The Trump administration ought to emphasize regulations on cyber issues, funding opportunities, and collaborations with international partners, according to a Biden official.

Anne Neuberger spoke about the new administration's aims on the same day that the outgoing and incoming presidents met to discuss the transition.

On the same day that outgoing President Joe Biden met with President-elect Donald Trump to discuss their transition, a top White House cyber officer issued suggestions for the incoming administration's early cyber goals.

In its first 100 days, the Trump administration should develop a framework for minimum cybersecurity standards for critical infrastructure companies, establish cybersecurity grants for those in need, and strengthen international partnerships, according to Anne Neuberger, Biden's deputy national security adviser for cyber and emerging technology.

Neuberger made those suggestions at an event hosted by the Columbia University School of International and Public Affairs on Wednesday, citing the bipartisan tradition of cybersecurity, having received "the baton" from previous administrations and passing it on in a world dominated by Chinese threats, ransomware, and artificial intelligence.

"As we think about what the administration has done in each of those areas, we've learned a lot about what's worked, what hasn't worked," she stated, adding the objective is to impart "what we learned on both sides."

There is some hint of bipartisan continuity on the issue of basic cybersecurity requirements, which is the only cyber-related topic in the Republican platform for 2024.

"We must have minimum regulations across critical infrastructure, because if our pipelines and our ports leave their digital doors and windows open, then it's too easy," he stated.

One lesson learned, according to Neuberger, is that following the 2021 Colonial Pipeline incident, the administration should not have used its emergency authority to implement pipeline cybersecurity measures without consulting the sector. "Lesson No. 1: That wasn't a good idea," she stated. She said that subsequent restrictions have brought industry to the forefront.

She also emphasized the importance of measuring compliance with these standards. According to Neuberger, 53% of the essential pipelines passed the first inspections required by the pipeline rules in October of last year, compared to 100% at the end of October. She also stated that rail and aviation standards, which were implemented after the pipeline rules, increased from 21% to 68% for rail and from 0% to 57% for aviation within the same time period.

However, how to proceed with future cyber laws is unclear as a result of a Supreme Court decision this year that undermined the so-called Chevron doctrine, which governs the leeway that agencies have to regulate.

"Certainly Chevron represents a challenge to cybersecurity regulations," Neuberger told reporters. "We believe that the regulations we've done are very true both to the letter of the law and the spirit, in that as new technologies were adopted in those sectors, the safety regulations evolve."

Neuberger also suggested that the next administration prioritize grant programs to assist smaller government agencies in detecting threats, a recommendation that may be difficult to implement given Trump's reported nomination to oversee the Homeland Security Department. And it should build on collaborations like the Counter Ransomware Initiative to put pressure on Russia's ransomware gangs, as well as engage in more exchanges with countries like China to impose pressure on illicit cyber activities, she said.

Source: Cyberscoop