SECURITY AND SAFETY OF THE POWER GRID AND ITS RELATED COMPUTER INFORMATION SYSTEMS 1
Security and safety of the power grid and its related computer information systems
Name of the student:
Name of the institution:
There have been increased use and application of information and communication technologies in most of critical infrastructures and departments of the government. They have proved to be fundamentally significant in helping the various departments to carry out their daily activities with a lot of ease and proficiency. However, these systems have also opened quite a considerable unforeseen opportunity both positive and negative. The infrastructures have become highly efficient and flexible and this has been very beneficial to the people. On the other hand, there have been persistent problems with cybercrimes and hackers who have outsmarted the government and the set securities protocols every now and then. This has made the state lose billions of dollars in a theft of its secrets and high-level information. In this case, it is right to analyze all the general impacts that can be put in place to prevent cybercrimes as well as threats. It is hence important to validate all the necessary measures that need to be put in place in every organization. The paper will hence give recommendations that can help the named organization solve the issues mentioned.
To address this issue, proper precautions needs to be put in place. The government has to demonstrate preparedness in combating this crime both in terms of systems put in place and also the legal jurisprudence (Higgins, 2016). The US power grid system is an interconnected system that is made up of power generation, transmissions software, and its distribution with a capacity to bring down the whole economy if not well protected. The nation's department of defense (DoD) is one of the most critical and sensitive institutions that can paralyze the state if tampered with by unscrupulous individuals. The situation is even worse if there is an advanced persistent threat (APT) against computers and software that operates the western interconnection power grid. This needs an urgent measure to remove the threat immediately and avoid its reoccurrence. We recommend the following security and safety of the power grid and its related computer information systems are taken by the concerned departments:
a. Creation of a special branch that is specifically dedicated to cyber security
It is high time for the government to come up with a special branch of the military personnel that will be dedicated to fighting cybercrimes (Higgins, 2016). Its main function will be to detect cybercrime activities, to develop mechanisms to prevent cybercrimes, apprehend, arrest and align cyber criminals in a court of law.
b. Creation of special court to determine cybercrime cases
Security and safety of the power grid and its related computer information systems and those crimes associated w.
AMERICAN LANGUAGE HUB_Level2_Student'sBook_Answerkey.pdf
SECURITY AND SAFETY OF THE POWER GRID AND ITS RELATED COMPUTER INF.docx
1. SECURITY AND SAFETY OF THE POWER GRID AND ITS
RELATED COMPUTER INFORMATION SYSTEMS
1
Security and safety of the power grid and its related computer
information systems
Name of the student:
Name of the institution:
There have been increased use and application of
information and communication technologies in most of critical
infrastructures and departments of the government. They have
proved to be fundamentally significant in helping the various
departments to carry out their daily activities with a lot of ease
and proficiency. However, these systems have also opened quite
a considerable unforeseen opportunity both positive and
negative. The infrastructures have become highly efficient and
flexible and this has been very beneficial to the people. On the
other hand, there have been persistent problems with
cybercrimes and hackers who have outsmarted the government
and the set securities protocols every now and then. This has
2. made the state lose billions of dollars in a theft of its secrets
and high-level information. In this case, it is right to analyze all
the general impacts that can be put in place to prevent
cybercrimes as well as threats. It is hence important to validate
all the necessary measures that need to be put in place in every
organization. The paper will hence give recommendations that
can help the named organization solve the issues mentioned.
To address this issue, proper precautions needs to be put in
place. The government has to demonstrate preparedness in
combating this crime both in terms of systems put in place and
also the legal jurisprudence (Higgins, 2016). The US power grid
system is an interconnected system that is made up of power
generation, transmissions software, and its distribution with a
capacity to bring down the whole economy if not well protected.
The nation's department of defense (DoD) is one of the most
critical and sensitive institutions that can paralyze the state if
tampered with by unscrupulous individuals. The situation is
even worse if there is an advanced persistent threat (APT)
against computers and software that operates the western
interconnection power grid. This needs an urgent measure to
remove the threat immediately and avoid its reoccurrence. We
recommend the following security and safety of the power grid
and its related computer information systems are taken by the
concerned departments:
a. Creation of a special branch that is specifically dedicated to
cyber security
It is high time for the government to come up with a
special branch of the military personnel that will be dedicated
to fighting cybercrimes (Higgins, 2016). Its main function will
be to detect cybercrime activities, to develop mechanisms to
prevent cybercrimes, apprehend, arrest and align cyber
criminals in a court of law.
b. Creation of special court to determine cybercrime cases
Security and safety of the power grid and its related
computer information systems and those crimes associated with
it are complex and intertwined. There is a great need for the
3. judicial system to introduce a special court that will be
dedicated to listening and determine such offenses (The United
States, 2012). There is the need also for the staff of this court to
be well educated and knowledgeable about the trends and
emerging issues in information technology and communication.
This will help the judges listening to the cases to make a ruling
from an informed angle to avoid misconceptions.
c. Constant and secure update of information systems from
trusted software companies
Some of the breaches that have occurred in these systems
are as a result of tampered and virus infected software that has
been used to update them. This can be done either intentionally
by a person or group that intends to use the loophole they have
created in those systems for their own gains. For this reasons,
the department of defense (DoD), that of Homeland Security
(DHS), all government institutions and federal stakeholders
should buy their systems update from approved and recognized
dealers who can be held accountable if there is any breach.
d. Security is an international challenge
It is vital to be aware that cybercrimes are an international
problem and therefore there is a great need for the nation to
work hand in hand with other countries to come up with strong
laws and policies against it. The national information
infrastructure of the country has also been viewed as part of the
global information infrastructure if this war is to be won. This
is because most of the cyber criminals are from other countries
or even immigrants and therefore effective policies need to be
put in place to solve such cases diplomatically (Wilshusen,
2012). The ever increasing problem means that it requires
international solutions. With the recent surge of internet
activities worldwide, there is the greater need for systems
security like trans-border data flows and cryptography to avoid
their misuse. With these new securities in place, the internet
could be safer for all users since the organization can surf the
internet without fear of hacking. Since the internet has so many
users it becomes important to protect the data that is being
4. exchanged on the site and hence increase data and information
security.
e. Constant risk assessments
The nation's ICT department and that of security experts
should work together in harmony to strengthen power grids
security designs (Wilshusen, 2012). An overall risk assessment
of the systems is recommended especially in conjunction with
taxonomies of threats and effective countermeasures for them to
identify an effective, efficient and well-balanced security
guideline that are to be agreed by all the stakeholders. This is
the wake of the fact that cyber security risk of the smart grid is
ever evolving and therefore requires constant reassessment.
Such continuous assessment can increase the possibility of
better security in the organization reducing the chances of any
threat from hackers. The assessment can also help the
organization’s employees understand any new threat or even
formulate better mechanisms of dealing with the crimes (The
United States, 2012).
f. Frequent revision of laws and regulations – cyber security
policies should be established on existing security regulations
for the computer information systems and the power grid for the
electricity sector. The power grid and software are new
technologies that come with vast threats but cyber security
should be integrated into the security processes. Resilience in
this is vital as the main objective is to keep the laid down
infrastructure running. The congress and those concerned with
making laws should work together to put standards, security
procedures and compliance mechanisms in place (Wilshusen,
2012). Such revisions in laws and regulations are necessary as
they create new legal approaches that are used to accuse any
hackers that try to mess with the company’s data and
information in the long run.
g. Information sharing
To protect the power grids and its related computer
information systems, there is a need for the various security
institutions to share information on cyber breaches and
5. architecture. This sharing should be within and between the
sectors involved and the government. This is because it is
crucial to the vendors and the end users to determine how to
securely communicate the detected vulnerabilities without
raising a red flag (The United States, 2012). The top executives
of the various institutions need also to be aware of trends in
cyber security. This is to facilitate them to make necessary
decision and plans.
h. Apply security improvement management systems
The fact is security is always never perfect and that we are
prone to new threat almost every day. Most if not all
institutions have financial challenges and this means it's hard
for them to create a perfect security system for their data and
information. However, the risk assessment skills indicate the
level of protection that the organization needs. For some
departments like that of defense, it is vital to have a real perfect
security due to the sensitive of data and information it has (The
United States, 2012). Partnering with SCADA is, therefore,
inevitable to provide the highest lever secure zone which has no
public network access. This is an air gap principle of shielded
networks that should be monitored and continuously improved.
i. Creation of a certification body for power grid assets and its
related computer information systems. For the operations to be
able to mitigate the risks effectively it is vital to ensure that the
body entrusted with the responsibility has the capacity and
meets the necessary ethical guidelines. This means that there is
a need for a body or institution responsible for accrediting other
bodies and certifying them. The body should also be tasked with
frequently checking the others to ensure they meet the minimum
requirements and that they conduct their business within the set
law and set rules.
j. Integration of data security measures to power grid
communication protocols and infrastructures
The power grids mean that there are different domains,
stakeholders, and areas across the world. Any protocols should
be systematically analyzed and implemented and security
6. measures integrated by using international laid down standards
(Wilshusen, 2012). The power grid uses suitable ICT systems
which must be reliable and have bandwidth protection within its
grids. This has to be effectively incorporated for it to
effectively work.
Conclusion
In conclusion, the paper has identified that cyber stalking is the
use of the internet to impersonate another person, to harass or to
lure a person. It is a crime of interfering with other people's life
and privacy. Cyber abuse and frauds are related in that they
mostly entail luring a person and benefit from that person
finances. It entails identity theft and deprives the actual owner
of his funds and finances. The paper has discussed various cases
where people have been convicted of cyberstalking. The paper
identifies that people should be careful with their personal
environment. In addition, they should be caution on how they
respond to internet related issues. As explained in the paper, it
is evident that the organization need to follow all given
recommendations and solve the cybercrimes it is facing. These
recommendations will increase the security of the organization
with the aim securing important data and information. With all
these in place, the organization can be in a better position to
secure customer’s data and information as well as the
company’s internal content. Since cybercrime has become a
major threat in most business, the organization herein must be
conversant with all the possible measures given above to
minimize the effects of such crimes.
References
Top of Form
Higgins, M., & Regan, M. (2016). Cybersecurity.
7. Bottom of Form
Top of Form
The United States. (2014). Cybersecurity: Threats to
communications networks and private sector responses: hearing
before the Subcommittee on Communications and Technology
of the Committee on Energy and Commerce, House of
Representatives, One Hundred Twelfth Congress, second
session, February 8, 2012.
Bottom of Form
Top of Form
Cambridge Educational (Firm), Films for the Humanities &
Sciences (Firm), & Films Media Group. (2007). CyberSecurity.
New York, N.Y: Films Media Group.
Bottom of Form
Top of Form
Wilshusen, G. C., United States., & United States.
(2012). Cybersecurity: Threats impacting the nation: testimony
before the Subcommittee on Oversight, Investigations, and
Management, Committee on Homeland Security, House of
Representatives. Washington, D.C.: U.S. Govt. Accountability
Office.
Bottom of Form
Top of Form
The United States. (2012). Cybersecurity: Threats to the
financial sector: hearing before the Subcommittee on Financial
Institutions and Consumer Credit of the Committee on Financial
Services, U.S. House of Representatives, One Hundred Twelfth
Congress, first session, September 14, 2011. Washington: U.S.
G.P.O.
Bottom of Form
Top of Form
The United States. (2008). Protecting the electric grid from
cybersecurity threats: Hearing before the Subcommittee on
Energy and Air Quality of the Committee on Energy and
Commerce, House of Representatives, One Hundred Tenth
Congress, second session, September 11, 2008. Washington:
8. U.S. G.P.O.
Bottom of Form
SECURITY AND SAFETY OF THE POWER GRID AND ITS
RELATED COMPUTER
INFORMATION SYSTEMS
1
Security and safety of the power grid and its related computer
information systems
Name of the student:
Name of the institution:
9. SECURITY AND SAFETY OF THE POWER GRID AND ITS
RELATED COMPUTER
INFORMATION SYSTEMS 1
Security and safety of the power grid and its related computer
information systems
Name of the student:
Name of the institution:
Evaluation Results
Author: Maverick Morgan
Date Evaluated: 06/12/2016 08:48:08 AM (MDT)
DRF template: Cyberwarfare (GR, C688, BWP2-0116)
10. Program: Cyberwarfare (GR, C688, BWP2-0116)
Evaluation Method: Using Rubric
Evaluation Summary for Cyberwarfare: BWP Task 3
Final Score: Does not Meet
Overall comments:
06/12/2016: The submission provides a very good discussion of
several
recommendations to protect the delivery of critical infrastructur
e services and
enable the timely detection of cybersecurity threats. However, It
is unclear which of
the recommendations are safeguards and which are functions or
systems. This
distinction is necessary to meet the requirements of the rubric f
or this assessment.
Plausible changes of both safeguards and functions/systems mus
t be discussed as
well to demonstrate competency.
Detailed Results (Rubric used: BWP2 Task 3 (0116))
Articulation of Response (clarity, organization, mechanics)
(1) 1=Not Evident (2) 2=Approaching Competence
(3) 3=Competent
Responses are unstructured or disjointed.
Vocabulary and tone are unprofessional or
distract from the topic. Responses contain
pervasive errors in mechanics, usage, or
grammar.
11. Responses are poorly organized or
difficult to follow. Terminology is misused
or ineffective. Responses contain errors in
mechanics, usage, or grammar that cause
confusion.
Responses are organized and focus on
the main ideas presented in the
assessment. Word choice is pertinent and
clearly conveys the intended meaning to
the audience. Responses reflect attention
to detail. Mechanics, usage, and grammar
promote understanding and readability.
Criterion Score: 3.00
A. Recommended Safeguards
(1) 1=Not Evident (2) 2=Approaching Competence
(3) 3=Competent
Specific recommended safeguards are not
provided, or the specific recommended
safeguards do not protect the delivery of
critical infrastructure services at the
Western Interconnection power grid.
The specific recommended safeguards
protect the delivery of critical infrastructure
services at the Western Interconnection
power grid, but an explanation is not
provided for how these recommended
safeguards will protect the critical
infrastructure services, or the information
provided contains inaccuracies.
12. The specific recommended safeguards
protect the delivery of critical infrastructure
services at the Western Interconnection
power grid, and an explanation is provided
for how these recommended safeguards
will protect the critical infrastructure
services.
Criterion Score: 2.00
Comments on this criterion: 06/12/2016: Several safeguards to p
rotect the delivery of critical infrastructure services are
recommended. However, a explanation of exactly how these saf
eguards will provide the protection and benefit the
Western Interconnection power grid could not be found.
B. Evolution of Safeguards
(1) 1=Not Evident (2) 2=Approaching Competence
(3) 3=Competent
Printed on: 06/12/2016 01:49:34 PM (EST)
https://www.taskstream.com/
A description is not provided, or the
description does not contain changes that
would be needed over time with the
evolution of cyber-related capabilities,
changing threats, and emerging
technologies.
The description contains changes that
would be needed over time with the
13. evolution of cyber-related capabilities,
changing threats, and emerging
technologies but does not address all
safeguards, or the described changes are
not plausible.
The description contains plausible changes
that would be needed over time for each
safeguard with the evolution of cyber-
related capabilities, changing threats, and
emerging technologies.
Criterion Score: 1.00
Comments on this criterion: 06/12/2016: A robust list of safegu
ards is provided. The discussion of plausible changes
needed over time for each safeguard with the evolution of cyber
-related capabilities, changing threats and emerging
technologies is not evident but is required.
C. Recommended Functions or Systems
(1) 1=Not Evident (2) 2=Approaching Competence
(3) 3=Competent
Recommended functions or systems are
not provided, or the recommended
functions or systems do not enable timely
detection of cybersecurity threats.
The recommended functions or systems
would enable timely detection of
cybersecurity threats, but the explanation
is not provided for how each function or
system would detect cybersecurity threats
or contains inaccuracies.
14. The recommended functions or systems
would enable timely detection of
cybersecurity threats, and an accurate
explanation is provided for how each
function or system would detect
cybersecurity threats.
Criterion Score: 1.00
Comments on this criterion: 06/12/2016: A very good list of rec
ommendations including certification bodies, security
improvement management systems, information sharing and freq
uent revision of laws and regulations is provided. It is
unclear which of the recommendations are safeguards and which
are functions or systems. This distinction is necessary
to meet the requirements of the rubric for this assessment.
D. Evolution of Functions or Systems
(1) 1=Not Evident (2) 2=Approaching Competence
(3) 3=Competent
A description is not provided, or the
description does not contain changes that
would be needed over time with the
evolution of cyber-related capabilities,
changing threats, and emerging
technologies.
The description contains changes that
would be needed over time with the
evolution of cyber-related capabilities,
changing threats, and emerging
technologies but does not address all
functions or systems, or the described
changes are not plausible.
15. The description contains plausible changes
that would be needed over time for each
function or system with the evolution of
cyber-related capabilities, changing
threats, and emerging technologies.
Criterion Score: 1.00
Comments on this criterion: 06/12/2016: This aspect will be re-
evaluated after the revision of aspects A and C.
E. Sources
(1) 1=Not Evident (2) 2=Approaching Competence
(3) 3=Competent
The submission does not provide in-text
citations and references according to APA
style.
The submission includes in-text citations
and references but does not demonstrate
a consistent application of APA style.
The submission includes in-text citations
and references and demonstrates a
consistent application of APA style.
Criterion Score: 3.00
Printed on: 06/12/2016 01:49:34 PM (EST)
https://www.taskstream.com/