Keeping the focus on national security concerns, clearly discuss the compelling sociopolitical reasons, motivations, or arguments for or against government intervention into private sector Cybersecurity.
Clearly discuss the methods of government intervention. That is, what authorities (such as laws, regulations and rules) give the executive or legislative representatives the right to regulate private industry?
Describe real-world examples that help support your discussion.
discussion of reasons and methods of government intervention, plus how both federal and some state interventions may be similar or differ in reasons and methods,
Clearly discuss effects on national security that might result from (a) …show more content…
failure to comply with related cyber regulations or requirements, (b) meeting only the minimum requirements, and (c) exceeding the minimum requirements.
Clearly discuss whether private industry now has a responsibility to protect national security through implementing good cybersecurity controls imposed by government regulation.
Describe real-world examples that help support your discussion.
Impacts and effects is thorough, including how federal and/or some state regulations may create unintended positive or negative effects for national security or for economic progress.
National Cybersecurity and Critical Infrastructure Protection Act of 2013, H.R. 3696. http://www.ndia.org/Advocacy/LegislativeandFederalIssuesUpdate/Documents/CybersecurityBillLetterofSupport1.9.14.pdf 1) Reason for government intervention
2) Methods of government intervention
Introduction
Justification:
1. Information sharing
a. To increase private sector sharing (why the govt need firms to share)
i. Fear of disclosure (reason why firms chose not to share) ii. Mitigating vulnerabilities for firms in general (reason why they should share) iii. Develop better security for other firms based on identified breaches. http://www.dhs.gov/combat-cyber-crime
b. Private to public/govt (pg 13 emerging threats)
c. Increase govt assistance when cyber-attacks happen (preemptive measure)
i. E.g google came to NSA – support thru statistics on number of possible individuals affected ii. 2. Economic effects - undersupply
a. Lack of initiative by private companies to secure their networks – no …show more content…
incentives
Economic benefits
If the cost of preventing an attack is higher than the costs firms suffer from the attack then the prevention should not be undertaken thus cost is more than the benefit
Security should be implemented wen the benefits are greater than the cost
References used http://www.dhs.gov/what-critical-infrastructure Economic implications: http://www.whitehouse.gov/issues/foreign-policy/cybersecurity http://news.softpedia.com/news/T-J-Maxx-Hacker-Sentenced-to-30-Years-in-Prison-101555.shtml http://cs.brown.edu/courses/csci1800/sources/lec27/Moore.pdf http://www.commerce.gov/sites/default/files/documents/2011/june/cybersecurity_green_paper_finalversion_0.pdf http://www.gpo.gov/fdsys/pkg/FR-2013-02-19/pdf/2013-03915.pdf http://www.computerworld.com/s/article/9241407/Feds_explore_cybersecurity_incentives_for_the_private_sector
Brenner, S.
W. (2006). Cybercrime and the U.S. criminal justice system. In B. Hussein, Handbook of Information
Security (Vol. I, pp. 1-15). Hoboken, New Jersey: John Wiley & Sons, Inc.
Himma, K. E. (2006). Legal, social, and ethical issues of the Internet. In B. Hussein, Handbook of Information
Security (Vol. I, pp. 65-82). Hoboken, New Jersey: John Wiley & Sons, Inc.
Jaeger, C. (2006). Cyberterrorism and information security. In B. Hussein, Handbook of Information Security (Vol.
I, pp. 16-39). Hoboken, New Jersey: John Wiley & Sons, Inc.
Waleski, B. D. (2006). The Legal Implications of Information Security: Regulatory Compliance and Liability. In B.
Hussein, Handbook of Information Security ( I, 38-64). Hoboken, New Jersey: John Wiley & Sons,
Inc.