United states cyber security policy (Eric Winn)


Published on

Published in: Technology, News & Politics
  • Be the first to comment

  • Be the first to like this

No Downloads
Total views
On SlideShare
From Embeds
Number of Embeds
Embeds 0
No embeds

No notes for slide

United states cyber security policy (Eric Winn)

  1. 1. Eric T. Winn
  2. 2. • Threats to the security of the United States and its citizens can come in many forms: • Planes crashing into buildings • Bombs detonated in crowded areas • Mass murders can enter schools and kill innocent children • Cyber attacks on the banking industry, businesses, government agencies, etc.
  3. 3. • The FBI, CIA, NSA and other federal, state and local agencies are working diligently to detect and prevent an event such as 9/11 from occurring again • In order to disrupt any type of criminal activity, whether terrorism or any other type of crime, we must think like the criminal • We must understand where we have weaknesses and what we need to do to prevent them from being exploited
  4. 4. • Since 9/11, tremendous efforts have been made to secure sections of our critical infrastructure that fell victim to terrorists • While these efforts are needed and necessary, we must not be narrowly focused on from where the next attack will come or take place • Efforts must be made to protect all aspects of our critical infrastructure to include cyber systems
  5. 5. • Cyber security has been defined as security of the nation’s computer and telecommunications infrastructure to include military, all forms of communications networks, electrical grids and power plants.
  6. 6. • These attacks can involve both the public and private sectors • Government agencies • Banks • Businesses • Power companies • Any other organization that utilizes computer and telecommunications systems
  7. 7. • The theory describes power in three different circuits: • Episodic circuit • Social integration circuit • System integration circuit • The theory describes power relationships and how they are interconnected
  8. 8. • The episodic circuit describes how events can shape policy • The events of 9/11 demonstrated how the lack of communication left the nation in a vulnerable state • The creation of the Department of Homeland Security illustrates the episodic power of an organization • Redirecting funds and resources, implementing personnel policy, oversight and other functions were placed under the control of a single person
  9. 9. • The creation of DHS also affected congressional functions • This resulted in redirecting funds to certain areas of the country under the pretense of protection from terrorism • Terrorism is a grave threat to the nation but attacks are waged against organizations every day that are not affiliated with a terrorist organization • We must take a holistic approach when securing a nation
  10. 10. • We cannot focus solely on threats from one source • While terrorism is a serious threat to the nation, threats to the security of the nation come from many other areas and occur by many different means • Cyber security was placed on the back burner and greater attention was placed on securing the nation from a single type of threat and from a single organization
  11. 11. • In the years following 9/11, it was unclear as to who was in charge of cyber security efforts and what was being accomplished to reach that goal • Episodic power played a key role in the implementation of cyber security in the United States
  12. 12. • Social and cultural differences can have grave consequences on how policy is created • Legislative actions were taken prior to 9/11 to create a department tasked with protecting the homeland but basically died in Congress due to lack of interest • It took the loss of thousands of lives and billions in infrastructure to realize that efforts were needed to protect the nation’s homeland
  13. 13. • Following 9/11, a bill was introduced to focus on cyber security efforts • The bill was debated but no action was taken • Nearly a year later, another bill was introduced that resulted in the creation of DHS • Still, there was a lack of interest in securing the nation’s cyber network • Cyber security lost when trying to compete with other national security functions
  14. 14. • It is argued that voicing concern about DHS not focusing enough on cyber security would appear unpatriotic
  15. 15. • The technological means of control over the physical and social environment and the skills associated with these means • System integration is a strong source of transformation and tension • System integration relies heavily on the management of an organization to explain the new rules and norms implied by the system • It must be done in such a manner that members of the organization understand and are willing to accept
  16. 16. • The Cyber Security Enhancement Act allowed companies to provide government with customer’s electronic information without a warrant or other legal document • It did not have to be provided following a request, it could be the initiative of the company as an “immediate threat to a national security interest” which was later changed to “subjective good faith” • This did not require judicial oversight or notification to the person communicating the information
  17. 17. • Buy-in from others in the organization is needed during the design and development stage of the system and not when the system is being implemented
  18. 18. • Why does it take an event to occur before our government begins to focus attention on the situation?
  19. 19. • Dhillon, G. (2013). Enterprise cyber security: Principles and practice. Washington, D.C. Paradigm Books