Trump National Security Roster Slim On Cybersecurity

This past election season featured hacks, leaks, and cyberattacks. NPR's Scott Simon talks with Susan Hennessey, a Brookings Institution fellow of National Security Law, about what cybersecurity policy could look like under a Trump presidency.

SCOTT SIMON, HOST:

Hack's, email leaks and cyberattacks all clouded this past election season. Concerns about this country's virtual vulnerability are high. What will cybersecurity look like under a Trump presidency? Susan Hennessy, a Brookings Institution fellow of national security law and managing editor of the Lawfare blog, joins us in our studios. Thanks so much for being with us.

SUSAN HENNESSY: Thanks for having me.

SIMON: Department of Homeland Security and the director of National Intelligence put out a statement a couple of months ago saying they were confident the Russian government interfered in the U.S. election. Should we talk about that anymore? Or now that the election's over, do we just say, well, that's, you know - no evidence of that. Let's go on.

HENNESSY: So I think it's incorrect that there's no evidence of that. It appears that there is a quite substantial amount of evidence, and so I don't think that we should move on. I think that we should have a candid and honest conversation about what occurred, why it occurred and what the potential implications are for the United States.

SIMON: As you look at the incoming Trump administration, what will you be looking for as to its platform and its efforts on cybersecurity?

HENNESSY: Well, so certainly President-elect Trump has issued a few statements on cybersecurity, including a campaign platform. Those are pretty thin on details. And some of his statements - it's been difficult to understand whether or not he - how literally to take those particular recommendations. Of his national security hires that have been announced at this point, none are known for having particularly strong cybersecurity backgrounds. So as we see more and more people coming into the administration, we might be able to start getting a sense of what exactly this administration's cybersecurity policy might look like.

SIMON: Surely when you become the administration, you have a vested interest in national cybersecurity that maybe you lacked before, don't you?

HENNESSY: Absolutely. I think while many of his statements during the campaign did not necessarily evince well-developed policy thoughts - he's going to have to come up with more specific ideas. One thing that Donald Trump might run up against is the existence of current laws. So, for example, he's indicated a number of times that he intends to transfer a lot of the cybersecurity mission to the Department of Defense to come up with a plan for defending critical infrastructure. And there are potentially rather serious consequences to sort of the militarization of civilian cyber defense. I think that they might find themselves coming up against an existing framework that doesn't necessarily square with the broad instinct towards wanting to turn towards the military to solve this problem.

SIMON: I thought the Obama administration was pretty clear in saying, after they asserted that Russian attempts to meddle in the elections had been ongoing, that the United States was going to reply in kind. Can we assume those efforts are going on now?

HENNESSY: It's not clear what efforts the current administration will undertake to respond to Russian interference. One of the - sort of the most vexing issues has been this question of cyber deterrence. Because of the particular features of cyberspace, that challenges a lot of our traditional deterrence models which really were based on sort of a nuclear model of threatening very strong retaliatory action in order to deter unwanted conduct.

Because cybersecurity challenges that, we've seen the Obama administration attempt to be rather creative in how they might respond. They've talked about being willing to respond either in cyberspace or in other domains, but those responses might be secret - and also that some would be visible. So we've seen seen Obama - the Obama administration used sanctions, indictments, sort of this name-and-shame response to try and hold other nations responsible. Because they have in the past relied on these secret - that they will respond at the time and place of their choosing, and it might not be known, it makes it incredibly difficult to know whether there has been a response, what that response looks like and whether or not it's been effective?

SIMON: Susan Hennessy of the Brookings Institution and the Lawfare blog, thanks very much for being with us.

HENNESSY: Thanks for having me.

Copyright © 2016 NPR. All rights reserved. Visit our website terms of use and permissions pages at www.npr.org for further information.

NPR transcripts are created on a rush deadline by Verb8tm, Inc., an NPR contractor, and produced using a proprietary transcription process developed with NPR. This text may not be in its final form and may be updated or revised in the future. Accuracy and availability may vary. The authoritative record of NPR’s programming is the audio record.