Chinese Versus American National Cyber Security - Research Proposal Example

? Chinese versus American National Cyber Security College: Cybercrime is a reality that has hit the information networks in a world driven by computer and internet technology. With the rapid development of technology in the world, countries are experiencing more economic losses from cyber-attack. In a data-centric world, it has become a necessary competence to develop secure network systems to guaranteed information fidelity. Countries are engaging national Cyber Security policies to ensure information security as data traverses the information networks. The purpose of this study is to compare the effectiveness of the national cyber security policies that have been applied in China and America and to provide viable solutions to the weaknesses in these policies. By drawing from a wide range of theoretical and statistical resources, it will be possible to compare the performance of the cyber security policies in these countries. A critical analysis of the materials will provide an adequate ground to provide workable solutions to that will help the government to improve cyber security policies in their countries. Chinese versus American National Cyber Security Introduction Cyber security is a term that emerged immediately after the development of a data-centric world that is driven by the internet and online presence. As the global trends demand more engagement of the internet and all business operations become driven by this technology, the need for data security has risen due to the existence of hacking and identity theft as the man at the middle gains access to sensitive information during its transmission. Even today, many organizations and citizens continue to be victims of victims of cybercrime sending an alarm to the government to implement online security to assure safety of sensitive business transactions. China and America are among the countries that have focused on the cyber security to guarantee safety of information in online business. The purpose of this paper is to make a comparison between the America cyber security policies with those that have been deployed in China. To draw this comparison, the policies applied in each country will be analyzed and their impact on data security will be evaluated. A secondary research will be conducted from a wide range of materials including government reports and validated research works to gather authentic information. The information so obtained will be related to the subject topic to form a basis of the conclusions. From the research, it will be possible to provide recommendations for alternative mechanisms that can be used to beef up cyber security and guarantee safety of information sent over the networks. This will provide a substantial platform for the improvement of data security policies not only in China and America, but also across other nations that have been hit with the blow of cybercrime in the business environment. Background of Cybercrime and Cyber-Security Cybercrime refers to the use of software, fish-mails or peculiar malware to obtain user information illegally during a data transmission process. With the current increase in online monetary transactions, the cyber criminals have vested more efforts to obtain information from citizens and business organization. For instance, when an online banker feeds their credentials into the online accounts, it is possible for hackers to obtain this information and use it to make illegal transactions. According to United States Department of Crime and Justice, (2013) about 5 million Americans are hacked every year and their identity information is used and at least $50 million dollars is lost to cyber-criminals. In China, Anderson reports that in China, over 700,000 web users fall victim of cybercrime every without their knowledge and over $874 million is lost to fraudsters. Despite the imperative efforts that have been engaged to tackle the problem, cybercrime continues to be a big problem in many countries. The 2013 cybercrime report presented by Sophos new cyber threats have brought new trends in online business. This report indicates that Blackhole is a new malware that has heightened the problem of cybercrime. Surprisingly, US host over 30% of the Blackhole sites while China hosts over 5% of these sites (Sophos, 2013). These trends indicate that there is a need for stricter policies to curb cybercrime in the business market. China has responded to cybercrime by implementing strict legal policies to counter the trend in cybercrime. The government has put effort to garner intelligence from industries, the military and the public to ensure that internet safety is guaranteed. This is a war that began back in 1996 when the government the National Network and Information Security (NNISCSG) was established to take care of cybercrime. This body responded by developing national civilian cyber security strategy and national policies to develop a secure network that would dissolve all online crimes. The same war has been launched in America and policy making initiatives such as the Comprehensive National Cyber Security Initiative (CNSI) have been formulated to mitigate cybercrime. A wide range of strategies has been applied in the global arena to develop systems that can secure business and governmental operations from the risk of cybercrime. While some governments opt to take cyber-security as any other form of security threat, other nations have opted to take measures at the industrial level. While approaching cyber-security from the government level, the government sets networks on its governance framework to identify the security threats and to engage their intelligent units to combat the crime. On the other hand, combating cybercrime at the industrial level requires that business organization engage internal policies and establish secured internet networks to protect their business systems (Wilshusen, 2010). More reasonable countries have opted to develop an integrative mechanism to ensure that security is maintained at both the national level and the industrial level. According to Wilshusen (2010), the only way to measure the effectiveness of cyber security is by evaluating the effectiveness of the program. An effective cyber-security program should be modest and dynamic to ensure that it can sustain security both in the short term and the long term. In this view, we can measure the effectiveness of cyber-security programs by evaluating the effectiveness of the policies in bringing down the level of cybercrime within a nation. For the purpose of this research, the effectiveness of the cyber-security policies in China and America will be measured as per the changes that these policies have brought in these countries. Case Study The Chinese Cyber Security Policies In China, 2011 was an alarming year when the country received the highest level of cybercrime more than ever before. According to a report by IGCC (2013), approximately 8.531 million computers were attacked by rogue programs sending an alarm for the online business organization. As compared to the 2010 cybercrime statistics in China, the 2011 figure had hiked by 48% and the trends promised a great danger in the future of the country’s economy. In addition, over 1500 people had their personal information used in illegal transactions. This point of time seems to be a take-off for the China policies to combat cybercrime. However, the emphasis on cyber-security in China started back in 2002 when the National Network and Information Security Coordination Small Group (NNISCG) was started as mandated with the responsibility of constructing an effective cyber-security framework. The body implemented the famous national civilian cyber security strategy and approved other related policies and strategies. One provision of the policy was that all organization be certified and use standard info-Sec standard software to ensure that the risk is minimized. At the same time, the e-government security system was established to monitor the security networks, generate reports and identify potential threats. The ministry of Public security plays a key role in combating cybercrime by developing research labs to detect malicious software and security threats within the online networks. The department also has a branch to take care of data encryption systems for government and civilian networks. In addition, China has a civilian cyber-security program with most representatives being from the Chinese Academy of Engineering and the Chinese Academy of Science. This team is engaged in research to identify threats and to device intervention policies that are dynamic and up to date. The policies have capitalized on numerous strategies to develop secure information networks. First, the government provides regular updates of new threats in the cyberspace to create awareness of the industrial sector. This ensures that more security measures are impacted in the ageing It industry to ensure safety of information at the industry level. Secondly, the government monitors all organizations to ensure that they are certified and apply the standard information security systems recommended in these policies. The government is also actively engaging in identifying the cyber security criminals by developing an intelligent team that identifies and captures cyber thieves. According to the First Post World (2013), police in Beijing arrested over 8700 people who had been alleged to have been involved in cybercrime. In this regard, it is possible to regard the Chinese cyber security policies as integrative and centered in both the public and the government. The American Cyber Security Policies In the US, cases of cyber-attacks are common with citizens and organizations falling victims of cyber-attack from within and outside the US. US host the highest percentage of malware attacks compared to other countries. Approximately 40% of the malware attacks originate from this state, making it a potential source of threat not only for the American commerce but also for the whole world. A recent report by SophosLab (2013) indicates that America hosts over 30% of the Blackhole malware, the most severe malware that is trending today in cybercrime. Over 556 million victims per year are identified and 600,000 Facebook accounts are hacked every day. The development of social networks has escalated the problem and the society is expected to suffer more attacks in the society. Over 60% of the business organizations that are attacked undergo unrecoverable financial losses. In this regard, cyber security is a sensitive issue in America and policy framework has been instituted in the country. A good part of the war against cybercrime in America is fought by the federal government. The Federal information security management act (FISMA) was launched in 2002 and sought to regulate the healthcare, financial and federal agencies to implement compulsory policies, principles and standards to ensure that there was information fidelity and guarantee the safety of sensitive information that cannot be sacrificed for public safety (Wilshusen, 2010). The system has received a lot of criticism for using “reasonable security” as a term to measure the level of security in these institutions. Moreover, the policy did not cover organizations such as the internet service provider companies who are central to the flow of the data and are more vulnerable points of attack. In 2003 the government developed the Notice of the security Breach Act which demanded that all organizations that holds the license number, credit card number or social security number or national security number of citizens must disclose the any cybercrime related event in the company. This formed the government measure to ensure accountability among the organization on any instances of cybercrime. More government efforts have been put in place to ensure that principles of cyber security are applied in America. The National Strategy to Secure Cyber Space (NSSC) was funded with $4.7 billion to conduct more research and develop long term cyber security solutions in America. Recently, the Obama government has launched the comprehensive national Cyber Security Initiative to ensure that the economic threats that have underpinned the economic crisis in America have been neutralized (Whitehouse, 2013). Under this policy, the government intends to create awareness programs that update threats and solutions and ensures that every computer user has access to this information. Also, the initiative is aimed at implementing research based solutions and to develop a government counterintelligence plan to neutralize potential threats. China versus US, Policy Analysis A keen observation of the national cyber security policies of the two countries indicates that the security China information security is dependent on the industries themselves while that of America depends more on the government regulations. By deploying an industry-centered cyber security framework, China government fights crime from its source. Since the crimes happen, in these industries and that these industries suffer loss, implementing security at this level ensures that industries become more responsible. However, the disadvantage of this method is that the industries are evasive of the high costs of implementing security. On the other hand, the US government uses a strict policy that sets standards that must be met by the organizations (Whitehouse, 2013). Policing the organizations ensures that compliance is mandatory and that the rules are followed to the letter. However, the inability of the government to establish critical measures of reasonable security level is the source the weakness of this framework. Sophos (2013) stated that the world of cyber-attacks are dynamic and a dynamic policy is a necessary competence for a nation that intends to remain relevant in cybercrime war. The evolution of web development and social networks has been accompanied by the development of new malware. The American government has developed a more dynamic policy against cybercrime than the Chinese government. According to the InfoSec Institute (2013) statistics, cybercrime in America increased by 26% as compared to the 48% increase recorded in the year 2012. This trend can be attributed to the government’s effort to invest more on the development more strict Cyber Security. On the other hand, the reports indicate China has become a victim of cybercrime in the same period. The fact that the US statistics has decreased can be associated with the development of a well-structured policy, dynamic framework in the Country. Although there is a high level of cybercrime, it is clear that the National policies have contributed to the reduction in cases of attack (Frinkle and Jones, 2013). On the other hand, China has become not only a victim but also a source of great cyber-attack. One implication of this is that the policies have not been effective enough to counter cyber-attack. Alternatively, this kind of trend can be as a result of the explosion of technology in the China in the recent past. However, it is possible to conclude with a generality that the policies were not dynamic enough to counter cybercrime in China. Recommendations The move by China and US to form a common platform to fight cybercrime can be regarded as a worthwhile effort. OECD (2012) mentioned the need for countries to come together to fight cybercrime from an international front. Both China and America have been identified as a potential source of cyber-attack. Resultantly, the development of a cohesive cyber security network will ensure that the two countries reduce the cybercrime rate in their respective countries. Another recommendation that would be viable in America is providing better measurement standards for the security level in the industries. For instance, the government should conduct a research to identify the vulnerabilities of the organizations and device the minimum requirement software such as antivirus and malware detectors that must be implemented in every organization. This should be followed by close examination to ensure that the cyber security policies are implemented. The Chinese government should enforce stricter laws to industries and take a government initiative to implement cyber security in the industries (Anderson, 2013). This will ensure that organizations do not avoid the cost of security in their organizations. On the other hand, the Chinese policies need to be more flexible to accommodate the changes in cyber-attacks. As Sophos (2013) points out, the development of new technology requires that new measures be put in place to combat new security threats. Coupled with the tremendous growth of technology in China in the recent past, this country is inclined to face more instances of cybercrime. To achieve dynamism, China needs to conduct more research and adopt new cyber-security technology more quickly to counter the escalating cases of cybercrime. Conclusion Cyber security is a matter of global concern especially with the proliferation of new computer and internet technology in the world today. In China and America, instances of cybercrime and cyber-attack have escalated as hackers and cyber thieves target online business operation to acquire personal information for fraud purposes. In China, the national policies have capitalized on regulation of industries while in America the policies are government centered and the government makes polices to standardize the industrial cyber security. Through a dynamic national policy, the American government has managed to reduce the cybercrime rate within its country. The Chinese policies seem to be static considering the technological adoption that has taken place in this country (Anderson, 2013). In essence, China has become not only a victim but also a potential source of cyber-attack. With the ageing of cybercrime experts and development of online business and government information sharing, it is important to adopt a more concrete integrative security network. The government should ensure that the policies join the government and the industry in the war. As the government designs innovative national policies, the industrial sector should adopt these policies and ensure that they invest more in the development of the internal security networks. This will guarantee the public the safety of their resources and the government less external attacks. Standardized organizational policies and monitoring would go way far in modeling the cyber security. A more reasonable strategy would be the adoption of an international cyber security program that comprehensively covers the sources of the attack and the criminals. An international strategy will ensure that country to country attack is minimized and that governments learn from each other. The intention of China and America to engage in a mutual deal to combat cybercrime will guarantee a better cyber security for both countries. References Anderson, J., (2013). China’s Cyber-Crime Problem: Sinned against Sinning. ICT and the Global Community. FirstPost World, (2013). China Arrests 87000 people for Cyber Crimes. Retrieved from: < http://www.firstpost.com/world/china-arrests-8700-people-for-cyber-crimes-1032239.html > Frinkle, J., and Jones, D., (2013). US Indicts Hackers in Biggest Cyber Fraud History. Retrieved from :< http://www.reuters.com/article/2013/07/25/us-usa-hackers-creditcards-idUSBRE96O0RI20130725 > IGCC, (2012). China and Cyber Security: Political, Economic and Strategic Dimensions. Institute of Global Conflict and Cooperation. InfoSec Institute, (2013). Cyber Crime and Underground Market. Retrieved from: < http://resources.infosecinstitute.com/cybercrime-and-the-underground-market/> OECD, (2012). Cyber Security Policy Making at a Turning Point. Retrieved from: < http://www.oecd.org/sti/ieconomy/cybersecurity%20policy%20making.pdf> Sophos, (2013). Security Threat Report 2013. Retrieved from: < http://www.sophos.com/en- us/medialibrary/PDFs/other/sophossecuritythreatreport2013.pdf> United States Department of Crime and Justice, (2013). Cybercrime. Retrieved from: < http://www.justice.gov/usao/briefing_room/cc/> Whitehouse, (2013). The Comprehensive National Cyber Security Initiative. Retrieved from: < http://www.whitehouse.gov/issues/foreign-policy/cybersecurity /national-initiative> Wilshusen, G., (2010). Cyber security: Progress Made but Challenges Remain in Defining and Coordinating the Comprehensive National Initiative. New York: Diane Publishing. Read More