Impact of Legislation on Organization
Richard Anthony
CSIA 412
Prof. Andrea Simpson
March 29, 2015
Introduction
In the past decade, every individual, and organizations did paperwork with a typewriter and a cabinet or book shelf to store their files. These days our old ways is been replaced by computers and databases or cloud. This in order words mean that government organization like the department of veterans affairs do their workload with computer, databases as to the old days.
This modern change makes some organization vulnerable to attackers. In other to reduce these treats from the attackers, cybersecurity rules and regulations were created to protect data stored within networks from attackers. In May 12 of 2011, the cybersecurity legislative proposal was created by the White House in order to US citizens from cyber-attack.
In this project, three points will be selected from the cybersecurity legislative proposal that will impact the veterans Affairs information security program. This project will analyze the impact on the Veteran Affairs modern information security program. The VA provide benefits to military veterans and their families.
Points of Analysis
First point of analysis
First policy to analyze is “Specific Criminalization of Damaging Critical Infrastructure Computers”. This policy makes attacks that affect confidentially, integrity and availability to a critical infrastructure computer illegal and punishable by jail time and
For this research paper, proposals from May 2011 Cybersecurity Legislative Proposal and the proposed Cyber Security Act of 2012 is considered which would impose specific requirements on State of Maryland information security policy. They are as follows:
The Cybersecurity Act of 2012 and its revised version S.3414 addressed several cyber security needs, which have been often overlooked or opposed. The nation stands vulnerable to cyber-attacks, as everyday technology is revamped and upgraded, while laws to protect the nation creep slowly through Congress. Many politicians have argued that these bills have imposed too much regulation on the cyber world and therefor oppose it (CITATION NEEDED). Congress needs to pass laws and regulations if they wish to help protect the nation from the growing threat of cyber-attacks, which can easily cripple the United States from across the globe. The Quadrennial Homeland Security Review Report reveals that the threat of cybercrime is a growing concern.
H.R. 1731, the National Cybersecurity Protection Advancement (NCPA) Act, is bipartisan bill passed unanimously by the Committee on Homeland Security. This pro-privacy, pro-security bill ensures the sharing of cyber threats is transparent and timely. It strengthens the NCCIC’s role as the lead civilian interface for cyber threat information sharing by: Providing liability protections for the voluntary sharing of cyber threat indicators and defensive measures with the NCCIC or private-to-private. Granting liability protections for private companies to conduct network awareness of their own information systems. Allowing companies to operate defensive measures and conduct network awareness on information systems they own or operate. The NCPA Act also ensures personal information
With the Age of technology advancing, the more cyber-attacks are occurring. Many of our information are on computer networks and we like to think that our information is well protect. But how protected is our information? Cybersecurity bills are introduced in Congress almost every year. These bills regularly imply to permit organizations and the government to divulge dangerous information for a “cybersecurity” reason to secure and safeguard against attacks against networks and computer systems.
Introduction: - for my research project, I would like to explore about the cyber security measures. Cybersecurity covers the fundamental concepts underlying the construction of secure systems from the hardware to the software to the human computer interface, with the use of cryptography to secure interactions. These concepts are easily augmented with hands-on exercises involving relevant tools and techniques. We have different types of computer related crimes, cybercrimes, computer related offenses, federal approaches defenses. The information resources management has the technical matters for which IT are widely known. Cyber resources and cyber power as well as cyber security. We have spent a lot of time talking about many different high level critical infrastructure protection concepts we have general rule stayed away from cyber security explaining the ins and out of how the NIPP and NRF work together to ensure that we can live our daily live in relative comfort.
The issue of strong cybersecurity efforts in the United States has been especially topical in 2017, and on the rise over the last few years. The Equifax breach and the breaching of the Democratic Party during the 2016 Presidential Election are recent examples that are bringing up the conversation of cybersecurity and make citizens curious of whether or not the United States government has plans in place to deter these events from happening. People are already worried about the damages these attacks can cause with consequences such as stolen information or monetary loss of close to five billion dollars in 2017 alone (cybersecurityventures.com). Although there are already solid plans in place to raise cybersecurity efforts in the United
By working in partnership with professional colleagues, can help to overcome perceived boundaries between services and organisations,
This security profile of the Department of Veterans Affairs (VA) is based on two documents of public record. The first is the published VA Handbook 6500 (VAH 6500) which defined policy and procedures for systems within the purview of the VA (Department of Veterans Affairs, 2007). The second document is the Federal Information Security Management Act Assessment for FY 20011 commissioned by the VA Office of Inspector General (OIG) and performed by Ernst & Young in accordance with Federal Information Security Management Act (FISMA) guidelines (VA Office of Inspector General, 2012, p. i).
The EO13636 chief objective is to improve the Cybersecurity Framework of principles and determine what the best practices are that may possibly be taken to decrease the threat from all cyber dangers. Under EO13636, The Department of Homeland Security (DHS), National Security Staff, and The Office of Management and Budget (OMB) will coordinate with additional investors to advance the Cybersecurity Framework. National Institute of Standards and Technology executives are asking that everyone who is involved take an active role in the development of this Framework (Fischer et al., 2013)
We have to approve the Cybersecurity Act in order to protect ourselves as American people, from predators and harmful online hackers. Cybersecurity is highly needed in today’s society since this generation is a high tech, online generation. Since everything is moving towards computers and technology, we will need to protect our information to keep us, (especially American people since everyone hates us for many sensible reasons, even Americans their selves) and the world safe. We need to do anything and everything we can to have protection against online hackers, predators, terrorists, and cyber-criminals who want to use our and the world’s information for evil. We must do what we can to stop them in their path to keep them from accessing our private information to share with others, or use against us.
Computers have become part of our daily complex lives; we depend heavily on computers to help break our complicated lives down. Most people now prefer to do things the digital way and so does companies. Most of trading (buying and selling) is now online which requires computers. In order to satisfy our hunger for digital living, there is a need for technology called the operating system to carry out the activities we require our computers to do. Computers and technology come in different forms and sizes and due to the capitalistic nature of our economy everyone is allowed to come up with their own form of computer and even the technology to run it. In recent years’ companies have gained interest doing business digitally and since software have become easier to write or code, it is also vulnerable- easy for programmers to access and exploit called hacking. Hackers are unapproved clients who break into a technological framework, change or decimate data, frequently by introducing hazardous malware without the insight and assent of the host company. Companies are now at risk of losing much more than money by doing business the digital way. It is in this view that the Security Exchange
People across the world are becoming disproportionately dependent on modern day technology, which results in more vulnerability to cyber-attacks including cybersecurity breaches. Today, the world continues to experience inordinate cases of cybersecurity meltdowns. There is a rapid growth in complexity and volume of cyber-attacks, and this undermines the success of security measures put in place to make the cyberspace secure for users. Cyber-attacks on both private and public information systems are a major issue for information security as well as the legal system. While most states require government organizations and certain federal vendors to report incidences of data breaches, no equivalent legislation exists to cover private entities.
Prevalent to the current trend now is the dependency of the society on Information technology and communication systems. Every aspect of human life is one way or the other linked and controlled by information technology tools. The importance of information technology cannot be over emphasized as its unavailability could lead to a form of disaster or the other. Pivotal infrastructures like finance, healthcare, education and security are driven by information technology. However, information technology and its benefits are accompanied by vulnerabilities and risks that can be exploited by people with the necessary technical skills. Individuals like ‘Hackers’ and ‘Cyber Terrorist’ can cause disruption to information systems, commit financial fraud and also attack computers and networks. These attacks and disruptions could result to violence against people and properties. In some cases, death, serious injuries and severe economic loss could occur as a result of these attacks.
By the year of 2016, investments in online security are expected to reach $86bn (Contu et al, 2012). Although this might seem a large sum of money, it is considered necessary since there is an increase in online risks from all over the world. Professional hackers develop malware on a global scale and on a 24/7 basis. Hackers have five objectives when spreading malware over the Internet: to infect/distribute, to steal, to persist, to control and for intelligence (Morris, 2010).
The fight against hackers and cyber crime is a global problem and nationally and internationally, the threats they caused have been recognized and acknowledged.