Cyber Security Policy Initiatives - Research Paper Example

Table of Contents Confidentiality 2 Integrity 3 Availability 4 The Cyber security Policy Initiatives of the Current Administration 4 Essential Points 5 Structuring Ability for a Digital Nation 7 Distributing Accountability for Cybersecurity 8 Formulating Helpful Information Sharing and Incident Response 9 Encouraging Innovation 9 Recommendations 10 References 11 Cyber Security Policy Initiatives The system of technologies, procedure and observance which are structured for protecting networks, systems, applications and important information from attacks, harm or entrance from unauthorized as well as unrecognized sources is what is known as Cyber security. With the ever evolving cyber world, cyber security is of paramount importance as threats and attacks over the years have become more serious than previously predicted. A number of measures can be taken to help protect information and systems from cyber attacks. Some of which are fairly simple ways like properly configuring and patching operating systems, regularly updating firewalls and antivirus software, using strong passwords and not sharing them, not opening mails from un-trusted sources and only allowing access to systems and data to those who really need it. Many governments across the globe have recognized the serious threats that information systems throughout the world continue to face and thus implement laws and other rules that help curb this problem to a very satisfactory extent (Wilshusen, 2010). There are three key cyber security tenets that have been identified as the most important factors to help cope with the threats that may arise. They are categorized as confidentiality, integrity and availability. Confidentiality Confidentiality refers to the companies that have been trusted by users and have received the personal information of people that trust them with it. It can be in the form of a person's name to an addresses or even bank account details. Privacy between communication channels and any records that are used should also be viewed as a highly important factor. People that entrust others with their personal information over the internet and other information systems will ask and inquire about the confidentiality of the channel. Moreover they will want to know whether it is the reliable company they are using to communicate with outside companies and if their records are safe and secure or not. It is their right and they should not be stripped of it. If for instance, a bank has a website and they want to allocate a particular area for outside people. At this point the bank can allocate a public space for such operations which can be operated privately with restricted access. Otherwise it can easily be vulnerable to attacks from hackers and spyware. The more sensitive the nature of a business, the higher safety measures they need to keep for preventing personal information of their consumers to get out into cyberspace (LaPadula, 2001). Consumers feel safe and secure when knowing that their communication channel is private and incase there is even a slight possibility of it being penetrated, how easily and quickly can it be accessed by attackers. Furthermore, they can demand to know if their identities are kept confidential in records and reports, that is to say whether any information that could reveal who they are has been omitted. This is a logical approach by any concerned entity and should be demanded without any hesitation. Additionally they should also be aware whether it is possible for outsiders to find messages from persons or groups by using simple internet searches. If someone finds out that their information that was supposedly given to a certain organization under the pretence of it staying confidential ends up online somewhere, that will be a big blow and can tarnish that company’s confidentiality reputation for good. All information that is given out to the trusted sources must be handled with extreme care and utmost alertness at all times so that no person is left unsatisfied and can feel safe giving out his/her confidential information (Powner, 2010). Integrity Integrity demands that information provided by companies should be authentic and complete. Since the general public gets involved in dealings with them, companies cannot face the impacts of scandals or shame. Once reputations are blemished in the cyber world, companies have rarely been known to completely come back from them and stand on former grounds. Therefore it is monumentally important that all sorts of information shared is sufficiently accurate and cannot lead for anyone to point fingers at each other because whatever reason may it be a breach in security or any other reason as they can lead to claims of misinformation. When integrity is put as a belief in understanding cyber security issues, nothing can go wrong because companies will be always at the ready in providing the best possible working environment for the people. They will make use of their software and they will be always be one step ahead of any attacks or threats that they could potentially face (Council, 2010). Availability Availability is the third tenet which is the most important principle here. Whenever a user will be faced with a difficulty, the last object they would want is for the people that have been put in place to help them, be absent. If this happens and people cannot access files or important data when needed the most, they will be furious and disheartened. Knowing the difference between a good communication flow and an excellent one is really the most important thing one could ever do in regards of cyber threats and issues related to cyber security. The Cyber security Policy Initiatives of the Current Administration Cyberspace is the worldwide network of mutually dependent information technology network which comprised of telecommunication and processing structure in which online communiqué occurs. Cyber security has been quoted as “one of the most vital national security problems which is being faced by the new administration (Daalder & Destler, 2002).” Cyber and telecommunications actions are different entities and can be sometimes wrongly conflated to indicate the same meaning or competence. One can discriminate the term cyber from that of telecommunications with the former referring to the data or applications installed whereas the latter which is the electronic means in which the activity takes place. Electronic information systems, known as “information infrastructures,” support a massive array of security and economic assets in both public and private sectors. With cyber security being integrated into the President's Administration schema as essential administration precedence it has increased cyber security. Moreover it has transformed in turning out to be the essential constituent of the Administration’s Performance administration Agenda. The Chief Performance Officer has designed a strategy for increasing performance for improving government functions. This plan of action is focused more towards focusing on moving to real time monitoring and incorporating cyber security into system blueprint rather than leaving it as a postscript (whitehouse.gov, 2013). Essential Points The policy assessment is centralized more towards the problem and factors that influence or are influenced by cyber security. Starting from small to mid-term plans, the manuscript reorganizes the intricate approach of the past. This is the main theme of the policy review that keeps recurring and it organizes its most important goals as follows: 1. Guide from the Top: Ultimately, the White House is in charge for taking the program to bring up to date the nation’s potential to tackle with cyber threats, in addition to extra related issues which include legal norms. 2. Structuring ability for a Digital Nation: With cyber security being under the government’s list for quite some time, the public has slight responsiveness on the issue. Informing them about these matters and growing this awareness will assist Americans to put together smarter choices and deal with risks in a more well-organized and effective way. 3. Distributing accountability for Cybersecurity: Since the problem of cybersecurity effects people on a global scale, the public in addition to private sectors along with nationalized and international sectors must all be implicated in the process for it to be successful. Cooperation amid sectors on an international height should be studied and used for maximum advantage (McCullagh, 2009). 4. Formulating helpful Information Sharing and Incident Response: The response attempt is supposed to be central approximately for a cybersecurity representative selected by the president. The structure for response is required to be apparent and in unification with improved information distribution to perk up capabilities so the outcome is most effective. 5. Encouraging Innovation: Making new development and improved technologies through innovative research will add towards a further protected cyberspace. This ought to be enjoined with newer verification technologies to ensure data exchange is kept secure at the highest levels (Secretary, 2009). Top Down Leadership Approach Make sure that cyberspace is adequately flexible and dependable to hold up with U.S. objectives of financial growth, communal liberties and defense, nationalized security, and the sustained development of self-governing bodies which also entails making cyber security a general priority. This will have a trickledown effect and will help all the related infrastructures suffice in the best possible way. Attaining this significant and intricate task will be probable with involvement from the leadership at the uppermost levels of government. In order for the policies to be flourishing, the President’s cyber security strategy official must be given apparent presidential hold up, influence, liberties and adequate resources to control well in policy creation and the synchronization of inter-agency cyber security-concerned tasks. Furthermore, the cybersecurity guiding principle should be established and sustained under the supervision of suitable staff in which minimum two executive directors should be affiliated to the National Security Council and this team must have at least one individual executive director as well as other team members from National Ethics Committee. In addition, it is essential that the cybersecurity policy representative does not have any working duty or influence. In the same way, they also do not have the influence to make this plan unilateral. To assist with the process of coordination, all federal departments are required to constitute a point-of-contact in their particular executive suites endorsed to contact with the White House on cyber security concerning problems (Lemos, 2003). Structuring Ability for a Digital Nation With the transformation of every single aspect of life in workplaces and homes, the nation is at a crossroads. Mobile and wireless banking, shopping centers and tax submission are everyday routines. The country's entire administration and design is experiencing an upheaval and evolving continuously because digital and network expertise are being incorporated across huge systems with programs which includes Smart Grids and the Next Generation Air Traffic Systems. Informing the general public well in ways of using the technology safely is being looked into. In addition to that, the nation requires a technologically savvy workforce that will remain competitive in the 21st century economy. If the United States of America initiates a K-12 cyber protection education plan for digital protection, principles, security, expands universities curriculums and sets the circumstances to formulate an experienced workforce for a digital era, it will be safer and well protected. In this scenario, effectively implementing and promoting cybersecurity danger awareness for all populace along with building an education scheme that enhances perception of cyber security and allows the nation to keep hold of its engineering, science, and market control in IT is monumental. Workforces are being trained and expanded to safeguard the Nation’s aggressive benefit and organizations are being helped to make smart choices as they manage risks (Council, 2010). Distributing Accountability for Cybersecurity The Federal government will not be successful in the many aspect of safeguarding cyberspace if it operates isolated. The public and private organizations interests are entangled with the shared liability for attaining a protected and dependable infrastructure on which businesses and the government services can rely. The giant task of protecting cyberspace entails increased effort in bilateral forums. However, the successful execution of this attempt demands seeking of continued collaboration and cooperation with the social sector as well as recovering the security of different networks through the expansion of international rules, regulations and standards, enlarge the official system’s aptitude to fight cybercrime and persist to build up and uphold best practices. By engaging the private sector to assist in dealing with the boundaries of law enforcement and national refuge, cybersecurity threats are dealt with in a far more effective way than ever before. The current cybersecurity policy officials will be working with departments and agencies to make stronger and put together processes for formulating a planned strategy and coordinate with international cyber security officials (Lemos, 2008). Formulating Helpful Information Sharing and Incident Response United States of America require a detailed structure to make possible synchronized answer by government, private sectors and associates to a noteworthy cyber occurrence. All the state agencies and governments are required to labor together to perk up the plans and resources they have in position prior to attacks that help notice, put off and act in response to significant cybersecurity occurrence. In view of the fact that these kinds of occurrences can have serious influence over interrelated networks all the way through governmental and industrial areas, hence there is dire need for the synchronization of effective plans and operations (Steven, 2010). In addition, building a framework for incident response will significantly reduce the problem when it arises because measures are put in place to protect it long before the initial start of any sort of attacks. In this scenario, the CNCI (Comprehensive National Cybersecurity Initiative) attempt should carry on improving federal network defenses at the same time as taking into consideration the need for transformation or add-ons to the execution plan and strategy. In precise, the President’s cybersecurity policy official should work in cooperation with the private sector with the purpose of identifying the technical capabilities to strengthen national defence infrastructures. Further an individual can review the operational perception and execution of the National Cybersecurity Center and resolve if its proposed responses, resource strategies and governance are sufficient enough to support cyber incident response efforts (Stone, 2010). Encouraging Innovation The United States of America should make use of the advantages of innovation to deal with cybersecurity problems. In this scenario, a large number of technological and network management solutions that would significantly improve security are already implemented in the marketplace however these are not always utilized because of price or intricacy. In addition, to enhance competitiveness, the Federal government should work with other leaders present in the market for establishing and implementing migration strategies and plans for the intense and effective use and implementation of technology and research development. It could be possible through effective support of collaboration and cooperation between industrial and academic laboratories (Hunker, 2010). Recommendations The Obama Administration can adopt a comprehensive strategy for a safe and secure cyberspace while forging an international agenda for cybersecurity. Establishing a United States declaratory policy on cyber security can help lay down the standards and norms for a number of sectors to follow. Preparing for the future of the internet and what kind of changes it will bring will help as well. Policies that help with the protection of the most crucial infrastructure from attacks should also be implemented and the leadership should be given complete authority over these organizations in regards to cyber security related matters. A firm grip over the private sectors innovative powers of cybersecurity should be made without any delays as their contribution to help curb this problem can be monumental. Realizing the threat of hacking organizations and the power and control they have over cyberspace is important too and there should be some form of communication between the Federal government and the anonymous hacker organizations by which both parties can come to a mutual agreement and help dampen any future damage that could be caused. Justice must be swift and penalties should be harsher so that people realize the consequences of dealing in matters of these natures such as identity thefts, security frauds and hack attacks at governmental levels should be avoided at all costs. The seriousness of the matter should be brought to light to the public and public awareness programs will help educate the masses about the problems with cybersecurity. That being said, educating people by doing simple seminars and free workshops (where feasible) about how easily this problem can be dealt with at an individual level should by using simple antivirus softwares, updating operating systems and keeping all your interconnected devices under your control and a firm check, can help bring the rate of threat to cybersecurity massively down. References Council, N. S. (2010). whitehouse.gov. Retrieved February 20, 2013, from Cybersecurity Progress after President Obama’s Address: http://www.whitehouse.gov/administration/eop/nsc/cybersecurity/progressreports/july2010 Daalder, I. H., & Destler, I. M. (2002). The Brookings Institution. Retrieved February 20, 2013, from Assessing the Department of Homeland Security: http://www.brookings.edu/fp/projects/homeland/assessdhs.pdf Hunker, J. (2010). U.S. International Policy for Cybersecurity: Five Issues That Won't Go Away; Hunker, Jeffrey. HeinOnline . LaPadula, L. J. (2001). Information for the Defence Community. Retrieved February 20, 2013, from State of the Art in CyberSecurity Monitoring: A Supplement: http://oai.dtic.mil/oai/oai?verb=getRecord&metadataPrefix=html&identifier=ADA465099 Lemos, R. (2003). Bush unveils final cybersecurity plan. Retrieved February 20, 2013, from news.cnet.com: http://news.cnet.com/Bush-unveils-final-cybersecurity-plan/2100-1001_3-984697.html Lemos, R. (2008). Security Focus. Retrieved February 20, 2013, from Law makers voice concerns over cybersecurity plan: http://www.securityfocus.com/news/11507 McCullagh, D. (2009). cnet.com. Retrieved February 20, 2013, from A cybersecurity quiz: Can you tell Obama from Bush: http://news.cnet.com/8301-13578_3-10252263-38.html Powner, D. A. (2010). Cybersecurity: Key Challenges Need to be Addressed to Improve Research and Development. New York: DIANE Publishing. Secretary, P. (2009). whitehouse.gov. Retrieved February 20, 2013, from Remarks by the President on Securing Nation's Cyber Infrastructure: http://www.whitehouse.gov/the_press_office/Remarks-by-the-President-on-Securing-Our-Nations-Cyber-Infrastructure Steven, C. (2010). Cybersecurity Strategy: A Primer for Policy Makers and Those on the Front Line. HeinOnline . Stone, M. (2010). Cybersecurity Policy. Retrieved February 20, 2013, from Obama’s Cybersecurity Plan: http://geest.msh-paris.fr/IMG/pdf/Obama_s_cybersecurity_plan.mp3.pdf whitehouse.gov. (2013). whitehouse.gov. Retrieved February 20, 2013, from Cyber Space Policy Review: http://www.whitehouse.gov/assets/documents/Cyberspace_Policy_Review_final.pdf Wilshusen, G. C. (2010). Cybersecurity: Progress Made But Challenges Remain in Defining and Coordinating the Comprehensive National Initiative. New York: DIANE Publishing. Read More