2. • Threats to the security of the United States and
its citizens can come in many forms:
• Planes crashing into buildings
• Bombs detonated in crowded areas
• Mass murders can enter schools and kill innocent
children
• Cyber attacks on the banking industry, businesses,
government agencies, etc.
3. • The FBI, CIA, NSA and other federal, state and
local agencies are working diligently to detect
and prevent an event such as 9/11 from
occurring again
• In order to disrupt any type of criminal
activity, whether terrorism or any other type of
crime, we must think like the criminal
• We must understand where we have
weaknesses and what we need to do to prevent
them from being exploited
4. • Since 9/11, tremendous efforts have been made
to secure sections of our critical infrastructure
that fell victim to terrorists
• While these efforts are needed and necessary,
we must not be narrowly focused on from
where the next attack will come or take place
• Efforts must be made to protect all aspects of
our critical infrastructure to include cyber
systems
5. • Cyber security has been defined as security of
the nation’s computer and telecommunications
infrastructure to include military, all forms of
communications networks, electrical grids and
power plants.
6. • These attacks can involve both the public and
private sectors
• Government agencies
• Banks
• Businesses
• Power companies
• Any other organization that utilizes computer and
telecommunications systems
7. • The theory describes power in three different
circuits:
• Episodic circuit
• Social integration circuit
• System integration circuit
• The theory describes power relationships and
how they are interconnected
8. • The episodic circuit describes how events can
shape policy
• The events of 9/11 demonstrated how the lack of
communication left the nation in a vulnerable state
• The creation of the Department of Homeland
Security illustrates the episodic power of an
organization
• Redirecting funds and resources, implementing
personnel policy, oversight and other functions
were placed under the control of a single person
9. • The creation of DHS also affected congressional
functions
• This resulted in redirecting funds to certain
areas of the country under the pretense of
protection from terrorism
• Terrorism is a grave threat to the nation but
attacks are waged against organizations every
day that are not affiliated with a terrorist
organization
• We must take a holistic approach when
securing a nation
10. • We cannot focus solely on threats from one
source
• While terrorism is a serious threat to the nation,
threats to the security of the nation come from
many other areas and occur by many different
means
• Cyber security was placed on the back burner
and greater attention was placed on securing
the nation from a single type of threat and from
a single organization
11. • In the years following 9/11, it was unclear as to
who was in charge of cyber security efforts and
what was being accomplished to reach that
goal
• Episodic power played a key role in the
implementation of cyber security in the United
States
12. • Social and cultural differences can have grave
consequences on how policy is created
• Legislative actions were taken prior to 9/11 to
create a department tasked with protecting the
homeland but basically died in Congress due
to lack of interest
• It took the loss of thousands of lives and
billions in infrastructure to realize that efforts
were needed to protect the nation’s homeland
13. • Following 9/11, a bill was introduced to focus
on cyber security efforts
• The bill was debated but no action was taken
• Nearly a year later, another bill was introduced
that resulted in the creation of DHS
• Still, there was a lack of interest in securing the
nation’s cyber network
• Cyber security lost when trying to compete
with other national security functions
14. • It is argued that voicing concern about DHS
not focusing enough on cyber security would
appear unpatriotic
15. • The technological means of control over the
physical and social environment and the skills
associated with these means
• System integration is a strong source of
transformation and tension
• System integration relies heavily on the
management of an organization to explain the
new rules and norms implied by the system
• It must be done in such a manner that members
of the organization understand and are willing
to accept
16. • The Cyber Security Enhancement Act allowed
companies to provide government with customer’s
electronic information without a warrant or other
legal document
• It did not have to be provided following a request,
it could be the initiative of the company as an
“immediate threat to a national security interest”
which was later changed to “subjective good faith”
• This did not require judicial oversight or
notification to the person communicating the
information
17. • Buy-in from others in the organization is
needed during the design and development
stage of the system and not when the system is
being implemented
18. • Why does it take an event to occur before our
government begins to focus attention on the
situation?
19. • Dhillon, G. (2013). Enterprise cyber security:
Principles and practice. Washington, D.C.
Paradigm Books