Cyber Security: Policy, Processes and Practices
Introduction to the Global Threat Landscape
The global society faces several security threats. Technological development has compromised the state of global security. With globalization, most states have become insecure. A perfect example is the United States. An analysis of the global threat landscape depicts a pattern of evolution.
Particularly, this trend is notable since the first virus emerged. Cybersecurity has gradually become a potential issue of concern (Czinkota, Ronkainen & Kotabe, 2009). Information technology (IT) is presently threatened by several malicious tools. Currently, both malware and spam have become a great threat.
The emergence of internet fraudsters is now evident. Most cyber fraudsters have taken advantage of the observed security gaps. Indeed, it is evident that most states have not developed comprehensive policies to monitor the threat landscape. Some contributory factors include a high level of internet use and connectivity.
Malware has attacked personal computers and moved into regional networks. Threat landscapes presently encompass worldwide infrastructure. Observably, attacks are progressively more targeted. Most cybercriminals apply the blanket methodology of the viruses (Ramraj, 2012).
This approach has enabled them to target distinctively at personalities. Additionally, they have also targeted several companies and countries. These targets have been accomplished through spear phishing. Apart from this, they have also used approaches such as service denial. Several strategies have been proposed to enhance security in information technology.
The application of anti-virus, anti-spam, as well as intrusion prohibition is imminent (Goodman, Lin & NRC, 2007). The use of firewalls has also been evident. However, these processes and applications have been remarkably compromised. There is a need for more advocacy and education amongst populations and other user groups. This is important because these strategies might assist in prohibiting consumers from falling prey to cybercrime.
The challenge of the threat landscape has since graduated from specifically attacking the computers or the networks. Instead, the challenge is presently eminent within several portable devices. These include tablets as well as smartphones. Consequently, this has potentially complicated the issue of security. According to recent studies, highly connected consumers are increasingly susceptible to the challenge.
This situation threatens communication and feedback systems within organizations. It also interferes with the overall business network. The significance of guarding these devices is imminent. This is because most attackers normally target several and diverse user groups (Ramraj, 2012).
Basically, the internet is a public space. Therefore, all end users must enlighten themselves. Additionally, there is a need to increase vigilance in order to prohibit malware and other cybercriminals. This is because these threats might lead to severe reputational and monetary loss.
The Most Critical Threats to the United States
All nations face a global threat landscape. These threats are characterized by approaches and tricks applied by malicious groups to oppress the users. The United States is not an exemption. America suffers a threat landscape dominated by a combination of diverse global threats. Apart from this, there are also specific threats targeting individual users within the country.
There have been important observations on this issue over the last few years in the U.S. Observably, the threat landscape in the U.S. remains as a globally active challenge. Most systems have been grossly corrupted by malware (Goodman, Lin & NRC, 2007). The U.S. recorded increased incidences of cybercriminal cases within the last two years.
Several incidences of insecurity have been identified almost within all the critical sectors. The various surveillance institutions have marveled at these increased incidences. Spear-phishing emerged as the most widespread attack vector. This has been known to cause severe and extensive network intrusion. A greater percentage of intrusion was attributed to Spear-phishing.
Other important landscape threats identifiable in the U.S. are the “sophisticated threat actors.” These threats have caused massive data loss and inconveniences within business processes. Most organizations and individuals utilizing information technology services within the U.S. have encountered a high level of disruptions. The control systems and associated networks are major tools applied in monitoring and detecting these intrusions.
The network interconnections between most of the organizations have propagated the detrimental impacts. Several threat actors, invade, and grossly interfere with the major operations. This occurs within these interconnected networks. The most severe malfunctions are usually encountered within the control systems.
The “sophisticated threat actors” have the capacity to invade and compromise the diverse control systems (Ramraj, 2012). Perhaps; this explains why they have been categorized as some of the potential threats in the United States.
Control systems are important in the management of critical infrastructure process within organizations. The likelihood of the application of this malware and actors by cybercriminals is a great threat. Presently, the United States faces a potential security threat from the internet terrorist. The terrorists are more likely to paralyze security systems.
This might be achieved through the application of dangerous threat actors. After compromising the system, the terrorists are able to execute their heinous activities without detection. The susceptibility of the surveillance systems within the U.S. to attack by terrorists is imminent. The threat landscape is regarded as an important methodology that terrorists might use to compromise security systems (Coaffee, 2009).
Default user addresses and passwords have been used to compromise most U.S. technological systems. These concerns have raised high levels of alert and monitoring within all organizations. The intervention of the federal government and other stakeholder agencies is notable. Observably, policy, and surveillance approaches have been applicable. Indeed, these are some of the most critical threats in the United States.
The State Actors and Non-State Actors That Threaten the United States The Most
The United States has increasingly encountered potential threats from diverse sources. Presently, security within all systems and sectors has been given priority. Threats from state and non-state actors are eminent. There are notable negative effects of high technological advancement. There is a need for the application of more robust and comprehensive monitoring and control systems within organizations.
As outlined earlier, the potential threats from non-sate actors such as the terrorist groups are eminent. Most terrorist groups are more likely to compromise several security surveillance systems within the U.S (Ramraj, 2012). This action might be achieved through the application of diverse mechanisms.
However, the security breach through the use of threat actors is possible. In order to increase the level of national security, the federal government must provide adequate actions and policies. The introduction of comprehensive cybersecurity bills and policies may be a critical approach for enhancing safety. There are other notable state actors that might cause a threat to U.S. security.
The art of risk assessment and control must be applied within these systems. In order to achieve this objective, a high level of collaboration between the IT operators and security agencies is critical. This is important to help in enhancing the precision of all risk evaluations.
Improper IT monitoring systems within the state agencies is a major contributory factor to the increased landscape threat. The private companies that have failed to develop adequate monitoring systems also pose a potential threat.
There ought to be comprehensive capacity building and active drills. These should be conducted by both private as well as state agencies. The basic aim is to equip the employees with critical skills to manage the incidences of threat intrusion.
Organized criminal agencies include other non-state actors that cause potential landscape threats within the United States (Goodman, Lin & NRC, 2007). Private organizations involved in active contracting have immensely contributed to the development of potential threats. For instance, in 2009, Stuxnet was introduced. The basic aim was to sabotage major business operations. This is an intricate and detrimental digital worm.
Observably, there is a lack of comprehensive quality control and compliance measures. This has played a critical role in enhancing these trends. Personalities within certain state agencies have indulged in cyber sabotage initiatives.
These have remarkably transformed the threat landscape. Other organizations such as the “WikiLeaks” have also portrayed potential threats to internet security. There have been indications that such non-state actors have indulged in the release of pertinent government information. The act of unlawful disclosure has widely been associated with such agencies (Ramraj, 2012).
The spontaneous release of pertinent and confidential information on the internet poses great threats to the welfare of the United States. According to an American army report, “WikiLeaks” potentiates a high level of national insecurity. Majorly, this is through the release of sensitive information. Generally, it is important to note the role of non-state and state actors in the increase of threat landscape within the U.S.
Implications in Critical Infrastructure Protection for Policy Makers
It is important for state and non-state agencies to ensure high information security. Presently, the threat actors have caused potential disruption of processes. This is eminent within the internet and other areas of technological applications. Most governments have recognized the increasing importance of information safety (Czinkota, Ronkainen & Kotabe, 2009).
Ideally, the situation has been complicated by the high level of technological advancement. Most firms have intricate interconnections and network linkages. This increases the rate of dispersion of the malware and the actors of threats. Due to this, most threat actors can target and interfere with a wide range of organizations or systems. The need to enhance critical infrastructure protection is imminent.
This is because the infrastructure provides an effective monitoring system. Policymakers have a potential role in the achievement of this goal (Sigismondi, 2011). The present technological advancements require robust monitoring and security management systems. This is applicable both to the public as well as private entities. Policymakers must emphasize and practice empirical research.
This will help in understanding and availing the critical information necessary for counteracting the dangerous implications of landscape threats. Policymakers have also recognized the importance of including all stakeholders in initiating reforms within the IT sector. The increasing cases or instances of malware and intrusions within the current systems are very indicative.
Basically, policymakers have realized important lessons from these trends. For instance, there is an urgent need to redesign and redefine the present policies (Straub, 2008). Consideration of the extremely dangerous threat actors remains important. However, the sustainability of these policies must also be ensured.
This is because there might be an emergence of other more severe threat actors in the long run. Other crucial initiatives that most policymakers have considered are evident. These include public awareness, education, and increased advocacy amongst various user groups.
It is important to educate user groups on the monitoring, detection, and management of threat actors. Particularly, this is relevant, considering the emergence of advanced technologies. The recently developed technology that needs high monitoring and systems control is cloud computing (Westby, 2004). A participatory approach is necessary during the formulation and drafting of policies.
Policymakers must recognize the existence of various stakeholders and users of IT services. Particularly, this is appropriate during the formulation of guidelines for cybersecurity and monitoring. Presently, policies must consider the importance of indulging trained personnel in the monitoring and punishment of defaulters.
Generally, the present cybersecurity situations require transformative policy initiatives. Critical infrastructure for monitoring cybersecurity has become a potential center of focus. In this regard, policymakers play an important role.
There are potential challenges associated with cybersecurity. Different nations continue to face these challenges. Globalization and technological advancements are some of the notable contributory factors. Increased internet connections and applications require robust measures for the management of cybersecurity.
Some of the most dangerous threats have been noted. However, there are indications of further complications and challenges. Transformative initiatives must be applied to control this situation. Notably, the policy approach is an important methodology for solving this challenge.
Coaffee, J. (2009). Terrorism, risk and the global city: Towards urban resilience. Farnham, England: Ashgate Pub.
Czinkota, M. R., Ronkainen, I. A., & Kotabe, M. (2009). Emerging trends, threats, and opportunities in international marketing: What executives need to know. New York, NY: Business Expert Press.
Goodman, S. E., Lin, H., & NRC, (National Research Council), (U.S.). (2007). Toward a safer and more secure cyberspace. Washington, DC: National Academies Press.
Ramraj, V. V. (2012). Global anti-terrorism law and policy. Cambridge: Cambridge University Press.
Sigismondi, P. (2011). The Digital Glocalization of Entertainment: New Paradigms in the 21st Century Global Mediascape. New York, NY: Springer Science+Business Media, LLC.
Straub, D. W. (2008). Information security: Policy, processes and practices. Armonk, NY: Sharpe.
Westby, J. R. (2004). International guide to cyber security. Chicago, Ill: ABA Publ.
Leave a ReplyWant to join the discussion?
Feel free to contribute!