As President-elect Donald Trump moves through the next two months building a new administration, his approach towards the nation’s cybersecurity remains something of a mystery. His past statements on the subject during the campaign were vague. But two separate events on opposite coasts last week offered plenty of speculation about what Trump might do and included advice for the next President, especially since Trump could be influenced by a high-level commission report that will be issued soon.

Experts want government to improve security and share information

Early last week, the Coalition for Cybersecurity Policy & Law hosted a session in San Francisco that brought together government officials, academics, and security professionals to exchange ideas. The gathering included Raj Shah, a managing director for DIUx (the Pentagon’s Silicon Valley outreach program), who challenged the new government to make the nation’s cybersecurity defense a top priority. “The next administration needs to up its technology game,” said Shah.

A number of speakers in San Francisco expressed concern that past government actions on cybersecurity may continue to be met with skepticism by major tech companies.

This is because there is a growing belief that the U.S. has been failing to disclose or “hoarding” known device vulnerabilities in the interest of secretly monitoring terrorist threats. “The trust gap is only going to get significantly worse under a Trump administration,” said Kevin Bankston of the Open Technology Institute.

Last Friday, at a Washington DC gathering organized by The Chertoff Group, participants also assessed how the new administration may prioritize digital security in the months ahead. Michael Chertoff (the Group’s co-founder and former head of Homeland Security), recalled how he ran an exercise in crisis handling for the new Obama administration in 2009 and hoped that the same process will be followed this time.

“Every transition involves tension,” said Chertoff. “We worked very hard to educate them.”

Presidential commission to issue report

The new Trump administration will be greeted by a major report on cybersecurity that is due to be delivered to President Obama on December 1st. The Commission on Enhancing National Cybersecurity will make short and long-term recommendations on strengthening digital security for both the public and private sectors.

The commission’s executive director – Kiersten Todt – appeared at the Chertoff conference and, while reluctant to divulge what the recommendations will include, she did indicate that the report will contain “big ideas” for consideration by a Trump-led government.

“We hope to create actual solutions for the next administration that can be acted upon quickly,” said Todt.

However, the complicated process of adding 4,000 new public sector employees which occurs during a government turnover could also create problems. Darran Rolls, the CIO for SailPoint, pointed out during the DC event that the influx of a large number of new people could open critical government systems to data breaches if not done correctly. “It’s important to on-board these new government employees properly or else there will be more attack points,” Rolls pointed out.

Several attendees at both events expressed guarded optimism that Trump’s selection of Michael Flynn as his national security adviser could elevate awareness in the Oval Office over cybersecurity threats.

Flynn has been running a private consulting business called the Intel Group that specialized in preventing cyberattacks on his clients.

Last week’s presentations underscored the reality that regardless of what actions the new administration may take, cyberattacks will remain a real and constant threat. Trump will enter office with plenty of recommendations on how to handle the nation’s vulnerabilities and it will remain to be seen how much of that advice he chooses to heed.