User Account

All Pages

Cybersecurity strategy-law and policy

Assignment Help Basic Computer Science
Reference no: EM132869822

The chief technology officer (CTO) has indicated that your organization has been requested by the National Security Council (NSC) to comment on the upcoming National Cybersecurity Strategy. The NSC has asked for specific recommendations as it relates to the next cybersecurity strategy, private/public partnerships, and comments on how specific technologies should be incorporated into the assessment.

The CTO has asked you to collaborate with your team to provide the organizational input.

You will be collaborating with your previously assigned team on this assignment. It is up to the team members to decide how they will plan, meet, discuss, and complete the six sections of the paper. Remember, if a member fails to complete his or her part of the work, the team is still responsible for all sections. You will also complete a peer review for yourself and for each member of the team. The peer feedback will be incorporated into each team member's assignment grade.

As a group, use the Cybersecurity Strategy, Law, and Policy Team Assignment Template to write your paper, which should cover the following topics:

Part 1: National Security Strategy and Cybersecurity

After reading the National Security Strategy (2017), comment on the following.

Should the United States create a separate cybersecurity strategy to be published alongside the National Security Strategy (NSS), or do you feel the NSS is sufficient? Why or why not?

Consider your answer in the context of the original National Strategy to Secure Cyberspace (2003). What is not adequately addressed in the National Security Strategy (2017) as it relates to cybersecurity?

Part 2: Public/Private Partnerships

After reading the Cybersecurity Act of 2015, address the private/public partnership with the DHS National Cybersecurity and Communications Integration Center (NCCIC), arguably the most important aspect of the act. The Cybersecurity Act of 2015 allows for private and public sharing of cybersecurity threat information.

What should the DHS NCCIC (public) share with private sector organizations? What type of threat information would enable private organizations to better secure their networks?

On the flip side, what should private organizations share with the NCCIC? As it is written, private organization sharing is completely voluntary. Should this be mandatory? If so, what are the implications to the customers' private data?

The government is not allowed to collect data on citizens. How should the act be updated to make it better and more value-added for the public-private partnership in regards to cybersecurity?

Part 3: Private Sector Organizations

Review the General Data Protection Regulation (GDPR) of the European Commission (EU). It includes many provisions and arguably strengthens data protection for individuals within the EU. It even includes the right to be forgotten. The United States does not have a similar regulation. There have only been a few regulations implemented related to US citizens' private data, which include medical and financial industries. Some argue implementing regulation such as GDPR in the United States would hinder innovation. They contend that the End User License Agreements (EULA) provide sufficient protections and allow the citizens to make the choice of what is and is not shared.

As a private sector organization, do you believe that an equivalent to GDPR should be implemented in the United States?

Part 4: Protecting Critical Infrastructure and the Homeland

The Department of Defense (DoD) Cyber Strategy 2018 discusses the protection of critical infrastructure and the homeland.

What does that mean to private organizations such as yours?

If most critical infrastructure in the United States is owned by the private sector, what responsibility does the DoD have in this regard?

Some would argue US laws are outdated and thus the DoD has little authority to assist. Others would argue US laws were purposely established such that the private sector would defend itself and not need assistance from the military. Obviously, for the DoD to assist, it would need the private organizations' data. Said another way, the DoD would need your data as a private citizen/customer of that organization. Those that believe our laws need to be updated argue giving up privacy for protection is legitimate.

Others will argue that we should not give private information of citizens to the government for any reason. As a citizen, would you feel comfortable with this? As a private organization, would you feel comfortable giving information that may contain your customers' private data to the DoD?

Is there a third solution (middle ground) you would propose that enables privacy but also enables cybersecurity?

Part 5: Cybersecurity Technologies

The authors of the National Security Strategy (NSS) are looking to address particular technologies that have the opportunity to revolutionize cybersecurity. They believe that blockchain technology is a revolutionary technology that has the ability to significantly improve cybersecurity.

What would be your recommendation for how the NSS should incorporate this technology to the public?

Propose exactly what you believe should be written in the NSS. Specifically, explain the blockchain technology in layman's terms to nontechnical people that may be reading the NSS, give examples of how it could be used to provide revolutionary cybersecurity, include examples of how it is being used to provide cybersecurity solutions, and discuss what, if any policies or laws should be established to mandate its use in specific industries.

Part 6: Ethics in Cybersecurity.

Ethical issues are at the core of what we do as cybersecurity professionals. Think of the example of a cyber defender working in a hospital. They are charged with securing the network, medical devices, and protecting sensitive personal health information from unauthorized disclosure. They are not only protecting patient privacy but their health and perhaps even their lives. Confidentiality, Integrity, Availability - the C-I-A triad - and many other cybersecurity practices are increasingly at play in protecting citizens in all walks of life and in all sectors. Thus, acting in an ethical manner, is one of the hallmarks of a cybersecurity professional.

What are the ethically significant harms that may result from mass surveillance (including by government and corporations)?

What are the ethically significant harms that may result from emerging technologies such as blockchain technology, artificial intelligence, and machine learning.

Attachment:- Cyber security Strategy Law and Policy Team.rar

Reference no: EM132869822

Questions Cloud

Definition of data washing machines : Give a working definition of Data Washing Machines (DWM) from your perspective. Propose a conceptual framework on DMW's.
Computer security-computer forensics : She posts photos and messages frequently in Facebook when she is able and the last photo she posted was two hours ago.
Render rectangle using coordinates : Using WebGL [call gl.drawElements ( ) function] render points at coordinates. Using WebGL [call drawElements () function]render the rectangle using coordinates
Online university registration system : Create a use case diagram that would illustrate the use cases for the following online university registration system:
Cybersecurity strategy-law and policy : Should the United States create a separate cybersecurity strategy to be published alongside the National Security Strategy (NSS),
Research the variety of enumeration tools : Research the variety of enumeration tools available. Select one tool and explain what it does, how it works and what type of information it extracts
Describing the terrorism attack : Write a brief Discussion describing the terrorism attack and it's aftermath. Comment on ways the attack could have been prevented.
Explain importance of tourism legislation and regulations : Can you explain the importance of tourism legislation and regulations?
Explain competitiveness of the canadian business : Why is the competitiveness of the Canadian business important as it relates to globalization? What differentiates Canadian business from other nations and why?

Reviews

Write a Review

Basic Computer Science Questions & Answers

  Identifies the cost of computer

identifies the cost of computer components to configure a computer system (including all peripheral devices where needed) for use in one of the following four situations:

  Input devices

Compare how the gestures data is generated and represented for interpretation in each of the following input devices. In your comparison, consider the data formats (radio waves, electrical signal, sound, etc.), device drivers, operating systems suppo..

  Cores on computer systems

Assignment : Cores on Computer Systems:  Differentiate between multiprocessor systems and many-core systems in terms of power efficiency, cost benefit analysis, instructions processing efficiency, and packaging form factors.

  Prepare an annual budget in an excel spreadsheet

Prepare working solutions in Excel that will manage the annual budget

  Write a research paper in relation to a software design

Research paper in relation to a Software Design related topic

  Describe the forest, domain, ou, and trust configuration

Describe the forest, domain, OU, and trust configuration for Bluesky. Include a chart or diagram of the current configuration. Currently Bluesky has a single domain and default OU structure.

  Construct a truth table for the boolean expression

Construct a truth table for the Boolean expressions ABC + A'B'C' ABC + AB'C' + A'B'C' A(BC' + B'C)

  Evaluate the cost of materials

Evaluate the cost of materials

  The marie simulator

Depending on how comfortable you are with using the MARIE simulator after reading

  What is the main advantage of using master pages

What is the main advantage of using master pages. Explain the purpose and advantage of using styles.

  Describe the three fundamental models of distributed systems

Explain the two approaches to packet delivery by the network layer in Distributed Systems. Describe the three fundamental models of Distributed Systems

  Distinguish between caching and buffering

Distinguish between caching and buffering The failure model defines the ways in which failure may occur in order to provide an understanding of the effects of failure. Give one type of failure with a brief description of the failure

Free Assignment Quote

Assured A++ Grade

Get guaranteed satisfaction & time on delivery in every assignment order you paid with us! We ensure premium quality solution document along with free turntin report!

Submit Assignment

Academics

Major Subjects

Majors

Get In Touch

whatsapp: +1-415-670-9521

Phone: +1-415-670-9521

Email: [email protected]

TERMS & POLICIES

HELP & SUPPORT

All rights reserved! Copyrights ©2019-2020 ExpertsMind IT Educational Pvt Ltd