Govt Ethics
Assignment #1: Government and Private Industry Roles in Cyber Security
By Charles Sneed
13 Feb 2010
CSEC 620 Section 9040
TABLE OF CONTENTS
Table of Content……………………………………….……………………..…2
Introduction………….…………………………………………………………..3
Governmental Guidance……………………………………………………....3
Private Industry’s Responsibility………………………………………..….…8
Conclusion……………………………………………………………….……...9
References…………………..………………………………………….….….10
I. Introduction A. Objective
The purpose of this report is to describe how the government can help private industry to better manage improved cyber security and their responsibility to protect national security through implementing good cyber security controls. B. Organization of Subheadings
Section II provides an overview of how the government can provide guidance to private industry through the use of government regulation and cyber insurance. Section III tells why private industry has to have solid cyber security controls in place to protect national security. Section IV concludes with a review of the discussion and summary of responsibilities for both the government and private sector in relation to cyber security. II. Governmental Guidance
The government, more per se congress, must be clear about decisions of where to legislate or not. Government regulations and potential liability continue to be the biggest factor driving security investments, indicating that in addition to IT investments in security, security spending may be occurring in departments other than IT in order to comply with the Sarbanes-Oxley law (Swartz, 2004). True the federal government can set these lanes on the highway to protect cyber security but must also be flexible for both private and government to somehow overcome and begin to adapt to these ever-changing threats. It the government’s responsibility to ensure that information concerning cyber threats is shared with that of the private industry.
By Charles Sneed
13 Feb 2010
CSEC 620 Section 9040
TABLE OF CONTENTS
Table of Content……………………………………….……………………..…2
Introduction………….…………………………………………………………..3
Governmental Guidance……………………………………………………....3
Private Industry’s Responsibility………………………………………..….…8
Conclusion……………………………………………………………….……...9
References…………………..………………………………………….….….10
I. Introduction A. Objective
The purpose of this report is to describe how the government can help private industry to better manage improved cyber security and their responsibility to protect national security through implementing good cyber security controls. B. Organization of Subheadings
Section II provides an overview of how the government can provide guidance to private industry through the use of government regulation and cyber insurance. Section III tells why private industry has to have solid cyber security controls in place to protect national security. Section IV concludes with a review of the discussion and summary of responsibilities for both the government and private sector in relation to cyber security. II. Governmental Guidance
The government, more per se congress, must be clear about decisions of where to legislate or not. Government regulations and potential liability continue to be the biggest factor driving security investments, indicating that in addition to IT investments in security, security spending may be occurring in departments other than IT in order to comply with the Sarbanes-Oxley law (Swartz, 2004). True the federal government can set these lanes on the highway to protect cyber security but must also be flexible for both private and government to somehow overcome and begin to adapt to these ever-changing threats. It the government’s responsibility to ensure that information concerning cyber threats is shared with that of the private industry.
References: A. Governmental Regulation There have repeatedly been concerns from industry, private sector, and those operating critical infrastructure that over legislating by Congress ultimately will make it harder to protect our networks (Foster, 2002) Fisher, D. (2002). Feds warming to idea of regulating security. eWeek, 19(42), 14. Retrieved from EBSCOhost. Homeland Security Information Sharing: Protections for Private Sector Information. (2007). Venulex Legal Summaries, 1-2. Retrieved from EBSCOhost. Larence, E. R., & Powner, D. A. (2007). Critical Infrastructure: Challenges Remain in Protecting Key Sectors: GAO-07-626T. GAO Reports, 1. Retrieved from EBSCOhost. Pilla, D. (2003). Terrorism Risk Act Presents Questions. Best 's Review, 104(3), 14. Retrieved from EBSCOhost. Powner, D. A. (2006). Critical Infrastructure Protection: DHS Leadership Needed to Enhance Cyber security: GAO-06-1087T. GAO Reports, 1. Retrieved from EBSCOhost. Swartz, N. (2004). Businesses Improve Cyber Security. Information Management Journal, 38(6), 18. Retrieved from EBSCOhost