The COVID-19 pandemic shone a light on the future of cybersecurity and related issues that need to be addressed through legislation.
When the COVID-19 pandemic hit, many businesses were not equipped or ready to work remotely. Similarly, government agencies were overwhelmed by the significant amount of citizens in need of federal and state support after losing their jobs or falling ill.The strain on these systems has highlighted some serious issues that may need to be addressed by government policy. One of those issues was the future of cybersecurity.During the pandemic, the government is taking the time to look over these issues and find ways to update and strengthen its current policies. The 2021 National Defense Authorization Act (NDAA) has started the conversation to address these needs, but there’s still work that needs to be done in the coming years.
When the COVID-19 pandemic first hit the United States, many government systems that are used to provide support were overwhelmed. This left those most vulnerable without access to what they need and the government without the means or funds to instantly repair it.“We [have] provided a billion dollars of immediate relief to state and local IT budgets that have been stretched to the breaking point,” said Representative Jim Langevin of Rhode Island.The vast amount of people who were working from home overwhelmed many systems, forcing some people to make undesirable decisions.“Because of COVID, we had a surge that had to happen, teleworking from home and [the] unprecedented demand for state services,” Langevin said. “States quickly became overwhelmed. People lined up for blocks just to file a claim for unemployment insurance. The States have not been able to handle this overwhelming new demand for services. Modernizing IT would certainly help us to do that.”
As we look toward the future of cybersecurity, many people are worried that their personal data is vulnerable when the government gets involved in cyber issues. However, the government's priority is safety-efficient systems, not data collection.“I really want to ensure folks right from the get-go that we have no intention whatsoever of tying data collection to regulatory actions,” said Langevin. “It's about helping us to understand cyber risk posture. What's working, what's not, and where we should invest our next cybersecurity dollar. But it's got to be a collaborative effort and information data helps us to get there.”