4. financial services firm on
Wall Street. He is in the middle of a meeting in his office when,
all of a sudden, there is a
flurry of activity outside his door. Employees are forming
huddles around their computers
and tensely reading from their screens. Kevin's private phone
starts ringing. He answers
it. It is his close friend and business confidant, Thomas Harper,
calling to inform Kevin of
an attack on the trading activity at the New York Stock
Exchange. Kevin quickly ends his
meeting so he can find out what is happening.
Disclaimer: The storyline and characters in this part of the
module are fictitious and were developed for the
purposes of this course. No association with any real person,
places, or events is intended or should be
inferred from the use of the fictitious names.
Scenario
Scene 1
Kevin turns on the television to catch the breaking news.
Here is a transcript of the news.
Headline: NYSE Brought to a Standstill!
News reporter: At 10:22 a.m., trading activity at the New York
Stock Exchange spiraled
out of control.
News Reporter: The stock ticker data projected by the Exchange
displayed obvious
irregularities, including missing digits and unrealistic price
fluctuations, sending brokers
and investors scurrying to find accurate data.
6. Scene 2
Kevin's firm has prospered over the past 150 years and is a
leader in the financial
industry. The firm has been a trusted advisor to senior
government leaders. Kevin is
invited to serve on a blue-ribbon panel set up by the government
to investigate the
attack on the stock exchange and to study ways to meet
cybersecurity challenges.
The blue-ribbon panel's charter is to assess the fundamental
reasons for the stock
exchange being vulnerable to attack through the Internet. The
blue-ribbon panel will
study national cybersecurity strategy. In particular, the team
will identify gaps in the
strategy with respect to coordination between the public and
private sectors.
Prior to his first meeting with his fellow panelists, Kevin makes
some notes over coffee at
home.
Points of Consideration
Emerging technologies
Emerging strategies
How to integrate across the nation's footprint
How to trigger cross-sector growth and market forces to
improve cybersecurity
How to improve government's ability to seed the market
9. reported on the
Networking and Information Technology Research and
Development (NITRD) program
in January 2011. The NITRD program is interested in "leap-
ahead" technologies. New
thinking has emerged that seeks to borrow successful strategies
from other fields to
enable a more nimble and proactive approach to security.
New concepts include cybereconomics, seeking to leverage
market forces, and deriving
self-healing methodologies from nature for application to
network security. Other
examples of new thinking include Tailored Trustworthy Spaces
and Moving Target
defenses. Emerging concepts seek to create dynamic structures,
architectures, and
defenses. Many defenses are static and cannot respond
strategically to a dynamic
threat. The NITRD program has identified several priority
areas, and federal research
and development funding should align with these priorities.
The Defense Advanced Research Projects Agency (DARPA), for
example, reported in
November 2011 that it would accelerate its cybersecurity
funding by more than 70
percent from $120 million in fiscal year 2011 to $208 million in
fiscal year 2012 (Hoover,
2011).
Reference: Hoover, J. N. (2011, November 7). DARPA boosts
cybersecurity research spending 50%.
Information Week. Retrieved from
http://www.informationweek.com/news/government/security/23
10. 1902495
Big Data (BD)
Big Data is a term applied to data sets whose size is beyond the
ability of
commonly used software tools to capture, manage, and process
the data within a
tolerable elapsed time (NITRD, n.d.).
Reference: Networking and Information Technology Research
and Development program (NITRD). (n.d.).
Big Data (BD SSG). Retrieved from
http://www.nitrd.gov/subcommittee/bigdata.aspx
Human Computer Interaction and Information Management
(HCI&IM)
HCI&IM focuses on information interaction, integration, and
management research to
develop and measure the performance of new technologies (e.g.,
robotic,
multimodal), agents, cognitive systems, and information
systems that support the
hierarchy and refinement of data from discovery to decision and
action by both
humans and computers working together and separately.
Reference: Networking and Information Technology Research
and Development program (NITRD). (n.d.).
Human Computer Interaction and Information Management
Coordinating Group (HCI&IM CG). Retrieved
12. forefront of 21st
century science, engineering, and technology.
Reference: Networking and Information Technology Research
and Development program (NITRD). (n.d.).
Interagency Working Group on High End Computing (HEC
IWG). Retrieved from
http://www.nitrd.gov/subcommittee/hec.aspx
Software Design and Productivity (SDP)
The SDP R&D agenda spans both the science and the
technology of software
creation and sustainment (e.g., development methods and
environments, V&V
[verification and validation] technologies, component
technologies, languages, tools,
and system software) and software project management in
diverse domains. R&D
will advance software engineering concepts, methods,
techniques, and tools that
result in more usable, dependable, cost-effective, and
sustainable software-intensive
systems.
Reference: Networking and Information Technology Research
and Development program (NITRD). (n.d.).
Software Design and Productivity Coordinating Group (SDP
CG). Retrieved from
http://www.nitrd.gov/subcommittee/sdp.aspx
Social, Economic, and Workforce Implications of IT and IT
Workforce
14. development initiatives and helps
avoid redundant efforts among federal research laboratories.
Consistent with NITRD
priorities, a pair of organizations, DARPA and IARPA, are
heavily engaged in
cybersecurity research and development investments. The
budgets of both
organizations, which are partially classified, amount to billions
of dollars.
This table gives a brief description of DARPA and IARPA.
Organization DARPA
IARPA
Stands for: Defense Advanced Research
Projects Agency
Intelligence Advanced
Research Projects Activity
Formed in: 1958
Originally named Advanced
Research Projects Agency
(ARPA); renamed DARPA in
1972
2006
Operates under: Department of Defense (DoD) Office of the
16. risks in cyberspace today. Therefore, there is wide
acknowledgement of the need for
active monitoring of networks.
Remote Monitoring Agents
Remote monitoring agents conduct centralized, remote tests of
the security of networks.
Remote agents do not require large amounts of manpower, so
tests can be performed
rapidly and efficiently without a backlog developing. Remote
agents can be loaded by a
client or a server. The agents operate from a centralized
location, thus saving travel time
and travel costs.
Step 1: Remote agents accept commands from a centralized
security process, using a
secure connection.
Step 2: These remote agents run certain tests and report results
back to the centralized
location.
Step 3: A remote agent is able to conduct tests on a network
without transgressing
nonsecure protocols in a firewall.
Forensic Examinations
Forensic examinations are also feasible with remote agents.
Notwithstanding
sophisticated security technologies, manpower-intensive human
intervention and
analysis are still required. Moreover, examination is often
18. nodes.
Try This!
Match each type of technology to the organization that sponsors
or administers it.
Type of Technology Organization
1. A new tool for detecting botnets
a. Military laboratories; e.g., Army
Research Laboratory (ARL),
Naval Research Laboratory (NRL)
2. A proposed battle-ready vehicle with
advanced security and safety
features to protect against improvised
explosive devices
b. Department of Defense
Information Assurance Program
(DIAP)
3. An army-specific technology to
prevent against intrusions during
traditional military conflicts
c. National Science Foundation
(NSF) Scholarship for Service
(SFS) Program
4. A new type of cybermalware that can
be used as an offensive measure in a
cyberwar
20. Topic 4: Government Funding of Cybersecurity Technologies
NSA Initiatives
The research and development budget of the National Security
Agency (NSA) is highly
classified. NSA's funding efforts align with NITRD priorities,
although the Intelligence
Community also has its own priorities. NSA, through its
collaboration with DHS and the
National Science Foundation (NSF), is heavily engaged in
workforce development as
well as R&D. Cybersecurity has become so important that
funding is now available for
much more than just technology. Funding is provided to develop
methodologies, and
even for training.
NSA also regularly utilizes Cooperative Research and
Development Agreements
(CRADAs) to implement development relationships.
Key Features of CRADAs
This non-Federal Acquisition Regulation (FAR) mechanism
enables the government
to work collaboratively with companies, universities, and
nonprofits to develop
capabilities.
CRADAs provide a mechanism for technology development
that is more flexible than
the FAR mechanism. Contracting mechanisms under the FAR
require specificity to
enable articulation of government requirements and statement of
22. The Science and Technology (S&T) Directorate at DHS is the
department's counterpart
to DARPA, IARPA, and other R&D bodies in the federal
government. In 2010 and 2011,
S&T issued a comprehensive Broad Agency Announcement
(BAA) for a number of
cybersecurity categories such as cybereconomics, Moving
Target defenses, and other
emerging concepts. S&T utilizes a variety of contracting
mechanisms to fund novel and
cutting-edge approaches and technologies.
DHS also emphasizes partnering approaches, to the extent that
they are permitted
under the Federal Acquisition Regulation. DHS has the added
benefit, based on
language in the Homeland Security Act and Homeland Security
Presidential Directive 7
(HSPD-7), to collaborate with industry sectors to ascertain the
cybersecurity needs of
those sectors. For example, the medical sector might have
heightened privacy protection
needs.
Reference: U.S. Department of Homeland Security (DHS).
(2003, December 17). Homeland Security
Presidential Directive 7: Critical infrastructure identification,
prioritization, and protection. Retrieved from
http://www.dhs.gov/xabout/laws/gc_1214597989952.shtm
UMUC Cybersecurity Capstone
24. the private sector, and this dependency underscores the need for
flexibility and
partnership across a wide variety of communities (DHS, 2010,
p. 1).
Reference: National Commission on Terrorist Attacks upon the
United States (9/11 Commission). (2004,
July 22). The 9/11 Commission report. Retrieved from
http://govinfo.library.unt.edu/911/report/911Report.pdf
Reference: U.S. Department of Homeland Security (DHS).
(2010, September). National Cyber Incident
Response Plan (interim version, September 2010). Retrieved
from
http://www.federalnewsradio.com/pdfs/NCIRP_Interim_Version
_September_2010.pdf
The Federal Government on Information Sharing
The national focus on improving cybersecurity originated at the
federal level. National
strategy documents drive military strategy, which further drives
operational programs
across the military services, with similar processes taking place
within interagency
support mechanisms. Meanwhile, the growing sophistication and
gravity of the online
threat has resulted in grassroots efforts emerging in response to
local needs. As the
nature of the threat is asymmetric, traditional border defenses
(e.g. protections provided
at the federal level) do not offer adequate protection.
Information Sharing at the Local Level
27. events nationally since 2002.
Reference: Institute for Information Infrastructure Protection
(I3P). (2008). About the I3P. Retrieved from
http://www.thei3p.org/
Academic Institutions
The Berkman Center for Internet and Society at Harvard
University is dedicated to the
study of the Internet and its impact on society. At Stanford
University, the Center for
Internet and Society operates under the auspices of Stanford
Law School. These
programs generally study societal impacts stemming from
Internet growth. They delve
into privacy, commerce, socioeconomic changes, international
dimensions, and the
growing case law that is driving risk management
considerations and changing business
priorities.
Many academic institutions have developed Internet,
cybersecurity, privacy, and
homeland security programs. These institutions include the
University of Maryland; the
Center for Homeland Security at the University of Colorado at
Colorado Springs; and a
DHS-funded, emergency operations-focused Homeland Training
Institute at the College
of Dupage in Glen Ellyn, Illinois. Although these programs are
few in number, they are a
sign that academia is responding to the need to educate and
train society in an
emerging discipline that has been called homeland security,
critical infrastructure
29. CIAT)
(Colorado Springs, Colorado)
These initiatives have taken different forms, from for-profit to
government-administered
to nonprofit. All of these initiatives focus on cybersecurity
awareness and training for
individuals and organizations. CyberCityUSA has a major
workforce development
component. All of these programs are responses to the need to
improve cybersecurity
awareness and capabilities at local levels.
Report
In October 2011, the House Republican Cybersecurity Task
Force issued its report and
recommendations concerning the approach Congress should
pursue to improve
cybersecurity. The task force stated:
There is widespread agreement that greater sharing of
information is needed within
industries, among industries, and between government and
industry in order to
improve cybersecurity and to prevent and respond to rapidly
changing threats.
There are several organizations designed to help facilitate
information sharing now,
and there is some sharing going on with varying degrees of
success. But not nearly
enough.
33. community strategy is preferable. Kevin proposes that greater
sharing of information is
required, while some members of the panel oppose his view.
Recommendation by the House Republican Cybersecurity Task
Force
In October 2011, the House Republican Cybersecurity Task
Force issued its report and
recommendations concerning the approach Congress should
pursue to improve
cybersecurity. The task force stated:
There is widespread agreement that greater sharing of
information is needed
within industries, among industries, and between government
and industry in
order to improve cybersecurity and to prevent and respond to
rapidly changing
threats.
There are several organizations designed to help facilitate
information sharing
now, and there is some sharing going on with varying degrees of
success. But
not nearly enough.
We largely agree with those who believe that a new entity –
separate from the
federal government but perhaps partially funded by the federal
government – is
needed to sponsor this sharing to allow for active defense.
(House Republican
Cybersecurity Task Force, 2011, p. 10)
35. Kevin's
Counterargument
(C1):
I disagree with you.
The Internet should be
managed by a
combination of
government and
nongovernment
organizations. This
model has been very
successful with regard
to information sharing,
and would work well
regarding security.
Kevin's
Counterargument
(C2):
I do not agree. The
government and
private sectors need to
work together. This is
the only logical
approach, since they
are both users of the
Internet, and a good
deal of critical
infrastructure is in the
private sector. These
organizations need to
have a voice in the
ways in which the
Internet is going to
become more secure.
36. Kevin's
Counterargument
(C3):
The Internet is doing
just what its founders
wanted it to do.
Perhaps a better
suggestion is having
the government
become more involved
in the Internet 2.0
project, which is an
effort to make the
current Internet more
robust, secure, and
safe for business
transactions and other
purposes.
Panelist's Argument (A1):
We should press the government to take more control of and
responsibility for the Internet, allowing businesses and
government
organizations to minimize threats to individual users. This
would be a
step toward making the Internet more secure, safe, and
trustworthy.
Panelist's
Counterargument (A4)
Panelist's
Counterargument (A3)
38. breached by various
attacks.
Kevin's
Counterargument
(C2):
Let's be practical here
for a moment. Neither
the government nor the
private sector is
capable of making
these improvements by
itself. The greatness of
the Internet is that it
highlights what good
can come about when
the government and
private industry work
together.
Kevin's
Counterargument
(C3):
In general, the U.S.
government prefers to
have industries
regulate themselves,
thus allowing the
government to take a
limited role in oversight
or even a completely
laissez-faire approach.
Some examples of
industries that have
this type of self-
regulation are the
40. Kevin's
Counterargument
(C1):
What really matters is
that both groups of
users collaborate on
ways to explore how
an evolving technology
like the Internet can
have security built into
it. Security also needs
to be added in the
places where we all
agree there is an
increased need for
security.
Kevin's
Counterargument
(C2):
Let's leave the Internet
to the IT professionals
who have the technical
knowledge to make it
safer and more secure.
Putting the brainpower
of the government's
engineers and
scientists together with
those from the private
sector will get us the
best of both worlds.
Kevin's
Counterargument
(C3):
41. I think you need to be
patient with things
related to IT, as the
Internet did not
develop overnight.
With a little bit of
patience, we can have
both government and
nongovernment groups
working together. As
the old adage goes,
two heads are better
than one, and this
surely applies to
Internet security.
Panelist's Argument (A3):
The Internet has changed so much since it was invented. Today,
it is
essential to have the government take more control of the
Internet,
since citizens look to the government for safety and security.
This
step is just a logical extension of the responsibility held by the
government.
Go to Conclusion (A7)
Go to Conclusion (A6)
Go to Conclusion (A5)
43. Kevin's
Counterargument
(C1):
The United States is a
capitalist country
where many public-
private partnerships
have been powerful
and successful
mechanisms for
dealing with problems.
We are in favor of a
similar solution in
which both sectors will
work together to solve
the many complex
security problems that
currently exist with the
Internet. Hopefully, in
the future, this
approach will be able
to fix Internet security
problems before they
become serious
44. issues.
Kevin's
Counterargument
(C2):
The government is
already doing a good
job of sharing
information about
cyberthreats and
vulnerabilities in
software and hardware
through the United
States Computer
Emergency Readiness
Team (US-CERT). Isn't
this enough? We can't
expect the federal
government, or an
entity sponsored by the
government, to
become more active in
cyberdefense.
Software vendors
publish a variety of
security bulletins and
advisories. We can't
expect the government
to do what companies
should be doing
themselves.
Kevin's
Counterargument
(C3):
For two decades, we
45. have had the CERT
Coordination Center
(CERT/CC) available
to help organizations
deal with virus
infections, hacker
intrusions, and Web
site defacements. Over
the past 10 years, the
government has
invested heavily in
programs to train FBI
personnel, the
InfraGard program,
local law enforcement,
and various federal
agencies in dealing
with cybercrime.
Panelist's Argument (A4):
We are in agreement that the federal government should take the
lead in regulating and securing the Internet. However, if this is
not
possible, then the government needs to fund a quasifederal
entity
that will control Internet security.
Go to Conclusion (A7)
Go to Conclusion (A6)
Go to Conclusion (A5)
47. government and industry, so cybersecurity can be improved and
rapidly changing
threats can be addressed.
2. While several organizations exist that are intended to
facilitate information sharing,
and some sharing is going on with different levels of success,
this is not nearly
enough, given the recent incidence of attacks and the possibility
of large-scale
cyberwarfare.
3. There is widespread support for placing the federal
government in charge of
cybersecurity. As a noncommercial entity, its goals are based
not on profit motives,
but rather on serving the community. Having the government in
control would add to
consumer confidence and help ensure improved safety practices.
Key Points Against
1. The government does not need to be involved any more than
it already is. The
United States is a capitalist society in which organizations
succeed or fail based on
the business decisions they make.
2. Many organizations are involved in regulating the Internet.
These include the Internet
Engineering Task Force (IETF), the Internet Corporation for
Assigned Names and
Numbers (ICANN), the World Wide Web Consortium (W3C),
and the Internet
49. was funded,
engineered, designed,
and built by the
government. It makes
sense that the
government should
design and implement
controls. Society needs
the government to be
in charge.
Panelist's
Counterargument
(C2):
Government
involvement in the
Internet would create
powerful and useful
regulations, laws, and
compliance audits.
This would end up
costing companies a
small amount of extra
money, which should
be offset by increased
revenue as customers
realize that they are
receiving a more
secure level of service.
Panelist's
Counterargument
(C3):
Perhaps a better
50. suggestion is having
the government more
involved today. For
instance, it could make
the current Internet
more robust, secure,
and safe for business
transactions and other
purposes. It should
have a major role in
the Internet 2.0 project.
Kevin's Argument (A1):
We should have the private and public sectors work together,
not
against each other. Collaboration will provide better overall
control of
the Internet, and society as a whole will receive the largest
overall
benefit.
Kevin's
Counterargument (A4)
Kevin's
Counterargument (A3)
Kevin's
Counterargument (A2)
52. oversight or even a
completely laissez-faire
approach. Some
examples of industries
that have this type of
self-regulation are the
medical, legal, and
accounting professions.
Each of these
professions has a code
of ethics and a
documented set of
disciplinary procedures.
Kevin's Argument (A2):
Involving the government in securing the Internet is not the
right
approach. The Internet is functioning as it was designed to do.
There is a huge, worldwide network that provides many useful
services for individuals and companies. It would be
inappropriate for
the U.S. government to now institute more regulations related to
this
technology for two major reasons. First, today's Internet is an
internationally used technology, and second, the Internet is
already
regulated by different international bodies.
Go to Conclusion (A7)
Go to Conclusion (A6)
Go to Conclusion (A5)
54. (C2):
Let's leave the Internet
to the IT professionals,
the same people who
originally architected it
and who have the
technical knowledge to
make it more secure.
These engineers have
the necessary
experience and know
what they are doing.
Panelist's
Counterargument
(C3):
You should be able to
use the Internet
securely with the
government's help. The
federal government
has the same security
needs or perhaps, as
some cybersecurity
professionals might
argue, even greater
security needs than
most organizations and
individuals.
Kevin's Argument (A3):
The Internet has changed so much since it was invented. Today,
it is
essential to have more information sharing about threats and
vulnerabilities than ever before, because individuals and
businesses
56. (C2):
The government is
already doing a good
job of sharing
information about
cyberthreats and
vulnerabilities in
software and hardware
through the United
States Computer
Emergency Readiness
Team (US-CERT). Isn't
this enough? We can't
expect the federal
government or an
entity sponsored by the
government to become
more active in
cyberdefense.
Software vendors
publish a variety of
security bulletins and
advisories. We can't
expect the government
to do what companies
should be doing
themselves.
Panelist's
Counterargument
(C3):
For two decades, we
have had the CERT
Coordination Center
(CERT/CC) available
to help organizations
57. deal with virus
infections, hacker
intrusions, and Web
site defacements. Over
the past 10 years, the
government has
invested heavily in
programs to train FBI
personnel, the
InfraGard program,
local law enforcement,
and various federal
agencies in dealing
with cybercrime.
Kevin's Argument (A4):
We agree broadly with those who support the creation of a new
entity that will sponsor this sharing to allow for active defense.
This
entity would be separate from the federal government, but it
might be
partially funded by the government.
Go to Conclusion (A7)
Go to Conclusion (A6)
Go to Conclusion (A5)
Panelist's
Counterargument
(C1):
The United States is a
59. that it can make the Internet more secure.
Kevin's Conclusion (A6)
I believe that the government has the largest group of computer
scientists, electrical
engineers, and cybersecurity professionals who can help make
the Internet more
secure.
Kevin's Conclusion (A7)
I strongly believe that the U.S. government possesses the best
institutions and methods
for sharing information about Internet security. Dedicating more
resources to this area
would boost its own security, which is desirable because the
government is highly
vulnerable to cyberattacks and even cyberwarfare.
Summary
Key Points For
1. More information sharing is needed within and among
industries, as well as between
government and industry, so cybersecurity can be improved and
rapidly changing
threats can be addressed.
2. While several organizations exist that are intended to
facilitate information sharing,
and some sharing is going on with different levels of success,
this is not nearly
enough, given the recent incidence of attacks and the possibility
of large-scale
cyberwarfare.
60. 3. There is widespread support for placing the federal
government in charge of
cybersecurity. As a noncommercial entity, its goals are based
not on profit motives,
but rather on serving the community. Having the government in
control would add to
consumer confidence and help ensure improved safety practices.
Key Points Against
1. The government does not need to be involved any more than
it already is. The
United States is a capitalist society in which organizations
succeed or fail based on
the business decisions they make.
2. Many organizations are involved in regulating the Internet.
These include the Internet
Engineering Task Force (IETF), the Internet Corporation for
Assigned Names and
Numbers (ICANN), the World Wide Web Consortium (W3C),
and the Internet
Governance Forum (under the United Nations).
3. For two decades, the United States has been a leader in
sharing information about
threats and vulnerabilities related to software and hardware that
governments and
private-sector companies use. In addition, US-CERT, CERT/CC,
the FBI's InfraGard
program, and various federal, state, and local law enforcement
agencies have
adequate resources to help organizations defend themselves in
the event of an
attack.
63. coordination and cooperation initiatives. Although the Five
Eyes alliance involves the
same countries, this alliance focuses more on intelligence
sharing instead of defense
R&D (TTCP, 1983).
In connection with its defense-related security agreements,
including the North Atlantic
Treaty Organization (NATO) and bilateral relationships across
the globe, DoD has
engaged in a vast number of collaboration, assistance,
coordination, and exercise
activities. NATO, for example, was forced to address incidents
in Estonia and Georgia.
DoD efforts played a part in these technical and policy
discussions.
The "Department of Defense Strategy for Operating in
Cyberspace" released in July
2011 states that one of its initiatives is to "build robust
relationships with U.S. allies and
international partners to strengthen collective cybersecurity"
(U.S. Department of
Defense, 2011a, p. 9). The emerging strategy intends to treat
cyberattacks on a similar
footing with any other threat or attack, and the United States
would afford assistance to
allies on par with conventional options. It has also been made
clear in statements by the
deputy secretary of defense that the Law of Armed Conflict
operates in cyberspace, and
that constraints on the use of force would utilize the same
analysis (U.S. Department of
Defense, 2011b).
65. environment in which Internet experts work to develop
standards and protocols to
improve the functionality and interoperability of information
systems and the Internet.
The IETF is not solely focused on security; however, the
organization does develop
Internet security standards, processes, and protocols.
ICANN
The Internet Corporation for Assigned Names and Numbers, or
ICANN, operates with a
team of security practitioners who "ensure effective engagement
in topics relating to
security, including cyber security and other forums related to
security, stability and
resiliency" (ICANN, n.d.).
ICANN is a promoter of DNS security (DNSSEC), and it assists
domain name registries
across the globe on security matters. Like IETF, ICANN is not
principally focused on
security; however, given the changes in the Internet and the
increased need for security,
ICANN has gotten involved with the issue. ICANN's particular
focus regarding security is
not with security tools, technologies, or operational mechanisms
related to cybersecurity;
rather, ICANN sits at a strategic level and is primarily
interested in the resiliency aspect
of security.
Reference: Internet Corporation for Assigned Names and
Numbers (ICANN). (n.d.). Retrieved from
https://www.icann.org/en/security/
66. W3C
The World Wide Web Consortium, or W3C, is an international
organization that develops
standards related to the Internet. W3C has developed standards
for XML technology,
Internet architecture, and application standards. Though W3C is
not principally a
cybersecurity body, it has created a number of cybersecurity
groups. W3C's security
activity is currently composed of two working groups and one
interest group.
XML Security Working Group
The XML Security Working Group "focuses on maintaining and
revising the XML
Security Specifications" (W3C, 2011).
Reference: World Wide Web Consortium (W3C). (2011).
Security activity statement. Retrieved from
http://www.w3.org/Security/Activity
Web Application Security Working Group
"The Web Application Security Working Group has the mission
to develop security and
policy mechanisms to improve the security of Web
Applications, and enable secure
cross-site communication" (W3C, 2011).
Reference: World Wide Web Consortium (W3C). (2011).
Security activity statement. Retrieved from
http://www.w3.org/Security/Activity
68. Initiative
1. Military laboratories such as
ARL, NRL
a. Short-term funding for new
cybertechnologies
2. NITRD b. Long-term funding for complex,
futuristic cyber and noncyberdefense
technologies
3. IARPA c. Funding for research projects
specifically to benefit U.S.
Intelligence Community organizations
4. DHS S&T Directorate d. Funding to support students
studying
in recognized cybersecurity degree
programs
5. DARPA e. Funding to support education of DoD
personnel in approved universities
with cybersecurity degree programs
6. Institute for Information
Infrastructure Protection
(I3P)
f. Funding for advanced research
projects that will "leap ahead" of what
70. Feedback:
The government needs a new strategy for public-private
partnerships, one that is framed
from a policy perspective.
Given the fact that 85-90% of the U.S. critical infrastructure is
in the private sector, it is
important to establish public-private partnerships. These
partnerships will facilitate
information sharing and, in the end, a stronger platform for
securing United States'
critical infrastructure. This is a very important policy initiative
that has been implemented
successfully in the U.S.
Question 2: Which of the following ideas would involve the
most collaboration with the
private sector?
a. Urging the government to develop new technologies
b. Identifying emerging technologies
c. Deciding which government agency should take the lead in
developing a new
strategy
d. Establishing long-term cross-sector initiatives
Correct Answer: Option d
Feedback:
Collaborating with the Federal government and other private
sector companies cannot
happen overnight. It takes time to build trust among and across
the organizations.
Additionally, this is a time consuming effort because it requires
getting ‘buy in’ from
72. to trust the government’s
intentions, 2) these companies need to become comfortable with
interacting with
competitor organizations in the same sector and, 3) private
sector companies must be
comfortable that this is a ‘win-win’ environment to improve
their organization’s
cybersecurity.
Question 4: Which of the following ideas about involving the
private sector in
cybersecurity efforts are initiatives that already exist?
a. Information Sharing and Analysis Centers
b. The FBI's InfraGard program
c. The Government Accountability Office
d. DHS's Cyber Security Awareness Month
Correct Answer: Options a, b, and d
Feedback:
Initiatives such as Information Sharing and Analysis Centers,
the FBI's InfraGard
program, and DHS's Cyber Security Awareness Month already
exist. GAO is not
involved in this operational aspect of cybersecurity.
Question 5: Which of these organizations would be able to help
the stock exchange
recover from the attack?
a. The New York Chamber of Commerce
b. The Better Business Bureau
c. The Financial Services ISAC
d. Information Systems Security Association
Correct Answer: Option c
74. d. Schedule semi-annual meetings of the blue-ribbon panel.
Correct Answer: Options a and c
Feedback:
Kevin's work on the blue-ribbon panel will be easier and more
productive if the other
members of the panel are recognized subject matter experts.
Additionally, establishing
subcommittees is a good way to organize the task.
Subcommittees are an excellent method to effectively address a
specific group of
issues. This approach allows a group of specialists to focus on
the unique issues that
their knowledge and interests can be focused upon. A good
example of this is the U.S.
Senate, which that has a committee on Foreign Relations. It also
has seven
subcommittees that are uniquely focused on areas such as
African Affairs, European
Affairs and Economic Affairs, and International Environmental
Protection.
Question 7: Why would the government want to "seed the
cybersecurity market?"
a. To create good public relations
b. To help the private sector realize that it is a key stakeholder
c. To assist the private sector in understanding the government's
responsibilities
d. To help develop additional private companies whose business
is focused on
cybersecurity
e. To develop an antagonist relationship with private sector
companies who fear more
75. government regulation and compliance regarding cybersecurity
Correct Answer: Options a, b, c, and d
Feedback:
All of these choices will help seed and educate the private
sector regarding
cybersecurity its risks, its challenges, and the need to work with
the government.
Over the past two decades, the U.S. government has learned that
effective cooperation
with the private sector is an essential element to effective
cybersecurity. In the U.S. it is
common across many disciplines to have the government allow
industries to self-
regulate themselves (i.e. medicine and law) and only take a
more invasive approach
when absolutely needed.
Question 8: Which of the following government organizations
would fund the "leap
ahead" technologies?
a. The Office of Management and Budget (OMB)
b. The National Security Agency (NSA)
c. The Department of Defense (DoD)
d. The Networking and Information Technology Research and
Development (NITRD)
program
Correct Answer: Option d
77. The NITRD program launched by the federal government is
interested in "leap
ahead" technologies, which borrow from successful strategies in
other fields to
enable a more proactive approach to security.
Active monitoring of networks is a critical present need, given
the persistent
asymmetric attacks plaguing the Internet. Remote monitoring of
networks, real-
time forensic analysis, and forensic examinations are methods
of actively
monitoring networks.
Organizations such as DARPA, IARPA, and NSA, along with
DHS S&T, are
heavily engaged in cybersecurity R&D.
Many organizations recommend sharing information laterally to
stay on the same
page with respect to cybersecurity developments. The Multi-
State Information
Sharing and Analysis Center (MS-ISAC) has been tasked with
sharing
information among supported state governments.
A number of academic institutions offer educational programs
on cybersecurity to
facilitate greater awareness and to bring many minds together to
collaborate on
79. Term Definition
CERT Coordination
Center (CERT/CC)
The purpose of the CERT Coordination Center (CERT/CC),
both within and without the United States, is to study Internet
security vulnerabilities, research long-term changes in
networked systems, and develop information and training to
help improve security (2011).
Reference: Carnegie Mellon. (2011). CERT® Coordination
Center
(CERT/CC). Retrieved from http://www.cert.org/certcc.html
Comprehensive
National Cybersecurity
Initiative (CNCI)
The Comprehensive National Cybersecurity Initiative (CNCI)
was established during the presidency of George W. Bush. It
outlines the president's national strategy and goals for
cybersecurity.
Cooperative Research
and Development
Agreement (CRADA)
A Cooperative Research and Development Agreement
(CRADA) is a mechanism that enables the government to work
collaboratively with companies, universities, and nonprofits to
develop capabilities.
Defense Advanced
Research Projects
80. Agency (DARPA)
The Defense Advanced Research Projects Agency (DARPA)
was formed to maintain the technological superiority of the U.S.
military.
InfraGard InfraGard is a private non-profit organization
comprising the
FBI, law enforcement agencies, academic institutions, and
businesses. The organization’s purpose is to share information
and intelligence to combat crime.
Institute for Information
Infrastructure
Protection (I3P)
The Institute for Information Infrastructure Protection (I3P) "is
a
consortium of leading universities, national laboratories, and
nonprofit institutions dedicated to strengthening the
cyberinfrastructure of the United States" (I3P, 2008).
Reference: Institute for Information Infrastructure Protection
(I3P). (2008).
About the I3P. Retrieved from http://www.thei3p.org/about/
Intelligence Advanced
Research Projects
Activity (IARPA)
The Intelligence Advanced Research Projects Activity (IARPA)
pursues research on behalf of the Director of National
Intelligence (DNI).
Internet Engineering
82. amounts of manpower, so tests can be performed rapidly and
efficiently without a backlog developing. Remote agents can be
loaded by a client or a server.
Real-Time Forensic
Analysis
Forensic analysis in real time is an investigative approach used
in cybersecurity that is related to situational awareness and
continuous monitoring.
Scholarship for Service
(SFS)
SFS scholarships fully fund students' educations at National
Centers of Academic Excellence in Information Assurance
Education (CAE/IAE) institutions with qualifying programs.
SFS
scholarship students, in return, serve in a cybersecurity role in
the federal government for a length of time equal to the duration
of their scholarships or for one year, whichever is longer.
United States
Computer Emergency
Readiness Team (US-
CERT)
United States Computer Emergency Readiness Team (US-
CERT) is a part of the DHS and coordinates and manages the
nation's cybersecurity requirements and associated risks.
Course Objective:
Assess cybersecurity technologies and policies that can
83. effectively counter cyber attacks at the enterprise, national, and
international levels. Where appropriate highlight cybersecurity
laws, regulations and legal concepts.
Competencies:
Systems Thinking, Information Literacy/Research Skills
Problem Solving
Ethical Leadership
Individual Assignment #1
Write an 18 page (approximately 5500 words) policy paper in
which you assess emerging cyber security approaches and
technologies and government efforts to nurture them. Your
paper must include: Cover Page, Table of Contents,
Introduction, Section Headings and Subheadings, Conclusions,
in-text citations and list of References, and page numbers. The
paper must be formatted according to the mandatory paper
format guidelines. The page count begins with the Introduction
and ends with the Conclusions and does not include any figures
or tables. Prepare your paper in Word (.doc or .docx). Include a
minimum of 8 credible, external sources. At least 75% of
references should be based on official reports, scholarly studies,
or peer-reviewed journal articles. The latest edition of Strunk &
White is the authoritative reference for grammar questions for
the assignment.
1.How do these emerging cybersecurity technologies and
prioritized research and development improve cybersecurity?
A. Clearly define these emerging technologies and their main
features.
B. Clearly define how an organization would use these
technologies.
C. Describe real-world examples of the use of these
technologies.
2.Discuss the role of the federal government in the support and
84. nurturing of these cyber security technologies.
A. Clearly discuss what benefits or drawbacks government
efforts to support new cybersecurity technologies may create.
B. Describe real-world examples that help support your
position.
A title page, table of contents and the reference pages are
required. The page count starts with the Introduction and ends
with the Conclusions. However, the page count DOES NOT
include figures and tables. Prepare your paper in Word (.doc or
.docx). Include a minimum of 8 credible, external sources. At
least 75% of references should be based on official reports,
scholarly studies, or peer-reviewed journal articles. The
citations and the reference list in the paper should be formatted
in accordance with APA 6th edition guidelines. The assignment
is due at the end of Week 3, by Sunday 11:59PM U.S. Eastern
Time.