Every Business Needs a Cybersecurity Makeover–No Matter the Election Outcome

As Election Day approaches, any business that operates online or collects data from customers should be thinking about cybersecurity and data privacy–and what could change, depending on who is in the White House.

While both candidates clearly understand the importance of cybersecurity to national security, the question of how their views might change your business’s information safety practice is a good one. 

In 2017, President Trump issued an executive order to strengthen the cybersecurity of critical infrastructure and federal networks, and reclassified as a so-called unified command, granting the U.S. Cyber Command greater independence and purchasing power to achieve its military objectives in cyberspace. 

“The elevation of United States Cyber Command demonstrates our increased resolve against cyberspace threats and will help reassure our allies and partners and deter our adversaries,” Trump said in a statement.

Moreover, in the interest of protecting American citizens and businesses, he is restricting Chinese access to the U.S. web to limit the personal information and intellectual property that can be stored on or processed by their systems and clouds. Among the most reported aspects of this initiative, called the Clean Network program, is the threatened ban of the popular TikTok and WeChat from American app stores.

Former vice president Biden has also spoken of strengthening the resiliency of critical infrastructures. Though his approach toward China is less restrictive, he expresses great concerns regarding individual privacy and emphasizes the importance of revoking Section 230 of the Communications Decency Act, which has allowed social media to avoid liability for what their users post on their platforms. Trump’s Justice Department is advocating for reforming the provision, while Trump personally has expressed interest in repealing the measure altogether. 

Moreover, Biden clearly supports Europe’s massive data privacy law, the General Data Protection Regulation (GDPR). “We should be setting standards not unlike [what] the Europeans are doing relative to privacy,” Biden said in a New York Times editorial board interview, published in January. 

By enforcing these standards, companies in the U.S. will have much stricter rules regarding the collection of personal information and how they can use it. This means small businesses will need to modify their platforms in terms of data collection and storage, and to ensure that users have granted them permission to collect their personal data.

Apart from data privacy, there is also the question of the global political effect that each candidate may invite. How would either candidate ensure that the U.S. does not become an easier target of cyberattacks?

Cyber warfare is an important concern for the military because national defense is no longer about using armies, armor, and aircraft to protect our lives and property. In the cyber game, everyone is a target, and that is why every individual or business should be aware of the risk and how to keep their information and tangible assets safe.

To be sure, small businesses always need to be concerned about where and how they store data, regardless of who is president. That means knowing what data you have, how it is used, and who is using it. It also means ensuring the data is strongly encrypted, while at rest and in transfer. Small businesses are particularly vulnerable to threats. 

A recent report from Verizon found that small businesses are the target of almost half of all cyber attacks. These attacks come in many forms: phishing, malware, botnets, and, the most popular hack, ransomware. Indeed, ransomware is now offered as a service by cybercriminals on the dark web, making it easier than ever for anyone to launch attacks.

Cybersecurity is a nonpartisan decision. You need to be aware of what’s going on in cyberspace and ask yourself, honestly, if you are ready to deal with a sudden cyber attack. You should make sure that you have the security measures to detect and block sophisticated malware, that you have sufficient ongoing documentation of actions taken within your networks, and that you have secure backups to support continuity.