CRITICAL INFRASTRUCTURE - INFORMATION TECHNOLOGY
Executive Summary: The Information Technology Sector in the United States is an extremely complex environment supporting and interdependent between all 16 sectors. According to the department of Homeland Security, “These virtual and distributed functions produce and provide hardware, software, IT systems and services, and in collaboration with the Communications Sector the Internet” (DHS, 2014).
Problem Statement: In the United States, the Information Technology Sector has showed increased reliance on computer systems, which they have linked to almost all their vital infrastructures. Today, however, there is growing concern regarding diverse cyber security threats, which are directed towards
…show more content…
For instance, when Republicans attain majority control over the U.S. as well as the Senate, they are anticipated to face a foreign policy, which has grown increasingly complex because of heavy reliance on the Internet. In the recent years, Congress has engaged in serious programs to facilitate the adoption of reform regarding cyber security without success. Based on the growing number of attacks in the U.S., America has realized that companies and consumers are highly prone to attack by ever increasing hackers (Radvanovsky & McDougall, 2013).
Goal of Briefing: The key reason for briefing is to take a position on the issue of cyber security to reveal the potential threats it can pose to Information Technology critical infrastructure in the United Sates. It aims at seeking support for ensuring that information systems are given extraordinary support and scrutiny to eliminate any loopholes that may pose threats to the stability of the country’s critical infrastructure and consequently, collapse of the
…show more content…
Firstly, they should ensure that organizations comply with information technology regulations. Secondly, they should ensure that IT staff are well equipped with technical knowhow to ensure they can pinpoint any forms of threats and take appropriate actions in advance. Lastly, the government, private sector, and other stakeholders should share information concerning diverse forms of threats to facilitate in the establishment of effective measures for addressing any forms of security threats (Moore & Shenoi,
Program on Telecommunications and Cybersecurity Policy. (n.d.). The Global Information Society Project Program for Telecommunications Policy. Retrieved November 11, 2013, from http://www.telecom-program.org/
We live in a technologically saturated world. Everyone is connected to one network or another by any number of devices, so that begs the question: “Just how secure are those connections?” Earlier this year, headlines were made when a hospital in California (and several others in other states shortly thereafter) had its network system hacked; its files and patient information encrypted and held ransom. To gain access to their own files, the hospital paid the hackers for the encryption key so that they could continue providing their patients with the much needed medical care they were seeking [1]. More recently, it was reported that over 6,000 online stores had malicious code, designed to steal and store credit card information, hidden within
Terrorism represents a continuing threat to the United States. It is the most significant threat to our national security. Terrorist attacks have definitely left many concerns about the possibilities of future incidents of terrorism in the United States. Since the events of September 11, 2011, Americans and much of the world are afraid. Americans are at war with terrorism and no longer feel comfortable. A part of this unease feeling has to do with cyber terrorism.
President Obama has realized the seriousness of the upcoming threats and turned the government focus more toward defending the information and communications infrastructure and In May 2009, he issued a request from top to bottom review of the current situation. The report titled the Cyberspace Policy Review includes strategy, policy, and standards regarding the security of and operations in cyberspace. According the white house’s cybersecurity foreign policy, the Cyberspace Policy Review highlighted two objectives and ten near-term actions to support the cybersecurity strategy.
As a patriot of this great nation, what has been presented is of extreme if not grave concern. The challenges of cyberculture to our nation’s security have been revealed . To what extent our security has been breached is a matter of speculation but be informed that these breaches must be met with complete counter active success - failure to do so is not an option.
Most people are familiar with Cybercrime or Computer Crime being crime carried out by use of computers or the Internet. With the growing use of the Internet it is no surprise to anyone that Cybercrime or Computer Crime has been on the rise and has been since the coming of the Internet and anyone can be a victim of cybercrime. Take for example in 2012, 7% of the U.S. population had their identity stolen from online (Harrell, Lang, 2013, pg. 1). There is no denying that the formation and growth of the Internet has had an impact on crime (Wall, 2011, pg. 8). The purpose of this paper is to explain and give an overview of the types of cybercrime, how law enforcement handle these types of crimes, and how prevent cybercrime.
Security helps the organization meet its business objectives or mission by protecting its physical and financial resources, reputation, legal position, employees, and other tangible and intangible assets through the selection and application of appropriate safeguards. Businesses should establish roles and responsibilities of all personnel and staff members. However, a Chief Information Officer should be appointed to direct an organization’s day to day management of information assets. Supporting roles are performed by the service providers and include systems operations, whose personnel design and operate the computer systems. Each team member must be held accountable in ensuring all of the rules and policies are being followed, as well as, understanding their roles, responsibilities and functions. Organizations information processing systems are vulnerable to many threats that can inflict various types of damage that can result in significant losses (Harris, 2014). Losses can come from actions from trusted employees that defraud the system, outside hackers, or from careless data entry. The major threat to information protection is error and omissions that data entry personnel, users, system operators and programmers make. To better protect business information resources, organizations should conduct a risk analysis to see what
The recent horrific attacks on France highlighted one of the number one threats to Homeland Security, which is the evolving terrorist. The Evolving terrorist threat is of major concern since 9/11 because “its demonstrated and continued interest in advancing plots to attack the United States” (). A major concern in this area for the United States is the propaganda that is used to motivate individuals who have not participated in terrorist activities or traveled to conflict zones, teaching and training them to plot and carry out attacks on civilian populations. Another huge concern to Homeland security is the threat to our cyber-physical infrastructure. “A vast array of interdependent information technology network, systems, services, and resources enable communication, facilitate travel, power our homes, run our economy and provide essential government services” (). The everyday citizen is so reliant on technology and everything in our country is so interconnected that if the cyber-physical infrastructure would to be compromised it would create a devastating chain reaction across the country. The third concern for Homeland Security is the threat of a pandemic. Even though it is noted as being a very low probability, the impact of it happening even once would be very high impact. “Increasing global
Whitman, M., & Mattord, H. (2010). Management of information security. (3rd ed., p. 6). Boston, MA: Cengage Learning.
The ability to conduct warfare through technological methods has increased information security awareness and the need to protect an entities infrastructure. Subsequently, cyber warfare produces increased risk to security practitioners that employ technology and other methods to mitigate risks to information and the various systems that hold or transmit data. A significant risk to information lies in the conduct of electronic commerce, hereinafter called e-commerce. E-commerce is the purchasing or selling of goods and/or services through the internet or other electronic means (Liu, Chen, Huang, & Yang, 2013). In this article, the researcher will discuss cyber warfare risks, present an evaluation on established security measures, identify potential victims of identity theft, and present an examina...
In recent years, many possible plans to enact government regulation to improve cybersecurity have been suggested. Most recently, in 2017, then U.S. president Barack Obama implemented the Cybersecurity National Action Plan (CNAP). The plan would have invested $19 billion in cybersecurity by gathering experts to make recommendations in regards to cyber security, help secure the government IT group, and encourage more advanced security measures (Daniel 1). However, while CNAP does present a way to solve the problem, it just adds another program that attempts to enhance cybersecurity: “It is the multiplicity of programs and division of responsibility that diminishes their effectiveness. At least eleven federal agencies bear significant responsibility for cybersecurity” (Cohen 1). Every so often, another cybersecurity program will be established, but former plans are seldom removed. This leads to a large amount of departments to share responsibility, which creates general confusion and limits each department’s power. Furthermore, widespread government regulation may weaken cybersecurity. Many fear that any regulation would not be flexible enough and would instead allow easier hacking (Ridge 3). If every system in the entire nation had the same security measures, it would be much easier to break into as by breaking into one system, a hacker a could break into everything.
United States Executive Office of the President. (2009). Cyber space policy review: Assuring a Trusted and Resilient Information and Communications Infrastructure. (pp. 1-38). Retrieved from http://www.whitehouse.gov/assets/documents/Cyberspace_Policy_Review_final.pdf
" Detangling the web: a screenshot of U.S. government cyber activity." Joint Force Quarterly July 2015: 75+. War and Terrorism Collection. Web.
Nowadays, the information is the most treasured asset in an organization, due to it along with the experience represents the input necessary to take appropriate decisions and consequently to have success in the business. Almost all the information and knowledge related with the processes business, goods and services offered by a company, is processed, managed and stored through technology and information systems, thus the security of information has become increasingly important and plays a critical role in the enterprise government.
The first thing that we must consider about Information Security is that there is not a final destination at which we can arrive. IT Security is an ongoing set of processes and activities that requires attention and expertise on a daily basis. It is important to understand that systems are not secured by themselves and it is our responsibility to maintain and improve them periodically as required. It is of vital importance to establish the appropriate mechanisms and requirements in order to support the company’s CIA triad. The following report will provide you guidance about auditing and hardening techniques applied though the 7 Domains by utilizing IT Security Best Practices.