Politicians Don’t Understand Cybersecurity, Say 82% of IT Security Professionals

Legislators need to impose stricter cybersecurity laws as cyber-attacks continue to increase. However, the vast majority of cybersecurity professionals attending this year’s Black Hat conference in Las Vegas agreed that elected officials aren’t capable of crafting effective security regulation.

While 80 percent of security professionals agree that more security and privacy legislation is needed, especially for social media organisations that store personal data, they don’t believe elected officials understand cyber risks well enough to develop and enact effective security regulation, according to a survey conducted by Venafi at Black Hat USA 2019.

Specifically, 93 percent of IT security professionals do not trust social media organizations to protect their personally identifiable information, 82 percent do not trust the government to protect their personally identifiable information, and 80 percent say government officials don’t understand the cyber risks to digital infrastructures, whether state-run or in the private sector.

“There’s a global wave of legislators, regulators and law enforcement officials proposing controversial surveillance laws such as government mandated encryption backdoors,” said Kevin Bocek, vice president of security strategy and threat intelligence at Venafi. “However, security professionals lack confidence in politicians’ abilities to improve cybersecurity given the unabated flood of government breaches in the U.S. and around the world.”

Bocek maintains that, while new legislation is indeed necessary, elected officials need to learn more about cybersecurity.

“The results of our survey send a clear message that governments must improve their cybersecurity fluency in order to make a meaningful impact and help our frontline defenders protect the global economy, freedoms and privacy,” he said.

A recent IBM study in the wake of increasing ransomware attacks against cities reveals a divide between taxpayers’ expectations and public officials’ resources, creating a challenge for local and state governments combating the threat of ransomware. Taxpayers see ransomware as a threat to their personal data and their city's data, and 60% of U.S. citizens surveyed are against their local governments using tax dollars to pay ransoms.