Legal and Technical Future of Cyber Security Essay
- Length: 6 pages
- Sources: 4
- Subject: Criminal Justice
- Type: Essay
- Paper: #3244878
Excerpt from Essay :
Future of Cyber Security
Report on the Legal and Technical Future of Cyber Security
The future of Cyber security relies on the quality of decisions that the government seconded by the private sector process as for now. Attacks on networks and databases have become a complex and lucrative activity that attracts a financial gain for people involved in that business. For this reason, there is a need to determine whether the existing pieces of legislation are responsive enough to mitigate cyber attacks. This study proves that the existing legislation in relation to ethical security requires an upgrade. It will also establish one existing law courtesy of Computer Fraud and Abuse Act (CFAA) of 1986 and one proposal law courtesy of Ethical Cyber Situation and Perimeter Building Act ECSPBA (2014).
Future of cyber-security
Cyber security is proving a disturbing concern to both the public and private sectors. The government, in particular, is establishing multilayered network to link intelligence, security, and personnel in a collective multilayered network. Lehto (2013, pp. 14) establishes that the future of cybercrime relies on the quality of adopted strategy. As a result, cooperation is based on the nature of the cyber laws being developed at the federal or state level. The federal government is working closely with key allies on the cyber security policy is to establish required cooperation modules. In this light, preliminary framework for cooperation on cyber security policy has been based on a warning, incidence response mechanism.
It should also be recalled that partnerships to address cyber aspects of critical infrastructure are grounded on leveraging existing agreements. The information technology sector provides clear crosscutting cyber components of CI/KR protection. On the other hand, the government provides policies, laws, and multilateral and bilateral agreements on the national basis. For this reason, it has become necessary to establish training and education highlighting the importance of cyberspace security. The training on strategic cyber security management emphasizes on the greater awareness and participation of all stakeholders in establishing a proper cyber security for future applications (Farsole, Kashikar, & Zunzunwala, 2010).
In this regard, DHS co-sponsors the national CAEIAE program together with NSA. In response for future, DHS and NSA are working to expand the program nationally. In fiscal year 2004, the DHS / Treasury computer investigative specialist program trained 48 federal criminal investigators on the nature of computer breaches. The program has been instrumental in encouraging agents from ICE and Internal Revenue service to attend the six and half month course. Additionally, the DHS is working closely with DOD and DOJ to ensure that the military and judiciary become part of the collective process to mitigate cyber-security crime. The collaboration is based on incident response management, the collective creation of CSIRTs, law enforcement personnel, jurists empowered to ensure that computer forensic, case handling, and laws are done collectively (Broucek, & Turner 2013, pp. 30).
Now based on the above revelation, it is notable that the cyber security is an obligation, both the government and the private sector. After a close analysis, the government effort in establishing proper cyber security legal and technical framework is an impetus to the development of a desirable cyber security for future use. In particular, the government has been a major player in the development of the OECD and its subsequent revisions. As part of the collaboration, it is notable that the word bank is providing policy funding and policy towards the combating of cyber threats. In the future, it will be necessary for countries and organizations to establish a consistent global / legal policy framework for addressing cyber security (Lehto, 2013).
Whilst the government's role is providing policy and legislation, the private sector seconded by the Non-Government Organizations is to provide considerate technicalities to respond future possible threats. Hence, there is a need to enhance cooperation between the government and private sector to ensure that standards are established. The only means to achieve sustainable development is through the persuasion of cooperation at channels of policy exploration. Collaboration focuses on the mobilization of funding and the linking of all activities in the wider social-economic system that needs the security the most (Farsole, Kashikar, & Zunzunwala, 2010).
Legal limitations associated with combating and preventing cybercrime
Although the federal government through the Congress has endeavored to provide sustainable measurements in relation to cyber security, it should be noted that this sustainability in relation to legislation is failing adequately. The problem is that cyber attacks are way ahead of the current threshold of legislation. In fact, many attackers are still at large. The loophole is caused by the current focus of cybercrime laws. Cybercrime laws are one-sided because they are only structured to apprehend criminals. This approach is not appealing since it does not prevent cybercrime from happening. A desirable law prevents cybercrime from occurring besides instilling ethics and morals among Internet users. This section will examine the nature Computer Fraud and Abuse Act (CFAA) of 1986 (Broucek, & Turner 2013).
The CFAA was enacted to law to clarify the definition of criminal fraud and abuse for federal computer crimes. The law also endeavored to remove legal ambiguities and obstacles to prosecuting these crimes. The act further established felony offenses as, unauthorized access of federal computer banks through unauthorized trafficking of computer passwords. The law further prohibited individuals from unauthorized access to computers with intent to obtain the classified financial gain, commit fraud, and transmit computer viruses with the intent of causing malice. CFAA seems responsive to common cybercrimes. However, the law looks at apprehending criminals and not necessary the act of preventing crime (Goldman, 2012, pp. 32).
Goldman (2012, pp. 37) further argues that the prowess of hackers is based on sharing information. In the underground hacking, selling of security information password, access codes, and protocols are a senior business. The business has hierarchies with superior hackers being the wealthiest. Approaching cybercrime-based on laws is not appropriate since information might end up leaking to undesired individuals. This is a serious issue even when the attacker is convicted. Attackers can gain access to crucial sections of government information (Lehto, 2013). These can be data banks, or even prison securities. Therefore, breeding hackers with an objective of apprehending them in the future is not an appropriate methodology. Action should be directed on establishing laws that will mitigate cybercrime to zero levels. The law should be responsive to the nature of the cyber vulnerability surrounding data banks on aggregate (Broucek, & Turner 2013).
The catching and apprehending criminals' strategy is not responsive enough to a required cyber mitigation strategy. Largely, the department of justice has cited that destruction or disclosure of information or prevention use of computer hardware or software is made a strict press. However, this approach can be considered incompetent since the analogous access physical trespass onto government property, should not be required to show any additional elements to the destruction of information to gain a conviction. Additionally, the 1986 law further imposed limits to trafficking computer passwords. Penalties, for violation of the law, were severe and could result from 1-5 years in prison for first offenders. Nevertheless, cybercrime can cause serious harm to the public. Progressively, cybercrime can cause death, accidents, war, and other related fatalities. Therefore, imposing a one-year jail term is not responsive enough to mitigate problems associated with cybercrime.
A realistic solution to prevent cybercrime
Firstly, it is good to examine the nature of cybercrime technicalities. After a close analysis, one will notice that hackers have a well-established perimeter that cannot be penetrated by a common hacker. As a result, there is a derivative necessity to establish mitigating policies that will respond to the current shortages in cybercrime policies. This study proposes the development of Ethical Cyber Situation and Perimeter Building Act ECSPBA (2014). This is not a law, but a proposal to a law that would enroll ethics in relation to cybercrime. Ideally, the law seeks to transfer Cyber Safety to the hackers themselves. The law is inspired by the knowledge that the federal government spends a lot of money in enhancing cyber-safety structures. Such a situation could be mitigated if all hackers were converted to be ethical hackers.
ECSPBA will foster two core strategies identifying national wide hackers and developing an institution to contain these hackers in a given ethical institutional framework. As part of the proposal, this report proposes the introduction of ethical hacking school. The school will be training existing hacking on ethical practices of protecting data. Attackers flourish because they want to make money unlawfully besides enjoying the act of terrorizing people. Part of this approach will seek to distance hackers from the malicious mind to a more constructive mind respecting the principles of networks; counseling will be necessary for recruits (Broucek, & Turner 2013).
The career objective will seek to establish the information to be protected, ways of protecting it, and identifying the people who should not get the information. In addition, it is important to identify the timeframe and money required in the realization of a…