How Rudy Giuliani will advise Trump on cybersecurity
Rudy Giuliani, who will be cybersecurity adviser to the incoming president, says Americans are going to hear a lot more from Donald Trump on digital threats against the country.
鈥淗e鈥檚 going to elevate this to a very large priority for the government 鈥 and I think by doing this, he鈥檚 trying to elevate this as a priority for the private sector,鈥 says Mr. Giuliani, the former New York City mayor, in an interview just after the Trump team announced his new role.
Giuliani says Trump听will use his 鈥渂ully pulpit鈥 as president, launching听a broad public campaign to 鈥渆ducate people on how important [cybersecurity] is, even to the point of their own personal protection.鈥
Trump has pledged to improve the country鈥檚 digital defenses, but his to questions on the campaign trail about how he鈥檇 respond to cybersecurity challenges and Russian hacking were widely panned by cybersecurity experts. As the president-elect is听 averse to using personal email or computers, he鈥檒l likely need advice on this highly technical field.
So Giuliani, who now serves as chairman of the global cybersecurity practice at Greenberg Traurig law firm and as chief executive officer of international security consulting firm Giuliani Partners, says he鈥檚 working to create an outside council of business and technical leaders to provide unfiltered information to Trump and his team about threats to American industry.
The group will comprise experts working on cutting-edge cybersecurity solutions, and business leaders across industries that have been regular targets of hackers, such as the energy, financial, and transportation sectors, Giuliani says.
鈥淭he private sector is spending a lot of time and money trying to protect itself against these intrusions. If everybody who is working on this would get together, sit in one room and share information with each other, I don鈥檛 know if we鈥檇 solve this problem, but we鈥檇 get really close to solving it,鈥 he says.
Giuliani says he鈥檚 already inundated with responses from the private sector since the announcement from the Trump transition team on Thursday and is looking forward to a 鈥渨eek off鈥 during inauguration to sort through them.
However, with just days before Trump takes office, tensions between the cybersecurity community and the incoming administration remain. Trump has repeatedly denounced US intelligence officials鈥 findings that Russia orchestrated cyberattacks against political organizations to influence the election, until conceding this week he accepts the intelligence conclusions during his first major press conference as the president-elect.
Some conflicts between the security community and the government predate Trump, too. The tech community went head-to-head with the Obama administration over end-to-end encryption, arguing that strong security protections are needed to protect users鈥 personal data from hackers, as law enforcement complained encryption made it much harder to investigate terrorists and criminals.
The standoff, left unresolved during the Obama administration, is likely to continue in the Trump years. During the campaign, Trump took a strong antiencryption stance, going so far as to of Apple when it pledged to fight a court's ruling to help the FBI unlock the iPhone used by the shooter in the San Bernardino terror attack, a move that worried many security and privacy experts.
Giuliani does not believe Trump鈥檚 statements on encryption or the intelligence community will prove to be obstacles in gaining the cooperation of the private sector, and promised to hear from all stakeholders鈥 points of view.
鈥淚f we were to do encryption, we would try to bring in all the stockholders 鈥 the [tech] companies, and I think you鈥檇 have to bring in some of the law enforcement people, have them talk it out and see if there isn鈥檛 a solution that can be reached,鈥 he says. 鈥淓ncryption is a method of providing privacy. It can also be a method that can be used in order to commit crimes the government is unable to uncover. You鈥檝e got two very conflicting things going on and I honestly don鈥檛 know the solution nor am I going to give them [the administration] a solution 鈥 that鈥檚 not my job. What I鈥檓 going to do is make available to them all the points of view so they can come to the right decision.鈥
鈥淚鈥檒l try to be as unbiased as possible,鈥 he adds.
Drawing upon a rotating array of experts providing raw information, rather than specific recommendations, appears to be a different tactic than the most recent effort by President Obama to gather input from the private sector. Obama鈥檚 Commission on Enhancing National Cybersecurity was made up of a dozen business, tech and academic leaders who outlined specific priorities for the next decade.
, released last month, recommended that the incoming administration begin to implement new measures, including to establish lasting public-private partnerships, develop international norms for cybersecurity and a new Cybersecurity Ambassador position, and initiate a national program to train 100,000 cybersecurity specialists by 2020.
However, Passcode鈥檚 own pool of 160 digital security and privacy experts, in a post-election survey, have already voiced skepticism that cybersecurity will improve in a Trump administration, especially in light of his past comments on encryption, Russian hacking, and the president-elect's admitted听personal lack of tech know-how.
What鈥檚 more, security experts on Thursday, the day the Trump transition team announced Giuliani鈥檚 new role, found the website of his security company 鈥 听giulianisecurity.com 鈥 鈥渨oefully lacking鈥 in digital protection.
鈥淵ou don't need to bring the world's greatest computer minds together in the same room to know that it's a good idea to keep your web server software properly patched,鈥 . 鈥淣one of us should feel too smug, of course鈥. But these are the kind of issues that any self-respecting IT guy would have found in a short period of time, and certainly should have been addressed before someone is named as leading the United States's fight against hackers.鈥
That said, some experts now say Giuliani, a public figure known for his bold and often controversial comments, could serve as an effective advocate for cybersecurity in his new role 鈥 if the new administration can approach the issues with an eye to their complexities and subtleties. 听
鈥淕iuliani has a reputation for being able to cut through bureaucracy, which is good,鈥 says Herb Lin, a senior research scholar for cyber policy and security at Stanford University, who was also on the commission tasked by Obama to improve cybersecurity.听鈥淎nd on the other hand, he has often has a tendency to shoot from the hip. He鈥檚 not particularly sensitive to nuance. Overlooking nuance is a problem that many cybersecurity experts have frowned on in the past.鈥
What鈥檚 more, experts say, Giuliani鈥檚 business ties have granted him an in with the tech and cyber communities, which could have him poised to recruit some of the industries鈥 top talents. For his part, Giuliani has built connections to the cybersecurity field for , with his firm partnering with accounting giant Ernst & Young听in an effort to raise awareness of corporate cyberthreats in 2003. At Greenberg Traurig, he chairs the cyber law practice.
鈥淗e鈥檚 got a very strong brand out there,鈥 says J.J. Thompson, founder of the cybersecurity firm Rook Security, which worked with the Republican National Committee. 鈥淓specially when it comes to dealing with the largest security challenges the country has had to face. He鈥檒l be in a strong position to bring leaders to the table.鈥
And while Trump鈥檚 initial comments have raised concerns for some experts, others say there are reasons to be hopeful about the state of cybersecurity under his leadership. He鈥檚 called for amping up US cybersecurity efforts, and for rather than relying on digital means for all communication, a suggestion that a number of experts in the field applaud.
A new president means new opportunities, Mr. Thompson says. 鈥淭he [cybersecurity] community听is in a position where they can help directly improve the country鈥檚 cybersecurity posture,鈥 he says. 鈥淎nybody who鈥檚 not willing to contribute to that isn鈥檛 answering the call for duty.鈥
