Cyber security is defined as the protection of important intellectual property as well as business information in digital form against misuse or theft. The proliferation of cybercrime is increasingly becoming a critical management issue with the United States government identifying it as one of the most serious national and economic challenges facing the nation (Lowe, 2014). Companies are therefore being forced to fend off pervasive cyber-attacks which come in the form of online fraud, release of sensitive information by disgruntled employees and hackers; who might use the information to sabotage the organization.
Given the complexity of such threats and their increasing pace, corporations and individuals are expected to adopt equally sophisticated approaches to cyber security through engagement from top level executives as well as other senior managers in protecting vital business information without compromising innovation and growth (Elson & LeClerc, 2006). In addition to management and individual-specific measures to counter cyber-attacks, it is vital to note that the existing legal framework should play an active role not only in enabling the internet users to counter it but also should help in preventing such attacks from happening in the first place.
Poorly constructed cybersecurity policies could disrupt business continuity by temporarily or permanently destroying their reputation or brand image, reducing employee morale which affects their productivity and overall business performance and precipitating in litigation which could be costly. Such disruptions have the potential to cause businesses or even government to lose huge amounts of money in settlement claims and mending public relations if efforts are not made to counter threats before they evolve fully (Kshetri & Murugesan, 2013).
One such case involved retail giants, Target, whose customers successfully filed class action lawsuits against the company and received large sums of money in compensation with the court ruling that the company played a huge role in allowing cyber criminals to access their data (Luckerson, 2016). Sony Inc. also suffered considerable brand damage following the cyber-attack that laid bare the personal information of both their employees and customers in 2014. These two cases just shows how much cybersecurity should be treated with the seriousness that it deserves if a country in the modern era is to remain cyber-secure.
Today, the cyber security experts do not believe or are rather not convinced that the Trump Administration is being resourceful in managing the cyber-attack concern from the policy and regulation perspective. As it stands, Trump has assigned the Department of Defense (DoD) and the chairman of the Joint Chiefs of Staff with the task of policymaking on cybersecurity. This decision is questionable in the first place because it is Homeland Security which is responsible for cybersecurity issues; it has the infrastructure and the capacity, historically, to handle these issues more effectively.
The high profile meeting that President Trump had with leading companies’ CEOs created a mood for collaboration especially with the tech supremos as well as the private companies for the purposes of developing and strengthening cybersecurity innovation. The lead shows that Trump is likely to concentrate on the objectives of preventing future attacks, securing the transport and delivery systems from hacking, development of legal systems to safeguard organizations, protection of consumer information, implementing policies that will reduce cyber-threats associated with DoD and building a diligent and resilient cyber workforce for the purposes of posterity in managing cyberattacks (McConnell, 2010).
Cybercrime in organizations
The main purpose of information protection is to safeguard an organization’s resources which include information, software and hardware. Through the application of appropriately selected safeguards, cyber security helps organizations to meet their goals and objectives by protecting their physical and financial resources, legal position, reputation, employees and tangible as well as intangible assets (Elson & LeClerc, 2006). It is not always easy however to develop and implement these security measures with accuracy due to the ever-evolving nature of the internet and technology. One of the most pressing challenges that businesses face in protecting organizational assets and information is the cost of implementation (Kshetri & Murugesan, 2013). Before any control measure is implemented it should be proven beyond reasonable doubt that there is a necessity to protect an entity from cyberattacks since the process is usually very expensive and may thus impact an organization’s capacity to be cost effective (Lowe, 2014).
Lowe (2014) notes that retailers, banks and federal agencies are usually the main targets of hacking but in reality, all businesses are at risk since the same information that is available to large organizations is the same that could be accessed from a small store and be used to steal from customers or even the institutions themselves. It is estimated that the average annual cost of losing sensitive information due to lack of a strong cyber security system is about $3.8 billion dollars globally although organizations were reported as having spent upwards of $71.1 billion dollars in 2014 alone in preventing cybercrimes (Lowe, 2014). This shows just how much organizations across the world are investing in cyber security despite the somewhat minimal risk of data loss.
It would however be a good idea if a business invested in securing its data even if chances of an attack happening are low than to ignore this fact and suffer from a breach; which has proven to be catastrophic in organizations that have suffered a breach. This is because the financial resources to be spent in payment of compliance fines, court fees, forensic and investigative processes as well as compensation to victims may be much more than the amount that would have been spent in preventing the breach (Elson & LeClerc, 2006).
To add to the difficulties of performing a cost-benefit analysis of setting up cyber security measures against data theft, organizations have varying concerns; a healthcare provider for instance may demand stricter security measures than a retailer. It is therefore difficult to determine the adequacy of security practices in a given enterprise and to provide support for the organization’s objectives. In this effect, Parodi (2013) notes that while it might be easy for highly regulated industries to adopt the best security procedures, finding the perfect fit in terms of strategy for industries such as retail remains a great challenge for the executives running such enterprises.
The management of an organization also plays a vital role in influencing the security measures to be taken as they are tasked with providing guidance not only in data protection but in the overall workings of an organization. Ideas concerning security must be presented to the decision making authorities who provide their final thoughts on the project. In as much as decisions to adopt a particular strategy might be approved, there will always be the challenge of defining the roles and responsibilities of stakeholders in implementing it (Cheng et al, 2017).
Implementing precautionary measures in protecting an organization’s data is also made difficult as a result of the advances made in the fields of technology and communication where information obtained from the internet has been converged like never before. Winmill et al (2014) posited that this has given rise to industrialization of cybercrimes where personal information as well as illegal commodities are being moved too quickly for law enforcement to stay abreast. This impacts the ability of an organization to respond to data security breaches leave alone implementing measures to detect potential cyber-attacks.
More must be done therefore to ensure that cybercrime is not only accurately and comprehensively assessed but that effective and timely responses are formulated to help organizations protect their clients’ data. Collaboration with internet security organizations and law enforcement therefore would be ideal in the identification of technologies that are susceptible to criminal exploitation (Elson & LeClerc, 2006).
International policing and investigation of cyber crime
As a transnational crime, cyber crime should involve transnational means of combatting it since an attack could be carried out in one country by criminals residing in a different country. In the absence of joint policing and investigative initiatives, it could be extremely difficult or even impossible to apprehend such criminals. As a result, there arises the need to combine the efforts of police, cyber security personnel, and governments of different nations so that they can exchange information regarding current trends in cyber crime so that they can formulate appropriate response strategies to each cybercrime threat (Winmill et al, 2014). In addition to that, parties in the fight against cyber crime get the chance to showcase forensic tools, receive updates from experts in the field of technology, and to crowd source funds aimed at financing policing and investigative procedures (Winmill, Metcalf & Band, 2014).
In as much as international policing efforts and investigation of cyber crime have resulted in a decrease in number of cyber crime activities owing to the identification and detention of cyber criminals, there is still a lot that needs to be done to further reduce instances of cyber crime. For instance, one area that requires improvement is legislation regarding cyber crime. The United Nations Conference on Trade and Development (UNCTAD) has managed to bring together 194 countries through global mapping where the state of e-commerce, consumer protection, and data privacy protection are tracked (Cheng et al, 2017).
However, not all member countries have adopted legislation regarding cyber crime and this becomes a cause for concern for the other countries because it hampers the joint investigation of cyber crime globally. In such a case, international agencies responsible for policing and investigation experience limitations that reduce their ability to fight cyber crime in totality. Should all the countries enact and adopt the legislation outlined by the United Nations (UN) body, efforts to fight cyber crime will be greatly get enhanced as data on cyber crime will be made available to all concerned parties (Saad-Filho & Tomkinson, 2017).
The role of individuals in the fight against cyber crime
Prevention of cyber criminal activities is the most important step in the fight against cyber crime (Cheng, Liu & Yao, 2017). This sort of response to cyber crime is based on the presumption that knowledge is power, and that the more information one has, the easier it will be for them to identify and stop cyber crime attacks before they cause irreparable damage. Every single user of technology around the world must ensure that they are aware of the risks as well as the consequences of exposure to the threat of cyber crime as this will put them in a better position to identify the most effective methods of preventing an attack. This is to say that everyone should, at a personal and corporate level, be able to identify the techniques and procedures of the cyber-criminal environment even if they are not Information Technology experts. Such an initiative would ensure that they adopt best practices which subsequently aid in mitigating the risks associated with cybercrime (Parodi, 2013).
National agencies involved in the United States’ fight against cyber crime
The Federal Bureau of investigation is the main federal agency tasked with investigating attacks by cyber criminals in the United States and beyond its borders. In the same way that the agency was forced to undertake some changes to better address the issue of terrorism following the 9/11 twin attacks, it is being forced to readjust to equally respond in a coordinated and cohesive manner to the ever-growing threat of cyber crime. The agency is responsible for undertaking several measures which include; identification of cybercrime threats, containment of such threats, undertaking forensic identification of affected computer networks, restoration of Information Technology infrastructure, and reporting or sharing of data with other law enforcement agencies across the world (Riley et al, 2016).
Another agency that has proven to be largely helpful in the fight against cybercrime in the United States is the Computer Crime and Intellectual Property Section (CCIPS) which operates under the United States Department of Justice. The Computer Crime and Property Section (CCIPS) is tasked with implementing the Department of Justice’s national strategies for tackling intellectual property crimes and combatting computer attacks. The agency also works with other government agencies to investigate, prevent or prosecute cyber crimes. Other than that, the Computer Crime and Intellectual Property Section also helps to improve international operational and technological efforts aimed at pursuing cyber criminals more effectively through training as well as litigation support for other law enforcement agencies. As cases of cyber crime become more rampant due to technological advances, it is expected that more collaboration will be required if this transnational crime is to be addressed more efficiently (Ahuja, 2010).
Efforts by the United States of America to tackle cyber crime
In as much as the threat of cybercrime is one that requires joint international efforts, the United States of America has taken a more proactive approach in the fight against this transnational crime. The foremost measure adopted by the nation has been educating and sensitizing citizens thereby creating a culture of security where all parties are made aware of possible threats as well as means of preventing them through mass media. Prevention, in this case, includes recommendations on how to secure Information Technology resources and infrastructure.
Secondly, the United States government has engaged in various cooperative ventures with private agencies to facilitate easier information exchange thereby providing a basis for assessment of security policies and subsequent identification as well as the implementation of better security strategies. The government through its legislative arm has also enacted hefty penalties and sentences for cyber criminals as a deterrent to individuals contemplating resorting to cyber crime. With such measures being adopted, it is expected that incidences of cyber crime in and around the country will reduce, and that probable attacks will be identified and stopped before they occur (Winmill, Metcalf & Band, 2014).
This study aims to evaluate the cybercrime policy and regulations in regards to President’s Trump will to fight this wrong in America. The cyber-deterrence framework, prevention of future cybercrimes, policy application, mitigating the attacks associated with DoD, securing transportation and Delivery systems, protecting companies, protecting consumer information, building a strong cyber workforce and lastly Trump’s position on cyberwarfare are assessed in the next section of policy Description.
The policy to be evaluated in this proposal is the Presidential Administration Policy in Cybercrime and Technology. The fact that cybercrime has extended its scope to government institutions has necessitated the establishment of a mechanism to ensure that any cyber threats are countered before they can cause damage to the government itself or/and businesses. The recently concluded presidential election in the U.S is still being investigated for a possible cybercrime which is suspected to have aided either of the candidates. At this level, it is no longer a secret that as technology advances so is cybercrime (Ramsay, 2015). The rampant nature taken by cybercrime is not only threat to the very establishments of civilization but is also rendering the world to repugnancy because of the little trust people and organizations are starting to have in technology. In order to address this policy adequately, several topical issues are explained in the following sections.
Prosecution of Cybercrime
As early as in 1940s, white collar crime as a new concept in the judicial system had emerged, however, the prosecution of white collar crime has been scanty. Sutherland in his studies on white collar crime concludes that opportunities for crime are the central component for both blue collar and white collar crimes. However, in white collar crime, he emphasizes that social position offers an individual to possess unquestioned authority and power which in turn provides them with a high possibility of carrying out crime. The article delves into Goffman’s ideas about barriers and back positions which act to strengthen the opportunities for commitment of crime (Engdahl, 2009).
The overriding insight in this article is that, by virtue of a person’s position, opportunities arise and build up the barriers that significantly prevent the rest of the population from understanding, foreseeing or even becoming aware of what goes on in terms of crime. The primary aides in white collar crime are the authority, social network contacts and technical as well as administrative skills that makes the crime so professional.
The recent studies on sentencing of white collar crime offenders indicate that although judges take a serious view of white collar crime, they are frequently influenced by other factors that generate non-incarcerative dispositions. In addition, judges tend to rely heavily on general deterrence as the main rationale for sentencing in white collar crime. Therefore, in deed white collar criminals are treated differently in the criminal justice system. Despite this dogmatic treatment of white collar criminals, there have been several successful prosecutions. For instance, a former UBS trader, Tom Hayes, was sentenced to 14 years in prison for manipulating labor interest; Magnus Peterson was imprisoned for perpetrating a very high value fraud on hedge fund (Wright, 2012).
Cyber threats are more relevant and prevalent in America like never before. One way to counter such threats is through cyber-deterrence. Every person is now a potential target for cyber-attack given the amount of information we have surrendered online. Personal identifying information, the bank accounts among other details are prone to data breach is proper cyber security systems are not put in place. Responding to such cyber threats and eliminating the threats altogether call for a complicated approach involving complex procedures which might prove to be inconvenient at times.
The U.S pursues both the offensive and defensive techniques in countering cybercrime. Such methods include actively pursuing suspected cybercrime criminals and putting in place preventive measures respectively. While this could be conceptualized as a rational way of tackling cybercrime, it can in the same manner be seen as doubtful especially when it comes to collecting of confidential information from foreign adversaries.
Cyber-publicity muddle represents the choice with respect to cyber threats. The adversaries would not be able to modify their cybersecurity dynamics if a government does not disclose its offensive-defensive countermeasures regarding cyberattack. However, “the disadvantages to such secrecy are that outside support for targets from their allies would decline, and deterrence effects on other enemies would lessen because they would neither be intimidated nor discouraged by the unknown response” (Mandel, 2017, p. 38). On the other hand, publicity of cybersecurity details could enable adversaries in fine-tuning to circumvent policy. United States is concerned about keeping balance between publicizing and concealing efforts to deter attacks and frustrate them. Therefore, striking a balance between secrecy and publicity in pursuing cyber-deterrence is matter of convenience; either strategy should be deployed depending on the nature of the attack and the sophistication of the adversaries.
Preventing Future Cyber-Attacks
Preventing future cyberattacks is a priority of any government or entity. The level of sophistication among the enemies’ progresses alongside the technology and so should preventive measures. The only way to beat future cybercrime is by staying ahead of the pack; any lapse would result to catastrophic damages. Intelligence incorporation of cybersecurity matters integrates “coordination among investigative agencies and information technology industries that design, operate, and maintain at-risk networks and systems” (Ramsay, 2015, no pagination). Precise intelligence on cybercrime is essential to deterrence and to system security development. Equally, effective enforcement on the existing and potential cyber threats serves as the benchmark for future parameters in cybercrime prevention. The institutional knowledge in cybercrime has been built upon alongside technology advancement and this would be a great resource for countering future attacks.
Cyber-intelligence plays a critical role in planning for future cyber security. This looks into the expert findings and reviews over the past incidences and how such can be molded to fit into present and possibly predict the future trends. The policy makers are of particular centrality to this matter because as they restructure cyber-intelligence every now and then, their focus should be zeroed on correct attributions and the warning systems (Lemieux, 2015). Precision in attribution not only saves time for the existing regulations and laws but also ensures that cyber-targets are updated in a timely manner on how they can refine their methods of cybersecurity. Equally, it becomes easy to identify and differentiate the perpetrators through techniques such as backward traffic tracing, potential beneficiary discovery, information correlation and anomaly analysis. It is also important to understand that the warning systems should possess professional capacities which enable it to evaluate and monitor intrusions, cyberspace as well as locate the attack sources and be able to establish a trail of such an attack in a quick manner.
The U.S Homeland security appreciates the doctrine of cyber-strategy. In particular, Michael Chertoff at Homeland Security and Timothy (a cybersecurity intelligence and defense consultant) state that “the doctrine should between low-level and high-level cyberattacks, explain the justification behind responses to cyberattacks and behind treating some as acts of war, make known in advance the extreme weapons and tactics that might be part of a cyber-threat response” (Mandel, 2017). Having a strategy for cyber-security is as necessary as having a business plan for a company or having a strategic printout for an institution. With computers, technology and much innovation at workplace, it is no longer a matter of experts to safeguard the organization’s data but an issue which should be taken up by every employee.
Policy exploration within the U.S has often taken a dynamic turn as some of the most traditional crimes are now done online. It is vital to state here that, exploring the cybersecurity policies through the scholarship lens is essential for boosting the understanding and the scope of computer abuse, computer-oriented crime and computer crime as well the specific categories of cybercrime. The efforts at the national level are reflected both the action and the inactions in public and private sector. The interest laws, policies, organizations, programs and data systems are the specific instruments that make implementation of cybersecurity possible. The policy makers have a primary responsibility to ensuring that the cyber environments are conducive in addition to having quality tenets that make it possible for the legal framework to operate. The same environments must be capable of thwarting harmful cybercrimes.
Historically, the almost all U.S presidents have shown efforts to fight crime with clear directions and interventions dictated from the White House. Cybercrime is not different, since the advent of communication gadgets and finally computers, crime prevention has not only remained a considerable campaign topic alongside criminal justice reforms but also continues formalize its existence in scholarship and at workplace. The President’s Commission on Law enforcement and Administration of Justice pointed out that there is a significant increase in cybercrime as the use of technology intensifies (Rose-Redwood, 2017). Equally, in 1984, the President’s Commission on Organized Crime undertook to examine the national and global features of computer malfunction and recommended that proper safeguards be put in place to ensure that computerization does not lead to online computer-organized crimes.
In a similar way, the 2016 Presidential election was largely clouded in the eye of cybercrime with the Russians accused to aiding President Trump triumph by releasing the numerous emails transacted by Hillary Clinton when she was Secretary of state. This now begs the big question, if the emails of the secretary of state are not or were not immune to hackers; which other email is immune? Trump did not fully acknowledge Russia’s manipulation and in fact some emails were leaked from Republican Party as well but they were not exposed. The US intelligence community revealed in a report that Russian President Vladimir Putin ordered an influence campaign. These events show the extent to which cybercrime can go; actually influencing a presidential election.
The 2001 Convention on Cybercrime in Europe is the only multilateral treaty in relation to cybercrime. This convention assimilates the domestic laws on cybercrime into an international outlook; the treaty also recognizes the transnational nature of cybercrime and thus the common interest and pooled efforts to counter the adversaries. President’s cybersecurity blueprint emphasizes chiefly on domestic issues as also placing United States in forefront in obviating cyber threats. Domestically, as Devlin and Chiu (2017) explained “the administration can borrow from counter-terrorism strategies by developing interdisciplinary task forces that combine intelligence, finance, law enforcement, and other fields to monitor adversarial cyber activities and undermine future attacks.”
Mitigating the impacts in DDOs
The rise in the number of cybercrimes committed in the U.S is cause for worry and which calls for a proper cyber-strategy for DDOs because if their system is hacked, it can transcend cyber-crime to catastrophic crime. Critical Information Infrastructure Protection (CCIP) is therefore an important aspect of DDOs which increases the resilience to both accidental and deliberate faults. Cyberattacks are transnational and can be carried out from any corner of the world; this is because the interconnection of the web and advanced program setting can enable hackers to reach, view, copy, delete and do all manner of things on another gadget remotely.
The Trump administration with a view to diminish DDOS attacks has emphasized on using a large number of independent servers on sites instead of limited number of servers that could be easily targeted. The administration is considering enlarging consistent government supported policies for identifying the soft targets and approving network management procedures to create a bulwark against imminent DDOS attacks (Bert, 2016). Defense approaches and strategies against DDOS attacks are classified into prevention approaches, survival approaches, and responsive approaches. Ingress or egress filtering is a defensive mechanism used to halt the attack packets prior to their invasion on victim location. . Also, filtering can be accomplished depending on such parameters as IP address, protocol type, and port number.
Securing transportation and Delivery Systems from Hacking
Could you imagine what would happen if the systems controlling the rail systems of the subway is hacked? Ok, could you imagine if the airport systems are hacked? What about the systems of the micro-computers embedded in the cars, trucks and every other automobile? Your guess is probably right! The number of human accidents will reach unprecedented levels. The Transportation and Delivery Systems are very critical and must be secured from any attempt of cybercrime; it can as well as be said that a hacker who gets into such a system will hold humanity at a ransom because long distance movements will be brought to a halt. In fact, those who will be having flights at the time of the attack will face an immediate fatal death!
The self-driving cars will particularly be at the greatest danger because any manipulation on their system will lead to immediate disaster in the Transport and Delivery sector. All the roads and traffic are probably regulated by computer signals in the U.S and most of the controllers are linked with the street sensors. All these will come to a standstill and the entire traffic will revert back to pre-traffic light systems which more or less will be chaotic (Young, 2013).
The widespread use of computers in the Transportation system means that any attack or compromise in the system will result to catastrophic effects. Despite no considerable cyberattack incident has taken place so far, one event did take place in Israel’s third largest metropolitan area of Haifa in Carmel Tunnels within the city in September 2013 leading to collapse of the system for several hours. This was allegedly caused by a cyberattack that disrupted the functioning of communication and control of the tunnel leading to a halt of the entire city’s Transportation system for several. If it was possible in Israel, it is possibly anywhere in the world.
Early 2005, there had been several documented cyberattacks in the computer-monitored pipeline projects and there has been “a series of attacks in 2013 that targeted a gas compressor station, which is a key component in moving gas through pipeline networks in the United States” (Hakim, Albert & Shiftan, 2015, p. 5). Again, if there were/are attempts to hack into these systems, then the possibility of a successful attempt is not far from getting realized. Paralyzing the Transport and the Delivery system will not only hurt the economy of a country but will also affect mobility in critical areas like acute healthcare services, schools among numerous other sectors that are central in societal life.
Protecting Consumer Information from Cyber Attacks
The U.S and European consumers are particularly vulnerable to cybercrime because most of their systems are automated. The government systems, transport systems, academic institutions, workplaces among other categories of services are automated. This means that the individual information of almost all Americans is held in the cloud in this systems and any hacker who can manage to access these clouds will have it all.
Consumer protection from any cyber threat is the sole responsibility of vendors and service providers. Although such has also been assured through various laws in the U.S, an unprecedented level is yet to be witnessed. A case in point was the Target’s cybercrime:
The theft of payment card information for 40 million of Target’s shoppers could have been prevented had the retailer taken action upon receiving information from the cyber security firm it had outsourced to monitor its information technology systems (Riley et al, 2016). Target’s security team was made aware of the suspicious activity when the hackers who stole consumer information in the retail giant’s computer networks started to act but chose to ignore the tip-off.
The team reportedly determined that the alert did not warrant follow up based on their evaluation and interpretation of the issue. The company in a statement affirmed that indeed their system had flagged some amount of activity that was synonymous with a breach soon after the hackers infiltrated their data warehouse but did not do anything to stop the data theft, choosing to go public with this information two weeks after the incidence. This is despite the company installing a 1.6 million dollar malware detection system that was supposed to protect the company from such an attack six months earlier (Riley et al, 2016).
Following the data breach, the retail organization’s Chairman Gregg Steinhafel who also doubles up as the President and Chief Executive Officer failed to respond to the specific questions asked, choosing instead to offer an e-mail statement claiming that Target met all the Payment Card Industry (PCI) standards and that it was performing an end-to-end evaluation of processes, people and technology to identify opportunities for improving their data security (Riley et al, 2016). This was an inefficient strategy to undertake seeing as it prompted both customers and banks to file over 90 lawsuits against the organization citing negligence and demanding compensation. The company was reported as having spent about 61 million dollars in response to charges incurred from the breach besides experiencing a 46 percent decrease in profit from the same quarter in the previous year (Riley et al, 2016). This breach however could have been stopped even without human intervention because the company was utilizing a highly sophisticated data protection system created by FireEye Security Software Company that was being used even by the Central Intelligence Agency (CIA).
Such attacks have prompted the industries to invest in research and come with a way that would enable them prevent, detect and act on any potential threats. The NIST framework is one of such efforts. It was outlined in reply to Executive Order 13636 that urged for the expansion of a voluntary risk-oriented cybersecurity structure. On the basis of the content furnished by the Framework, organizations are expected to embrace a seven-step approach to carry out or advance their risk management and information security mechanisms (Winmill et al, 2014).
The first step is to emphasize on the mission goals and delineate the scope and embark on strategies with respect to cybersecurity implementations. The second step is to orient or concentrate on the available assets, regulatory requirements, and total risk approach. The third step is to create a current profile that indicates the category and subcategory outcomes from the Framework (Whitman & Mattord, 2011). Raising the public awareness and exercising best online practices such as having stronger passwords and clicking on websites that have https are example of precautionary measures by the consumers to ensure that they reduce them
Building a strong Cyber Workforce
U.S leads in the fight against cybercrime particularly due to the high number of breaches it has experienced over time. The capabilities of building a stronger workforce have a greater potential in creating a dedicated and intelligent cybercrime workforce, who not only work to prevent such crimes but are able to think like the hackers so that preventive measures can always be ahead of them. There are several ongoing programs which prepare the cyber-war fighters and the open source collection specialists.
The cybersecurity STEM workforce, under Trump administration, should make new advances in algorithms, hardware and software configurations, the arrangement and engineering of difficult, integrated systems. As such, it is obligatory for the intelligence community to proceed with the searching of ways to collaborate with industry and educational establishments to boost the STEM workforce with a strong framework as effective alternatives to cybersecurity. Participants at the Trump’s tech summit also discussed about improving the tech industry workforce by facilitating beneficial immigration policies and streamlining provision of H-1B visas. Building a stronger workforce will also involve going an extra mile in considering the social issues. For instance, On January 27, 2017, Trump issued an executive order prohibiting entry of citizens from seven Muslim-majority countries greatly undermines a consolidated effort to fighting cybercrime; actually, some of the best cyber-war fighters are entangled the consequences of such socially-discriminative orders (Devlin &Chiu, 2017).
Trump’s Position on Cyberwarfare
During his campaigns, president Trump assured his supporters that cybercrime will be a priority in his administration. The Russia’s engagement in the elections, however, seems to have dwindled his efforts and zeal over cybersecurity. However, in the efforts already witnessed in this regard are the offensive strategies to eliminate the threats and very little is known on the defensive side of cybersecurity.
Trump took some significant decisions to secure cybersecurity force by appointing Thomas Bossert as his administration’s assistant to the President on behalf of Homeland Security and counterterrorism efforts that would be dedicated on the cybersecurity functionality and responsibility. In addition the President seems to be addressing cybersecurity problem directly on his twitter handle and his website. His plans further includes informing the U.S. Department of Justice to create Joint Task Forces on a comprehensive level to coordinate Federal, State, and local enforcement processes to cyber threats.
Every country and organization operating in today’s highly competitive world is required to invest in a robust cyber security system that will shield it from potential cyber-attacks that may cause irreparable damage to the company’s image as well as their finances. Despite the application of various data monitoring software, cutting edge cyber security measures and physical firewalls in protecting an organization’s data, failure to achieve the intended purposes is always imminent should the administration fail to act upon getting wind of suspicious activities in the country’s systems (Elson & LeClerc, 2006). Responding swiftly to cases of hacking could ensure that data remains secure even after a breach. To put it simply, cybercriminals may not be able to compromise an organization’s information if stricter policies as well as methodologies are embraced besides being closely monitored for loopholes due to the fact that early detection provides means of not only preventing an attack but also bringing the culprits to book (Lowe, 2014).
The main research method to evaluate the Presidential Administration Policies in Cyber Crime and Technology will be through the interviews; both structured and random as well as through secondary sources such as history on previous and existing laws that are considered entirely effective. The interviews are effective in collecting information because they will focus on both the individuals and the corporations as well as the government institutions. After conducting the interviews, the next viable method would be to use the focused group discussions with the experts in cybersecurity. The focus groups will have members between of 6-10; focusing on how they construe the cybersecurity situation to be as well as how they practice safe online conduct to ensure that they do not fall prey for cyber-attacks. The other supplementary method will be the secondary sources from articles, history books and other literature on cybersecurity that gives information about how cybersecurity has evolved over time.
|1||Planning for evaluation (Two Meetings)||200|
|2||Materials (Including books and articles)||500|
|1.||10th October 2017- 25th October 2017||Planning meetings; at least two meetings.|
|2.||28th October 2017 – 5th October 2017||Contacting the institutions and organizations for evaluation.|
|3||7th November 2017 – 21st November 2017||evaluating the policy|
|4||23rd November 2017 – 2nd December 2017||secondary evaluation and report consolidation|
|5||5th December||Presenting the Report|
The expected outcome of this evaluation shall establish that the Presidential Administration Polices in Cybercrime and Technology is insufficient and fragmented. The institutions that shall be evaluated include the FBI and corporations like Target that have suffered a cyber attack before. The proposal success shall be marked by established inadequacy in the cybersecurity polices and legal framework thus a need to inject vibrancy it its being.
Ahuja, S. (2010). Intellectual Property Crime: The Urgent Need for Global Attention. Global Policy, 1(3), pp.318-320.
Akhgar, B., & Yates, S. (Eds.). (2013). Strategic intelligence management: National security imperatives and information and communications technologies. Butterworth-Heinemann.
Bert, R. Hacked: The Inside Story of America’s Struggle to Secure Cyberspace, By Charlie Mitchell. Lanham, Maryland: Rowman & Littlefield, 2016. Civil Engineering—ASCE, 86(10), 82-82.
Cheng, L., Liu, F., & Yao, D. (2017). Enterprise data breach: causes, challenges, prevention, and future directions. Wiley Interdisciplinary Reviews: Data Mining and Knowledge Discovery, 7(5), e1211.
Cruz-Cunha, M. M. (Ed.). (2014). Handbook of Research on Digital Crime, Cyberspace Security, and Information Assurance. IGI Global.
Devlin, T. A., & Chiu, S. (2017). Six cyber issues for the Trump administration. Risk Management, 64(2), 4.
Elson, R. & LeClerc, R. (2006). Customer Information: Protecting the Organization’s Most Critical Asset from Misappropriation and Identity Theft. Journal of Information Privacy and Security, 2(1), 3-15.
Engdahl, O. (2009). barriers and back regions as opportunity structures for white-collar crime. Deviant Behavior, 30(2), 115-143. http://dx.doi.org/10.1080/01639620802050148
Finney, N. K. (2014). Cybersecurity and Cyberwar: What Everyone Needs to Know. Parameters, 44(3), 149-151.
Hakim, S., Albert, G., & Shiftan, Y. (Eds.). (2015). Securing Transportation Systems. Wiley.
Intelligence Foreign Cyberattacks. Georgetown University Press.
Isafiade, O.E., & Bagula, A.B. (Eds.). (2016). Data Mining Trends and Applications in Criminal Science and Investigations. Information Science Reference.
Kshetri, N. & Murugesan, S. (2013). EU and US Cybersecurity Strategies and Their Impact on Businesses and Consumers. Computer, 46(10), 84-88.
Lemieux, F. (Ed.). (2015). Current and emerging trends in cyber operations: Policy, strategy and practice. Springer.
Lowe, M. (2014). Defending against cyber-criminals targeting business websites. Network Security, 2014(8), 11-13.
Luckerson, V. (2016). Shop at Regular Stores? You’re a Cybercrime Target. TIME.com. Retrieved 1 November 2016, from http://business.time.com/2013/12/20/target-credit-card-breach-shows-expansion-of-cybercrime/
McConnell, M. (2010). Mike McConnell on how to win the cyber-war we’re losing. Washington Post, 28, B01.
National Research Council. (2003). Critical information infrastructure protection and the law: An overview of key issues. National Academies Press.
National Research Council. (2007). Enhancing productivity growth in the information age: Measuring and sustaining the new economy. National Academies Press.
National Research Council. (2012). Assuring the US Department of Defense a strong science, technology, engineering, and mathematics (STEM) workforce. National Academies Press.
Parodi, F. (2013). The Concept of Cybercrime and Online Threats Analysis. International Journal of Information Security and Cybercrime, 2(1), pp59-66.
Ramsay, S. W. (2015). Protecting Our Future, Volume 2: Educating a Cybersecurity Workforce (Vol. 3). Hudson Whitman/ECP.
Retrieved from: Network World. http://www.networkworld.com/article/3140606/techology-business/tech-groups-push-policy-priorities-for-the-trump-administration.html. Last accessed on: 20.9.2017
Riley, M., Elgin, B., Lawrence, D. & Matlack, C. (2016). Missed Alarms and 40 Million Stolen Credit Card Numbers: How Target Blew It. Bloomberg.com. Retrieved 3 November 2016, from http://www.bloomberg.com/news/articles/2014-03-13/target-missed-warnings-in-epic-hack-of-credit-card-data
Rose-Redwood, C., & Rose-Redwood, R. (2017). Rethinking the politics of the international student experience in the age of Trump. Journal of International Students, 7(3), I.
Saad-Filho, A., & Tomkinson, J. (2017). Walking the Tightrope: UNCTAD, Development and Finance-Driven Globalization. Development and Change, 48(5), 1168-1181.
Tonry, M. (Ed.). (2011). The Oxford Handbook of Crime and Criminal Justice. Oxford University Press.
Whitman, M. E., & Mattord, H. J. (2011). Principles of information security. Cengage Learning.
Winmill, B., Metcalf, D. & Band, M. (2014). Cybercrime: Issues and challenges in the United States. Digital Evidence and Electronic Signature Law Review, 7(0).
Wright, R. (2012). Prosecution white collar crime – what’s going on? Ac, 1998(12). http://dx.doi.org/10.14296/ac.v1998i12.1521
Young, R. R. (2013). Introduction to Transportation Security by Frances L. Edwards and Daniel C. Goodrich. Transportation Journal, 52(2), 297-299.