Future of Cyber Security
Report on the Legal and Technical Future of Cyber Security
The future of Cyber security relies on the quality of decisions that the government seconded by the private sector process as for now. Attacks on networks and databases have become a complex and lucrative activity that attracts a financial gain for people involved in that business. For this reason, there is a need to determine whether the existing pieces of legislation are responsive enough to mitigate cyber attacks. This study proves that the existing legislation in relation to ethical security requires an upgrade. It will also establish one existing law courtesy of Computer Fraud and Abuse Act (CFAA) of 1986 and one proposal law courtesy of Ethical Cyber Situation and Perimeter Building Act ECSPBA (2014).
Future of cyber-security
Cyber security is proving a disturbing concern to both the public and private sectors. The government, in particular, is establishing multilayered network to link intelligence, security, and personnel in a collective multilayered network. Lehto (2013, pp. 14) establishes that the future of cybercrime relies on the quality of adopted strategy. As a result, cooperation is based on the nature of the cyber laws being developed at the federal or state level. The federal government is working closely with key allies on the cyber security policy is to establish required cooperation modules. In this light, preliminary framework for cooperation on cyber security policy has been based on a warning, incidence response mechanism.
It should also be recalled that partnerships to address cyber aspects of critical infrastructure are grounded on leveraging existing agreements. The information technology sector provides clear crosscutting cyber components of CI/KR protection. On the other hand, the government provides policies, laws, and multilateral and bilateral agreements on the national basis. For this reason, it has become necessary to establish training and education highlighting the importance of cyberspace security. The training on strategic cyber security management emphasizes on the greater awareness and participation of all stakeholders in establishing a proper cyber security for future applications (Farsole, Kashikar, & Zunzunwala, 2010).
In this regard, DHS co-sponsors the national CAEIAE program together with NSA. In response for future, DHS and NSA are working to expand the program nationally. In fiscal year 2004, the DHS / Treasury computer investigative specialist program trained 48 federal criminal investigators on the nature of computer breaches. The program has been instrumental in encouraging agents from ICE and Internal Revenue service to attend the six and half month course. Additionally, the DHS is working closely with DOD and DOJ to ensure that the military and judiciary become part of the collective process to mitigate cyber-security crime. The collaboration is based on incident response management, the collective creation of CSIRTs, law enforcement personnel, jurists empowered to ensure that computer forensic, case handling, and laws are done collectively (Broucek, & Turner 2013, pp. 30).
Now based on the above revelation, it is notable that the cyber security is an obligation, both the government and the private sector. After a close analysis, the government effort in establishing proper cyber security legal and technical framework is an impetus to the development of a desirable cyber security for future use. In particular, the government has been a major player in the development of the OECD and its subsequent revisions. As part of the collaboration, it is notable that the word bank is providing policy funding and policy towards the combating of cyber threats. In the future, it will be necessary for countries and organizations to establish a consistent global / legal policy framework for addressing cyber security (Lehto, 2013).
Whilst the government's role is providing policy and legislation, the private sector seconded by the Non-Government Organizations is to provide considerate technicalities to respond future possible threats. Hence, there is a need to enhance cooperation between the government and private sector to ensure that standards are established. The only means to achieve sustainable development is through the persuasion of cooperation at channels of policy exploration. Collaboration focuses on the mobilization of funding and the linking of all activities in the wider social-economic system that needs the security the most (Farsole, Kashikar, & Zunzunwala, 2010).
Legal limitations associated with combating and preventing...
The problem is that cyber attacks are way ahead of the current threshold of legislation. In fact, many attackers are still at large. The loophole is caused by the current focus of cybercrime laws. Cybercrime laws are one-sided because they are only structured to apprehend criminals. This approach is not appealing since it does not prevent cybercrime from happening. A desirable law prevents cybercrime from occurring besides instilling ethics and morals among Internet users. This section will examine the nature Computer Fraud and Abuse Act (CFAA) of 1986 (Broucek, & Turner 2013).
The CFAA was enacted to law to clarify the definition of criminal fraud and abuse for federal computer crimes. The law also endeavored to remove legal ambiguities and obstacles to prosecuting these crimes. The act further established felony offenses as, unauthorized access of federal computer banks through unauthorized trafficking of computer passwords. The law further prohibited individuals from unauthorized access to computers with intent to obtain the classified financial gain, commit fraud, and transmit computer viruses with the intent of causing malice. CFAA seems responsive to common cybercrimes. However, the law looks at apprehending criminals and not necessary the act of preventing crime (Goldman, 2012, pp. 32).
Goldman (2012, pp. 37) further argues that the prowess of hackers is based on sharing information. In the underground hacking, selling of security information password, access codes, and protocols are a senior business. The business has hierarchies with superior hackers being the wealthiest. Approaching cybercrime-based on laws is not appropriate since information might end up leaking to undesired individuals. This is a serious issue even when the attacker is convicted. Attackers can gain access to crucial sections of government information (Lehto, 2013). These can be data banks, or even prison securities. Therefore, breeding hackers with an objective of apprehending them in the future is not an appropriate methodology. Action should be directed on establishing laws that will mitigate cybercrime to zero levels. The law should be responsive to the nature of the cyber vulnerability surrounding data banks on aggregate (Broucek, & Turner 2013).
The catching and apprehending criminals' strategy is not responsive enough to a required cyber mitigation strategy. Largely, the department of justice has cited that destruction or disclosure of information or prevention use of computer hardware or software is made a strict press. However, this approach can be considered incompetent since the analogous access physical trespass onto government property, should not be required to show any additional elements to the destruction of information to gain a conviction. Additionally, the 1986 law further imposed limits to trafficking computer passwords. Penalties, for violation of the law, were severe and could result from 1-5 years in prison for first offenders. Nevertheless, cybercrime can cause serious harm to the public. Progressively, cybercrime can cause death, accidents, war, and other related fatalities. Therefore, imposing a one-year jail term is not responsive enough to mitigate problems associated with cybercrime.
A realistic solution to prevent cybercrime
Firstly, it is good to examine the nature of cybercrime technicalities. After a close analysis, one will notice that hackers have a well-established perimeter that cannot be penetrated by a common hacker. As a result, there is a derivative necessity to establish mitigating policies that will respond to the current shortages in cybercrime policies. This study proposes the development of Ethical Cyber Situation and Perimeter Building Act ECSPBA (2014). This is not a law, but a proposal to a law that would enroll ethics in relation to cybercrime. Ideally, the law seeks to transfer Cyber Safety to the hackers themselves. The law is inspired by the knowledge that the federal government spends a lot of money in enhancing cyber-safety structures. Such a situation could be mitigated if all hackers were converted to be ethical hackers.
ECSPBA will foster two core strategies identifying national wide hackers and developing an institution to contain these hackers in a given ethical institutional framework. As part of the proposal, this report proposes the introduction of ethical hacking school. The school will be training existing hacking on ethical practices of protecting data. Attackers flourish because they want to make money unlawfully besides enjoying the act of terrorizing people. Part of this approach will seek to distance hackers from the malicious mind to a more constructive mind respecting the principles of networks; counseling will be necessary for recruits (Broucek, & Turner 2013).
The career objective will seek to establish the information to be protected, ways of protecting it, and identifying the people who should not get the information. In addition, it is important to identify the timeframe and money required in the realization of a…
Cybersecurity as an Organizational Strategy: An Ethical and Legal Perspective Cybersecurity as Organizational Strategy Across the board -- in business, society, and government -- the promise of cyber capabilities are matched by potential peril. The cyber environment is never static, but it is perhaps most agile in response to the continual stream of emerging cyber threats and realized cyber attacks ("PCAST," 2007). Cybersecurity must be agile. The challenges that must be met
Cyber security, due primarily to globalization has become a profound issue. With the advent of the internet, new threats to privacy and security have arisen. For one, threats have caused data breaches and loss of service for many internet providers. Recently, American banks have become targets of cyber attacks from unknown sources. In many instances, it is difficult to detect the whereabouts of a cyber attack. The anonymity of an
Human Aspects in IT and Cybersecurity Outline Government Justification of Informing Private industry to improve or Set up Cyber-security Methods of the Government Interventions Impacts of Government Regulation on National Security Failure to comply to related cyber regulations Meeting the minimum requirements. Exceeding the Minimum Requirements The economic and national security of the United States rely on the effective functioning of the country critical infrastructures. Recently, the U.S. government has issued an executive order to manage the
Corporate governance, IT Governance and Information Security Governance IS 8310 Governance, Risk Management and Compliance Governance is the process of empowering leaders to implement rules that are enforceable and amendable. For comprehensive understanding of the term' governance' it is essential to identify the leaders and the set of rules, and various positions that leaders govern. Corporate governance, IT Governance and Information Security Governance embraces a linkage with certain acquiescence system while
Estonia Cyber Attacks 2007 2007 Estonian Cyber-war This is the information age. In this age, the Internet has smoothened the progress of spectacular increases in global interconnectivity and communication. This form of globalization also yielded benefits for Estonia by improving the standard of living of its people. However, other than benefits, it has also ascended the availability of new weapons of confrontation for groups who have been seeking and opposing certain Estonian
Security Programs Implementation of Information Security Programs Information Security Programs are significantly growing with the present reforms in the United States agencies, due to the insecurity involved in the handling of data in most corporate infrastructure systems. Cases such as independent hackers accessing company databases and computerized systems, computer service attacks, malicious software such as viruses that attack the operating systems and many other issues are among the many issues experienced