Human Aspects in IT and Cybersecurity Outline Government Justification of Informing Private industry to improve or Set up Cyber-security

Methods of the Government Interventions

Impacts of Government Regulation on National Security

Failure to comply to related cyber regulations

Meeting the minimum requirements.

Exceeding the Minimum Requirements

The economic and national security of the United States rely on the effective functioning of the country critical infrastructures. Recently, the U.S. government has issued an executive order to manage the cybersecurity and protect the country critical infrastructure since a destruction of the critical infrastructures whether virtual or physical can have a negative impact on the national economic security, safety or national public health. The computer and information systems are part of the country critical infrastructures that facilitate effective data communication between organizations. Presently, the U.S. information systems have enhanced interconnectivity that enhances business advantages, which has never happened before. Despite the benefits of interconnectivity among businesses and public organizations, the present network systems have brought increased risks of fraud, theft, threat, cyber terrorism, and abuse.

The objective of this project is to investigate the human aspect of cyber security providing revealing the strategy the government should employ in setting up cyber-security against internal and external threats. The paper discusses a government justification to enact law and regulations mandating business organizations to install minimum cyber defenses. Moreover, the paper discusses the impact of the minimum cyber defenses on the business community.

Government Justification of Informing Private industry to improve or Set up Cyber-security

The rates of the cyber threats in the United States are becoming alarming and the issues require the government immediate intervention to improve cyber security. With an increase of internal threats, organizations are required to use both an interactive and consistency approach to assessing, identify, and manage cyber security. However, the contemporary sophistication of cyber threats is becoming alarming and requiring an intervention of government assistance. The major reason for justification of government intervention for cybersecurity is that the cyber threats have become a cyber war among nation-states, and private organizations alone are not possessing essential security protocol to protect themselves against the current global threats. For example, North Korea and Iran are investing in cyber warfare as part of their military warfare capabilities. Typically, Iran has become a key player in cyber warfare aiming a large-scale attack on the websites of large financial institutions across the United States and other western countries. Moreover, North Korea has recently employed more than 6,000 people and established overseas bases for its hacking attacks. In the last few years, North Korea has attacked the banks, media and military entities' critical infrastructures with malware. China and Russia are also investing heavily in cyber capabilities specializing in cyber warfare units, and they are behind several technology thefts, network disruption, and other cyber attacks against companies and governments. For example, in 2010, Google Inc. released a disturbing news to the world that it had been a target of sophisticated attacks that originated from China with the goal of stealing the company intellectual property. Google was alone, more than 20 other companies in the United States had been a subject of attack spanning across the different sectors that include finance, chemical, and internet industry. The source of the attacks was undoubtedly from China because the country intended to prevent its citizens having access to information from western countries.

At the core of the attacks, Google called the federal government for assistance. The justification is that it is impossible for private organizations to protect themselves alone from cyber-attacks. The government intervention is very critical to combat or prevents cyber warfare. Thus, the government has a big role to play in protecting the country territorial integrity because the United States national security is at stake, and unilateral action cannot solve the problem. Typically, the internet is a global technology, and the U.S. government has a responsibility to protect the U.S. industries preventing the U.S. economy from collapsing. Thus, the government intervention against the cyber warfare is very critical to sustaining national security.

Methods of the Government Intervention

A government intervention is an effective tool for cyber warfare. Apart from investing in cyber security, the U.S. government should develop laws and regulations to protect the country from cyber crimes. In 2012, the Senate proposed the Cyber Security Act with the goal of protecting the private sectors from cyber threats. Moreover, the legislation aimed to create total control over...

Despite the effectiveness of the proposed regulation, the House of Senate failed to pass the bill into a law. Both the business group and some republican's members in the house were against the proposal on the ground that it would put an undue pressure on the business group. Since 2012, the cybercrimes continue to increase with no effective legislations to combat the crime. This paper recommends that the government should reintroduce Cybersecurity Act into the House to protect the private and public sectors from cyber crimes and cyber warfare. The provisions of the law should enhance information sharing among private sectors. The new legislation should also mandate the private sectors to disclose the cyber threat information to assist federal government to collect adequate information to guide against cyber threats in the United States. Moreover, the law should mandate a disclosure of threat when committed or when about to be committed. Using this strategy, the government will be equipped with necessary information to guide against cyber threats in the United States.
In 2002, the U.S. government passed the ISM (Information Security Management) Act into law, which recognizes a significant information security with reference to national and economic security. The ISM mandates the government agencies to develop guidelines and carry out a risk assessment on continuity plan, disaster recovery as well as implementing security policies. The paper suggests that the government should include cyber security in the ISM protocols. For example, the ISM is to develop a guideline for the implementation of public key encryption, cryptography, and wireless security for protection of the private and public sectors critical infrastructures.

While intervention of laws and regulations are very critical in guiding against the cyber-crimes in the United States, nevertheless, many government agencies still lack the technical knowledge to implement the law. Stalling, (2011) points out that law enforcement agency in the United States lack the essential technical knowledge to enforce the law since the application of the laws requires a sophisticated grasp of technical knowledge. While some larger agencies are catching up, lack of personnel with required technical skills is handicapping the application of cyber-crime laws in the United States. Thus, the U.S. government needs to implement a comprehensive training for law enforcement agencies to enhance the application of the law.

Thus, government intervention is very critical to bring satiny into the U.S. economy. The intrusion of T. J. Maxx is one of the examples of cyber threats that is rampant across the United States. The T. J. Maxx is a chain superstore with more than 900 stores in the United States and outside the United States with capital base worth $13 billion. In 2007, the company critical infrastructures were breached and millions of credit and debit cards were stolen. The outcome of the investigation reveals that 40 million Americans had been affected. In a supermarket in Florida alone, the hackers performed transactions that worth $8 million. The hackers were able to gain access to the company network systems because the T.F. Maxx used a weak wireless security system called WEP (Wired Equivalent Privacy) to protect its network system. Moreover, the company used weak encryption techniques using a simple algorithm to design the security system, which allows the hackers to eavesdrop the communication system.

The negative effects of constant cyber threats require a prompt intervention of the federal government and it is crucial to make laws and regulations, which will mandate private organizations to install a minimum sophisticated security system to prevent intrusion of organizational information systems. In the case of the T.J Maxx, the company had not installed firewalls or patches to prevent bug vulnerabilities as directed by Visa and MasterCard. Lack of effective security protocols had exposed the company to various malicious intruders. The security weakness allowed hackers to deploy the Wi-Fi antenna to eavesdrop employee's logging used to penetrate the company's server.

To prevent such occurrence in the future, the federal government should consider cyber security as real public goods where the U.S. government should consider cyber infrastructures as public sectors protection. The government should set up an ISA (The Internet and Security Agency), and Cyber Emergency Shelter staffed with a large group of IT security experts equipped with sophisticated security systems capable of preventing, and warding off DoS (Denial of Service), attacks and use firewall block unauthorized network system at no cost.

2. Impacts of Government Regulation on National Security

Coyne, (2012) investigates the costs-benefit analysis of the intervention of government legislation to protect the critical infrastructures. The author argues that the benefits be derived from the government intervention outweigh the costs. When considering potential benefits of a project, economists evaluate the costs versus benefits especially the…