...Lodhi Road New Delhi – 110003 Discussion draft on National Cyber Security Policy “For secure computing environment and adequate trust & confidence in electronic transactions ” Your comments/feedback on this document are most welcome. Please send your valuable comments/feedback by 15 May 2011 to Dr Gulshan Rai, Director General, CERT-In, at the at the above address or on email id ‘grai@mit.gov.in’ Discussion draft Department Of Information Technology National Cyber Security Policy “For secure computing environment and adequate trust & confidence in electronic transactions ” Contents 1.0 Security of Cyber Space – Strategic perspective 1.1 IT as an engine for economic growth and prosperity 1.2 Security of cyber space - Need for action 1.3 Target audience 1.4 Securing cyber space – Key policy considerations 2.0 Cyber space – Nature of threat 2.1 Threat landscape 2.2 International cooperation 2.3 Securing cyber space – Scope of action 2.3.1 Cyber security and cyber defense 2.3.2 Cyber intelligence and cyber defense 2.4 Priorities for action 2.5 Partnership and collaborative efforts 3.0 Enabling processes 3.1 Security threat and vulnerability management 3.2 Security threat early warning and response 3.3 Security best practices - compliance and assurance 3.4 Security crisis management plan for countering cyber attacks and cyber terrorism 3.5 Security legal framework and law enforcement 3.6 Security information sharing and cooperation 4.0 Enabling technologies – Deployment...
Words: 7888 - Pages: 32
...Government Intervening To Protect Our Cyberspace University of Maryland University College Table of Contents Introduction page…………………………………………………………………..3 Justification to Regulate Private Industry Cybersecurity………………………3-4 Real World Threat…………………………………………………………………4-5 Methods for Government Intervention:…………………………………….……5 Government’s Intervention Impacts on National Security………………….….5-6 Real World National Security Breaches…………………………………………6 Arguments of the Private Sector to Take Responsibility.................................6-7 Failure to Take Responsible Action................................................................7 Conclusion…………………………………………………………………………7-8 References.....................................................................................................8-9 Introduction In 1969, the first ever network was born into existence (ARPANET) also called advanced research projects agency network. The Government Defense Department worked diligently on this break through in order to link some of the United States most prominent research universities with a couple of purposes in mind:...
Words: 1747 - Pages: 7
...of Maryland University College CSIA 360 Introduction Why is it important that every nation has a cyber security strategies? The past decade multiple company national or international have faced cyber security threats. Either sensitive government information or individual’s information has been compromised. Cyber security issues have developed into a significant national level where now it requires government consideration. In this analysis we will compare Europe and the Commonwealth on how they approach the national and international cyber security strategies. Overview of national cyber security What is national cybersecurity? Well first cyber security is a body technologies, processes and practices designed to protect networks, computers, programs and data from being attacked, damaged and or unauthorized access (target, n.d.). Now in the bigger end nations are now in the need for cyber security. National cyber security is to protect publicly held information that can be personal or private, national security and more. There has been several attacks on public services that have compromised personal or private information. As technology rapidly changes, new vulnerabilities are being created. National cyber security also outlines visions and articulates priorities, principles and approaches to understanding and managing risks at the national level. Some cyber security strategies by country may focus more on protecting critical infrastructure risks, while other countries...
Words: 2800 - Pages: 12
...Critical Need for Information Security Due Week 2 and worth 100 points Access the ACM Digital Library by following the steps below: Students: 1. Login to iCampus. 2. From iCampus, click STUDENT SERVICES>> Learning Resources Center >> Databases. 3. Scroll down to "Information Systems/Computing". 4. Select “ACM Digital Library” below the heading. 5. Enter your library username and password. Faculty: 1. Login to Blackboard: bb.strayer.edu. 2. Click the "Resource Center" tab at top right of page. 3. From the list on the left, click "Databases". 4. Scroll down to "Information Systems/Computing". 5. Select “ACM Digital Library” below the heading. 6. Enter your library username and password. Download and read the following articles available in the ACM Digital Library: Bernier, M., Chapman, I., Leblanc, S. P., & Partington, A. (2011). An overview of cyber-attack and computer network operations simulation. Proceedings from MMS ’11: Military Modeling & Simulation Symposium. Boston, MA. Maughan, D. (2010, February). The need for a national cybersecurity research and development agenda. Communications of the ACM, 53(2), 29-31. Write a four to five (4-5) page paper in which you: 1. Identify at least three (3) benefits or key knowledge points that could be derived from using cyber-attack simulator systems and research, and suggest how this insight could assist in defining the needs for security within...
Words: 1615 - Pages: 7
...Private security is an absolute necessity as part of our country’s homeland security. After the terrorist attacks of September 11th 2001, the concept of “homeland security” truly came into a whole new focus. Prior to this tragic incident, the abundance of security vulnerabilities that existed in our country were not as well known or as well publicized. Furthermore, it was just assumed and expected that the public sector was quite capable of handling our domestic security needs. This could not have been farther from the truth. The concept of “homeland security” is a both a broad and highly complex term that encompasses virtually every facet of the American infrastructure on land, in air, at sea, and even underground. Just taking into account the vast amounts of land that the United States encompasses is a difficult task within itself. The Office of Homeland Security (which was the predecessor to the Department of Homeland Security) attempted to simplify the concept of homeland security by describing it as a “concerted national effort to prevent terrorist attacks within the United States, reduce America’s vulnerability to terrorism, and minimize the damage and recover from any attacks that do occur.” Moreover, a number of federal agencies such as the Department of Homeland Security, Department of Defense, and the Congressional Budget Office just to name a few, have recognized the important role that private security firms will play in bringing the total concept of “homeland...
Words: 1945 - Pages: 8
...Cybercrime targets both government and private industries with various methods and motives behind them. Those various attack methods can make a significant damage ranging from an individual identity theft based scale to national scale concerning its security as a sovereign nation. In other words, cybercrime equally brings serious concerns for both private industries and government. Also, private industries have an interchangeable relationship with government agencies as client to provide services. Most of utilities-related critical infrastructure systems in every city are mostly managed by private organizations. As we are more depending on technological management of such critical infrastructure and centralization of such system throughout the network, cybercrime targeting those critical infrastructures can have detrimental effects for both private and government sectors. There has been a steady increase in numbers of cybercrime with its benefits over the traditional crime in the past decades. Cyber criminals are getting smarter and equipped with more resources with every passing days and are becoming bigger threats. Therefore, it is important to scrutinize those cybercrime-related issues as well as to delve into planning a well-thought out countermeasure for both private and government sectors in various aspects for betterment of safer society of the information era. In this paper, Part I addresses how government intervention justifies telling private industry how to set up or improve...
Words: 3978 - Pages: 16
...Information security means protecting information and information systems from unauthorized access, use, disclosure, disruption, modification, or destruction. The terms information security, computer security and information assurance are frequently used interchangeably. These fields are interrelated and share the common goals of protecting the confidentiality, integrity and availability of information; however, there are some subtle differences between them. These differences lie primarily in the approach to the subject, the methodologies used, and the areas of concentration. Information security is concerned with the confidentiality, integrity and availability of data regardless of the form the data may take: electronic, print, or other forms. Governments, military, financial institutions, hospitals, and private businesses amass a great deal of confidential information about their employees, customers, products, research, and financial status. Most of this information is now collected, processed and stored on electronic computers and transmitted across networks to other computers. Should confidential information about a businesses customers or finances or new product line fall into the hands of a competitor, such a breach of security could lead to lost business, law suits or even bankruptcy of the business. Protecting confidential information is a business requirement, and in many cases also an ethical and legal requirement. For the individual, information security has a significant...
Words: 6195 - Pages: 25
... Introduction 1 The Role of the Government in Protecting National Security 1 Acceptance of Government Intervention on Protecting National Security 2 Reaction to the Security Intervention on the Private Sector 3 Impacts/Effects of Government Regulations to Private Industries 4 Compliance Measures to Protect National Security 5 Responsibility to Protect National Security 5 Conclusion 6 Introduction Government has the responsibility to protect its national security and citizen. This could be done by providing policies and procedural guidance to private industries. This relationship between government and private industry are not conflict immune as the balance between protecting the national interest and invading privacy is in question. Senior management from the private industry caught in between making the right decision to protect their customer or investing in cyber security. This research paper covers the impact of government regulations, security laws, and legal concepts on the private sector to protect national security and its interpretation and acceptance by the public. The Role of the Government in Protecting National Security The US government invested a lot to protect its critical infrastructure from cyberattack by creating and implementing policies and procedures for private sectors. The executive branch of the government led by the Department of Homeland Security with close cooperation with other agencies including the National Institute...
Words: 1899 - Pages: 8
...Introduction 3 2. Private Industry & Regulations 4 3. National Security Concerns 4 4. Methods 6 5. Impacts of Government Regulation 7 6. Compliance 8 7. Responsibility 9 8. The Real World 10 9. Conclusion 11 References 12 1. Introduction Cybersecurity and cybersecurity initiatives are commonplace in all aspects of our digital lives. Personal computers are still widely used, especially in the workplace, but mobile devices seem to be the preferred computing choice of the average person. This would include but not be limited to; smart phones, tablets, and laptops to name a few. Mobile devices have changed the digital landscape in a manner that could not have been predicted. This is because other than work or school related activities, most personal computers were used to play a few games, check email, and browse the internet. These activities eventually transitioned over to the aforementioned mobile devices. Now we mix in social media, and a whole new digital cyber-world has emerged. Talk about getting your head out of the clouds. We live in the cloud, literally and figuratively. What does this mean to the average consumer? Perhaps not much. Most people who operate in the digital world could probably care less about the underpinnings of cyberspace and the digital devices that we use from the time we wake up in the morning until we go to sleep at night. As with many other aspects of our lives here in the U.S., there needs to be something...
Words: 2894 - Pages: 12
...Cyber Ethics CSEC 620 As one of the most uncertain and muddled aspects of any organization or company, Cyber Ethics are undoubtedly one of the most important in today’s technological age. Every organization or company operates with a Code of Conduct for its employees. This Code of Conduct outlines the “dos and don’ts” for an organization in hopes for “ethical” and “moral” operation of business. A typical code of conduct will outline an Acceptable Use policy, Internet Use policy, Security policy, and acceptable conduct policy for its employees that is supposed to be required reading. Like with any law, in cyber security there are always law-breakers waiting for the chance to exploit a weak firewall, a patch in the system, or a careless employee who leaves login information open for the wrong eyes to see. For this reason government and private sector alike must constantly update security measures and do thorough investigations of employees upon hiring. The internet is so large and open that it is a serious security threat for individual corporations and especially government agencies. The US government defends against countless internet attacks every day and because of the vast connections between private companies and government it is both the responsibility of private and public sector to insure everyone’s safety. Developing a widespread Code of Ethics in regards to Cyber Security is an increasingly difficult task. New advances in technology make it difficult to...
Words: 2222 - Pages: 9
...6 20 Cyber crime:Law Enforcement And E-Government Transnational Issues Individ ual Assignment #1 Leggett,Ronnell 3/3/13 2 Table Of Content Introduction ................................................................. 3-5 Current Government Interventions/ Methods............. 5-7 linpact/Effects .............................................................. 7-8 Private Industry Rcsponsibilit)' ............................... 8-9 Conclusion ........................................................................ 9-10 Reference Page ........................................................... 11 3 Introd uction Over the last several years we have witnessed many changes and transformations occur in tcclmology including advances in phone. television, and compu ter comm unication outlets. Being able to use and ma nipulate technology has now become an essential part of everyday lifo, this is especiall y important with the use of the World Wide Web and the plentiful resources it has to offer. With these new advances of technology we often find an apparent generation gap where more and more Americans arc born into new technology \'1hi lc others arc still trying lo figure it ou t. Most impo11 y. with these tech nological advances. crime has adapted to thi s new age as antl well. Consumers are pu t at new and higher risks when purchasi ng goods (Baker. 2006). Several decades ago the crimes reported by the news w1::re of a physical natu re, often...
Words: 2550 - Pages: 11
...and infrastructure. My discussion will include how individuals in private and public security can attribute to the prevention of terrorism within the U.S. terrorism is a threat that does not recognize borders and may affect states and peoples irrespective of their geographical location. Individuals and groups who believe that they can advance their political aims by using terror pose a serious threat to the democratic values of our societies and to the rights and freedoms of our citizens, especially by indiscriminately targeting innocent people. Acts of terrorism are criminal and unjustifiable, and must be treated as such under all circumstances (Hoffman, 1988). Terrorism as a threat to people and infrastructure is considered to be very critical. Much of the United States critical infrastructure is potentially vulnerable to cyber attack. Industrial control computer systems involved in this infrastructure are specific points of vulnerability, as cyber security for these systems has not been perceived as a high priority. Industries potent ally affected by a cyber attack on industrial control systems include the electrical, telephone, water, chemical and energy sectors (Naumann, 2008). Terrorism is considered to be one of the oldest forms of human conflict. Although, the FBI and the U.S customs service have made terrorism their top priority, they cannot fight this war alone. It is said that the private sector owns and protects 85% of the nation’s infrastructure, while local law...
Words: 662 - Pages: 3
...explosion of the accessibility of information and data via the today’s Web has brought along the concern and need for cyber security. With these issues of cyber security has also come the need to protect national informational assets from hackers and such who utilize the Web as a means to attack information that can aid in cyber terrorism. Information professionals are now looking to measures of protection that will ensure private citizens are not put into danger by the threat of cyber espionage. This also has extended to the protection of critical infrastructure within the United States and abroad. Critical Infrastructure Protection With the ever evolving presence of cyber-attacks that threaten to put citizens’ privacy and Internet security at risk, the government has had to intervene in order to take measures to protect its’ citizens due to the alarming fact that cyber-attacks are replacing other modes of attacks by terrorists. The Department of Homeland Security, created in 2002, was developed to carry out broad missions such as preventing terrorist attacks within the United States. This was mainly in response to the terrorist attacks that occurred on U.S. soil on September 11, 2001. Since then the DHS has taken on the mission of developing security that extends to information security and developing plans to implement critical infrastructure. The Homeland Security Act of 2002 extends the mission of this department even further. According to Caldwell (2014), “the DHS...
Words: 1329 - Pages: 6
...University Introduction In the wake of a terrorist attack, natural disaster, or emergency, the Department of Homeland Security (DHS) is prepared to respond. DHS primary responsibilities are combatting terrorism, securing boarders, enforcing immigration laws, safeguarding cyberspace, and responding to natural disasters. Coordination with the federal response teams and partnerships with local, state, and private sectors, enhance the DHS response tactics in a national emergency. Department of Homeland Security Mission, Operations, and Responsibilities The Department of Homeland Security’s mission is to keep America safe, protected, and resilient from various elements that threaten the country. As identified by (dhs.gov, 2013) DHS has three key concepts that strategies are based upon security, resilience, and customs and exchange. The process that defines homeland security missions and incorporates the key concepts is the Quadrennial Homeland Security Review (QHSR). DHS missions are spread across the enterprise and do not only cover DHS. The delegated missions define in detail how to prevent, protect, respond, recover, secure, ensure resilience, and facilitate customs and exchange as noted by (dhs.gov, 2013). Department of Homeland Security operations encompass five core objectives. The objectives covered under DHS are prevention of terrorism and enhancing security; secure and manage our boarders; enforce and administer immigration laws; safeguard and secure cyberspace; ensure...
Words: 1685 - Pages: 7
...aerospace, defense, and security corporation specializing in Department of Defense (DoD) systems that provide aeronautics, electronic systems, information systems and space systems solutions. We will provide a brief overview of the current state of the defense contracting sector and the cyber security threats and policies that govern it. We will also examine the classes of data that the defense contractor must protect and the potential cyber defense technologies that could be implemented in a prioritized strategy to secure that information. This briefing will also provide the priorities for legal and policy compliance amongst Defense contractors. Because Hytema is a Defense contractor the organization must work closely with the Federal Government causing them to adopt many of their policies and regulations. The most strategic and informative policy is the Federal Information Security Management Act (FISMA). All departments and agencies are required to coordinate and cooperate with the Department of Homeland Security as it carries out its cybersecurity responsibility actives as noted in the Office of Management Budget (OMB) (Dhs.gov, 2015) 2. Social Importance 2.1 Effects on society of the sector Defense contractors contribute to a very large part of what is deemed as societal importance in today’s society, however they are often overshadowed. Defense contractors that work for the Department of Defense within the cyber technology sector take up almost eighty percent...
Words: 1094 - Pages: 5