professionals previously told Bloomberg BNA that cybersecurity likely won't be the centerpiece of presidential campaigns, but the topic underlies many of the issues that the candidates will discuss until the Nov. 8 election, including national and economic security (15 PVLR 1476, 7/18/16).
During the first presidential debate, nominees Hillary Clinton (D) and Donald J. Trump (R) similarly framed their cybersecurity platforms around national security threats, discussing the biggest threats to U.S. information technology infrastructure and whether a specific country—Russia, China and Iran—is responsible for state-sponsored hacking attacks (15 PVLR 1941, 10/3/16).
Kaine and Pence paralleled their running mates' focus on the need to battle cybersecurity threats as a national security issue, but focused on the need for private sector cooperation in the effort—something both have been exposed to at the state level.
During the vice presidential nominees' discussion of vetting refugees and immigration enforcement, moderator Elaine Quijano asked how an “intelligence surge” would help tackle terrorist threats. She was referring to Clinton's suggestions for an intelligence surge, following the July terrorist attacks in Nice, France.
According to Kaine, an intelligence surge requires expanding the government's capacities by “striking great partnerships” with cybersecurity and intelligence professionals in the private sector and “creating stronger alliances” to foster intelligence sharing.
Pence offered similar views, noting that consolidation of resources is necessary to fight cybersecurity threats.
“We have got to bring together the best resources of this country to understand that cyber warfare is the new warfare of the asymmetrical enemies that we face in this country,” Pence said.
Without specifically referring to the program, both vice presidential candidates echoed President Barack Obama's cybersecurity information sharing initiative, the Cybersecurity Information Sharing Act (CISA), which was passed as part of a consolidated spending package in 2015 (15 PVLR 376, 2/22/16). CISA provides protections to companies who share a cybersecurity “threat indicator or defensive measure” with the government. Under CISA, private entities that “promptly” share their data with the government are granted immunity from any public or private cause of action (15 PVLR 1273, 6/20/16).
The Indiana governor mentioned Clinton's use of unsecured e-mail servers during her tenure as the secretary of state. “We could put cybersecurity first if we just make sure the next secretary of state doesn't have a private server,” Pence said.
Kaine's call for increased partnerships with the private sector reflects his experiences in Virginia's state government. Kaine has held a variety of positions in Virginia—including governor, mayor and city council representative—and brings years of experience interacting with the state's robust technology and cybersecurity industries.
Kaine has a “long record working on cybersecurity as many key federal agencies that focus on cyber policy are housed in Virginia,” a Kaine campaign representative told Bloomberg BNA.
According to a recent study by the Computing Technology Industry Association (CompTIA), there are 284,681 people in Virginia employed in the tech industry sector, making it the state with the sixth largest tech industry in the U.S.
The CompTIA study defined “technology industry” to include companies that produce technology products and services but not companies that utilize technology products and services. The study also found that 9.5 percent of Virginia's workforce was in the tech industry, putting it in second place to Massachusetts at 9.8 percent in the concentration of tech workers among U.S. states.
To ensure a coherent strategy across federal agencies, a Clinton-Kaine administration would build on the Obama Administration’s Cybersecurity National Action Plan (15 PVLR 317, 2/15/16), “especially the empowerment of a federal Chief Information Security Officer, the modernization of federal IT, and upgrades to government-wide cybersecurity,” the Kaine campaign representative said. The administration also would support efforts to strengthen cybersecurity, “both for government networks and for the private sector,” the campaign representative said.
Pence hails from a state with smaller tech and cybersecurity industry than Virginia—in the CompTIA study, Indiana was ranked as the state with the 23rd largest tech industry in the U.S., employing 82,196 Indianans.
However, as the governor of Indiana, Pence has prioritized capitalizing on the apparent growth in the tech, information technology and cybersecurity industries in the state.
In April, Pence announced the creation of the Indiana State Executive Council on Cybersecurity—a public-private partnership in charge of enhancing the state's ability to address cybersecurity threats and issues. Pence said that the council will “bring together state government, federal agencies and the private sector to enhance cybersecurity statewide.”
Through an executive order pertaining to the Cybersecurity Council, Pence has required all agencies in his administration to “cooperate in cybersecurity planning, response, mitigation and recovery,” Kara Brooks, spokeswoman for the Office of Governor Pence, told Bloomberg BNA.
The creation of the cybersecurity council follows a 2015 public-private partnership called the Indiana Sharing and Analysis Center. According to the state website, the partnership was “the nation's first government academic and private collaborative cybersecurity effort with the goal of statewide information sharing.”
To contact the reporter on this story: Jimmy H. Koo in Washington at firstname.lastname@example.org
Copyright © 2016 The Bureau of National Affairs, Inc. All Rights Reserved.
All Bloomberg BNA treatises are available on standing order, which ensures you will always receive the most current edition of the book or supplement of the title you have ordered from Bloomberg BNA’s book division. As soon as a new supplement or edition is published (usually annually) for a title you’ve previously purchased and requested to be placed on standing order, we’ll ship it to you to review for 30 days without any obligation. During this period, you can either (a) honor the invoice and receive a 5% discount (in addition to any other discounts you may qualify for) off the then-current price of the update, plus shipping and handling or (b) return the book(s), in which case, your invoice will be cancelled upon receipt of the book(s). Call us for a prepaid UPS label for your return. It’s as simple and easy as that. Most importantly, standing orders mean you will never have to worry about the timeliness of the information you’re relying on. And, you may discontinue standing orders at any time by contacting us at 1.800.960.1220 or by sending an email to email@example.com.
Put me on standing order at a 5% discount off list price of all future updates, in addition to any other discounts I may quality for. (Returnable within 30 days.)
Notify me when updates are available (No standing order will be created).
This Bloomberg BNA report is available on standing order, which ensures you will all receive the latest edition. This report is updated annually and we will send you the latest edition once it has been published. By signing up for standing order you will never have to worry about the timeliness of the information you need. And, you may discontinue standing orders at any time by contacting us at 1.800.372.1033, option 5, or by sending us an email to firstname.lastname@example.org.
Put me on standing order
Notify me when new releases are available (no standing order will be created)