Active Defense & Deception , Critical Infrastructure Security , Cyberwarfare / Nation-State Attacks

What a Joe Biden Presidency Means for Cybersecurity

Analysis: Expect a Renewal of Some Obama-Era Approaches and Coordination Levels
What a Joe Biden Presidency Means for Cybersecurity
President-elect Joe Biden (Photo: Michael Stokes via Wikimedia/CC)

President-elect Joe Biden's approach to cybersecurity appears likely to mirror that of his old boss, former President Barack Obama. Expect Biden's White House to increase pressure on Russia, practice greater involvement in cybersecurity and foster high levels of coordination around all things cyber.

See Also: 2024 Threat Hunting Report: Insights to Outsmart Modern Adversaries

The integrity of voting was of primary concern in the weeks leading up to the election, but cybersecurity was hardly mentioned on the campaign trail. Instead, the COVID-19 pandemic, a devastated economy and tense race relations took center stage.

The new administration has already signaled what some of its top priorities will be - including healthcare, the economy, racial equality and the climate crisis.

Biden's administration will also have to handle looming cybersecurity challenges and manage aggressive adversaries. The Democratic Party's 2020 platform, approved in August, calls for the Biden administration to "maintain American capabilities that can deter cyber threats," as well as to work with other countries and the private sector "to protect individuals’ data and defend critical infrastructure, including the global financial system."

Biden has prior experience with confronting Russia diplomatically over its online attack activity. Also expect his Justice Department to continue to exert pressure on China to deter its cyberespionage activities.

Cybersecurity Policy Coordination

Another likely move for the new Biden administration will be to restore some of the organizational cybersecurity structures that Trump's administration excised, says James Lewis, senior vice president and director of the Strategic Technologies Program at the Center for Strategic and International Studies.

Lewis says that could include giving the White House a bigger role in coordinating cybersecurity policy and reining in agencies such as U.S. Cyber Command, which he says has encroached on the U.S. Department of Homeland Security's turf.

The administration could also reverse some cybersecurity moves made by the Trump administration. In May 2018, the White House eliminated the top cybersecurity coordinator role, which was held by Rob Joyce, who has since returned to the National Security Agency to serve as senior adviser for cybersecurity strategy to the agency's director.

The elimination of Joyce's role in 2018 puzzled many experts, given the importance of cybersecurity and the challenge it continues to pose. The move came just 16 months after the FBI, CIA, NSA and Director of National Intelligence concluded Russian President Vladimir Putin personally ordered an extensive cyber interference campaign before the 2016 election (see: White House Axes Top Cybersecurity Job).

Cyber Operations

The importance of cybersecurity has continued to escalate since Biden last served in a government role - as Obama's vice president from 2008 to 2016 - and so have U.S. capabilities.

So far, it's unclear what Biden's approach to offensive cyber operations might be. In August 2018, Trump signed a controversial executive order that revoked a set of Obama-era guidelines for offensive cyber operations. By doing so, Trump intended to make it easier for U.S agencies to launch online attacks or disruptions targeting other countries (see: Trump Pulls Gloves Off on Offensive Cyber Actions). Reportedly, Gen. Paul Nakasone, who leads both U.S. Cyber Command and the NSA, has dramatically increased the pace of attacks as part of a strategy of “persistent engagement,” “defending forward” and “hunting forward,” Wired recently reported.

While national security experts say the U.S. needs offensive cyber tools, some questioned whether relaxing the rules of engagement might lead to an escalation in conflicts with Russia. But another point of view was that a failure to fully engage adversaries in that arena had already led to an escalation - at the expense of the U.S.

Hard Line on Russia

Biden has indicated he will keep pressure on Russia, particularly regarding any attempt to interfere in U.S. political processes, including, of course, elections.

On July 20, Biden said that, if elected, he would "make full use of my executive authority to impose substantial and lasting costs on state perpetrators."

Biden added: "If elected president, I will treat foreign interference in our election as an adversarial act that significantly affects the relationship between the United States and the interfering nation's government."

The Biden team had also signaled its awareness of the increasing importance of cybersecurity - not least for securing modern U.S. election campaigns - via multiple hires. After the departure of the campaign's CTO, Dan Woods, for example, the campaign split his role in two. Michigan state CISO Chris DeRusha was hired in July to serve in a new CISO role, including protecting the integrity of the campaign's networks and data. DeRusha previously managed automotive giant Ford's enterprise vulnerability management and application security programs, and he served as Obama's White House senior cybersecurity adviser from 2015 to 2017.

Also in July, the campaign hired as CTO Jackie Chang, a senior technologist at Schmidt Futures - a philanthropic firm run by former Google executive Eric Schmidt. She'd previously worked as a software engineer for Hillary Clinton’s 2016 campaign and on the Democratic National Committee software team during the 2018 midterm election.

Confronting Moscow

Biden is also no stranger to confronting Russia on cyber issues. When it became clear Russia was mounting an interference campaign prior to the 2016 presidential election, Biden - then vice president - vowed the U.S. would use its cyber capabilities to send Russian President Vladimir Putin a "message."

"He'll know it," Biden told NBC's "Meet the Press" in October 2016. "And it will be at the time of our choosing. And under the circumstances that have the greatest impact."

Trump refused to consistently acknowledge Russia's efforts to influence the 2016 election. A subsequent special counsel investigation led by Robert Mueller resulted in indictments against Russian nationals for participating in interference but produced no evidence showing that Trump or his team directly assisted Russia with its alleged crimes (see: Mueller's Investigation Finds No Trump-Russia Conspiracy).

Tackling China

How might Biden craft his China policy?

"I don't see changes in the approach to China," CSIS's Lewis says. "Less ad hoc, but the same general direction."

On the cyber front, the U.S. government seems to have had a steady hand in recent years with its approach to China. During the Trump administration, the Department of Justice continued to take cyberespionage and data theft cases to grand juries, often resulting in indictments against members of China's military (see: 4 in Chinese Army Charged With Breaching Equifax).

The chance of a member of the Chinese military ever appearing in a U.S. courtroom remains slim. But officials say the indictments send a message to China and Russia - in short: "back off" - while also demonstrating the digital forensic prowess of the U.S. intelligence apparatus (see: Analysis: The Significance of Russian Hackers' Indictment).

Praise for CISA

One widely lauded cybersecurity move during Trump's term was the creation of the Cybersecurity and Infrastructure Security Agency, which is part of the Department of Homeland Security.

In November 2018, Trump signed a law creating CISA, which is tasked with securing government computer networks and critical infrastructure and serving as an early warning system for the private sector over emerging threats such as ransomware and nation-state attacks.

CISA is led by Christopher Krebs, who has proved he has a steady hand on the tiller as election-related cyberactivity from Iran and Russia rose in the weeks leading up to Election Day. Krebs sought to get in front of misinformation about the election results, assuring the public that the integrity of voting had not been compromised (see: Election Security: A Progress Report From CISA's Krebs).

Krebs is a political appointee, which means he could be replaced by the incoming Biden administration. But as Robert M. Lee, CEO of industrial IoT security company Dragos, points out in a Sunday tweet, Krebs' nonpartisan approach to CISA would make him a good person to retain.

Because this much is already clear for the incoming Biden administration: The job of cybersecurity isn't going to get any easier.

Executive Editor Mathew Schwartz contributed to this story.


About the Author

Jeremy Kirk

Jeremy Kirk

Executive Editor, Security and Technology, ISMG

Kirk was executive editor for security and technology for Information Security Media Group. Reporting from Sydney, Australia, he created "The Ransomware Files" podcast, which tells the harrowing stories of IT pros who have fought back against ransomware.




Around the Network

Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing govinfosecurity.com, you agree to our use of cookies.