Legal Role of Government
The U.S. Government manages cybercrime through various strategies which include offering free cyber security services through the Automated Indicator Sharing and the MITRE Corporation, Establishing national security agencies such as FBI and the DHSIN-department of homeland security’s information network. DHSIN was created about ten years ago to provide a framework for law enforcement “to collaborate securely with partners across geographic and jurisdictional boundaries (Binns, 2017). Today, the department of HSIN has been expanded to include, cyber security experts, infrastructure owners, emergency managers. As result of the DHSIN’s efforts in November 2016, the investigative organization helped in solving a major cybercrime where 178 online bullies and hackers were arrested (Binns, 2017). On the hand, the Automated Indicator Sharing (AIS) was established by the US government to offer free service to enable real-time sharing of security information (US-CERT, n.d).
Moreover, its strategies to curb cybercrime, U.S. government introduced The MITRE Corporation to highlight Common Vulnerabilities and potential threats and vulnerabilities in real-time. For example, the Code Red worm of 2001, commonly referred to as “the worm that ate the internet”, affected 658 servers within 19 hours all over the world was identified and eliminated through the efforts of various US government agencies, such as the HSIN, FBI and MITRE (Zou, Gong & Towsley, 2002).
The US government recently unveiled various initiatives aimed at developing a legal response to these cyber threats (Kshetri, 2015). In this regard, the government has two important plays a sinficant role in creating a cybercrime policy framework and institution for tracking and monitoring cybercrime (Kesari, Hoofnagle, & McCoy, 2017). The US government’s role in creating a viable cybersecurity policy entails the assessment of a wide range of factors and legal measures for preventing and combating cyber crimes. Developing a cybersecurity policy entails defining what constitutes cybercrime, agency jurisdiction, and guidelines for international cooperation (Hui, Kim, & Wang, 2017). However, it is challenging addressing US government cybercrime adequately, as it can only act after the commission of cybercrime.
In fulfilling these roles, the US government working in conjunction with Congress has passed more than 12 federal laws for combating cybercrime. These legal provisions include acts such as the Computer Fraud and Abuse Act of 1996 and the Gramm-Leach Bliley Act of 1999 (Burns, 2017). The latter law holds financial institutions responsible for the security of any data and information they hold pertaining to customers. In addition to this role, the government has the primary responsibility for fighting cybercrime. In this capacity, it created the national Cyber Investigative Task Force in 2008, a composite agency of 20 agencies that includes experts from the intelligence community, law enforcement agencies, and the Department of Defense. Besides, agencies such as the FBI and Secret Service have their cybersecurity departments (Kesari, Hoofnagle, & McCoy, 2017).
Concert Roles of Government and Private Sector
Both the government and private sector have various responsibilities enhancing national information security by establishing effective and intelligent cyber threat data sharing platforms. For instance, the U.S. government in collaboration with the private sector established the Automated indicate sharing (AIS) platform that allows them to exchange real time data concerning cyber threat indicators (US-CERT, n.d). The platform has the capability of identifying data that could be linked to malicious sender or IP addresses as determined by the security system. In their efforts cyber warfare efforts, both government and private sector of various countries, such as the United States government and FireEye have developed and implemented cyber warfare security policies to enable efficient collection of cyber threat data for improved security (FireEye, n.d). While such technique does not eliminate the possibility cyber-attacks, it contributes significantly to the national cyber warfare efforts by reducing the possibility of hackers using same tricks for repeated attacks.
The joint effort among the Department of Homeland Security, the public and the private segment in combating cyber threats was established in 2003 as the United States Computer Emergency Readiness Team (US-CERT) (Jarrett & Bailie, 2015). Its primary mandate is to protect the nation’s Internet infrastructure. In addition, it is responsible for coordinating defense against and response to cyber-attacks (Jarrett & Bailie, 2015). The partnership entity works with federal bodies, industry, research groups, state and local authorities among other stakeholders to share critical and actionable cyber security information to the public. The team also offers a platform for citizens, businesses as well as institutions to interact with and coordinate efforts directly with the United States government in regards to cyber security (Jarrett & Bailie, 2015)
Private sector and government entities as legally obliged to share information regarding possible threats with federal bodies such as the Federal Bureau of Investigation (FBI) and the Department of Homeland Security (DHS) through the National Cyber security and Communications Integration Center (NCCIC) (Deloitte, 2014). According to Chamber conference speaker Michael Hayden, this helps businesses maintain operational integrity, defend corporate value and safeguard user data as outlined in the legal policies concerning information security and cybercrime (TSC Newsroom, 2018). Moreover, Sullivan (2016) indicate that the international law on cyber security prohibits the use of computer or internet resources to harm or exploit other, it emphasizes that the government and the private sector are obliged to collaborate and share up-to-date cyber related incidents to prevent mass losses due to threat recurrence.
Legal roles of the Private Sector
Each financial year, the United States government allocates funds to support the fight against cybercrimes. In FY2017-2019, the spending on cyber-security was estimated at $14.4 billion which is a $0.9 billion increase from the previous year’s allocation ($13.15 billion) (Statista, 2018). About $14.98 billion is spent in the fight against cyber-related attacks (Statista, 2018). Various initiatives have been launched in different states to address cyber-security issues. In particular, more than 35 states introduced over 265 bills concerning cyber threats (National Conference of State Legislatures, 2018). For instance, California introduced CA A 1678 which requires the Secretary of State to comply with regulations regarding the storage and security of voter registration data. On a national scale, the Executive Order 13636 issued by the White House which serves to protect critical infrastructure (CI) regarding development of standards and sharing of information (Fisher, 2014). One of the 50 statutes is the “Federal Information Security Management Act of 2002 (FISMA)” which proposed reforms to FISMA. This helped strengthen and clarify the mandate of National Institute of Standards and Technology (NIST) and bestow the responsibility of promulgating federal cyber-security standards to OMB Office of Management and Budget (CIO, 2018).
Various cyber-security incidents were experienced in the United States in recent years. One notable event is the 2014 hack at Sony where documents from its computers were released exposing personal data. Hackers intended to compromise the release of a comedy about North Korea. Former employees filed a lawsuit that accused Sony of negligence towards upholding measures on identity theft. Sony was fined a total of $8 million to compensate current and former employees in the scandal (Find Law, 2014). The US District Court in Los Angeles settlement covered legal fees, cost of credit protection services and losses in identity theft.
Today, private organizations are demanding for improved communication regarding cyber threats in their organizations. By actively implementing and coordinating the various risk functions of cyber security policies, corporates must protect their staff against cyber-related losses (TSC Newsroom, 2018). Private are legally obliged to protect personal data of their customers from illegal access and use. For example, one of the incidents related to cyber-security in the private sector include Equifax data breach of 2017. In this incident, 143 million Americans had their personal information exposed by the giant credit reporting agency (Gressin, 2017). Hackers accessed people’s biographical information, financial details and dispute documents. Specifically, the company admitted that credit card numbers of 209,000 customers were exposed (O’Brien, 2017). The hack also exposed information for UK nationals leading to a 500,000 GBP fine by the UK government for Data Protection Act 1998 violation (Chiavetta, 2018). Thus, to avoid such incidents, legal frameworks emphasize that private companies must upgrade their cyber hygiene to protect their consumer’s personal data according to federal requirements. This goes a long way in establishing a solid information warfare mechanism by cultivating a good cyber-security culture and synchronizing third party vendor security.Free research paper samples and term paper examples available online are plagiarized. They cannot be used as your own paper, even a part of it. You can order a high-quality custom research paper on your topic from expert writers:
EffectivePapers.com is a professional academic paper writing service committed to writing non-plagiarized custom research papers of top quality. All academic papers are written from scratch by highly qualified research paper writers you can hire online. Just proceed with your order, and we will find the best expert for you!
Binns, C. (2017, May 29). Law Enforcement Partnerships Enhance Cybercrime Investigations – PA TIMES Online. Retrieved from https://patimes.org/law-enforcement-partnerships-enhance-cybercrime-investigations/
Burns, J. (2017). Breach of faith: a lack of policy for responding to data breaches and what the government should do about it. Fla. L. Rev., 69, 959.
Chiavetta, R. (2018, September). How the ICO’s Equifax Penalty Could Impact U.S. Enforcement Actions. Retrieved from https://iapp.org/news/a/how-the-icos-equifax-penalty-could-impact-u-s-enforcement-actions/
CIO. (2018, May 30). Release of the Federal Cybersecurity Risk Determination Report and Action Plan to the President of the United States. Retrieved from https://www.cio.gov/2018/05/30/Risk-Report/
Deloitte.(2014, April 29). Public, Private Sectors: Join Forces to Fight Cyber Crime. The Wall Street Journal. Retrieved from https://deloitte.wsj.com/cio/2014/04/29/public-private-sectors-join-forces-to-fight-cyber-crime/
FireEye. (n.d). Threat Intelligence Reports Forrester: FireEye Named the Leader in External Threat Intelligence Services. Retrieved November 3, 2018 from https://www.fireeye.com/current-threats/threat-intelligence-reports.html
Hui, K. L., Kim, S. H., & Wang, Q. H. (2017). Cybercrime deterrence and international legislation: evidence from distributed denial of service attacks. Mis Quarterly, 41(2), 497.
Jarrett, H. M., & Bailie, M. W. (2015). Prosecuting Computer Crimes: Computer Crime and Intellectual Property Section Criminal Division. OLE Litigation Series, 1-201. Retrieved from https://www.justice.gov/sites/default/files/criminal-ccips/legacy/2015/01/14/ccmanual.pdf
Find Law. (2014). Ex-Sony Employees Sue Over Leaked Emails. Retrieved from https://blogs.findlaw.com/celebrity_justice/2014/12/ex-sony-employees-sue-over-leaked-emails.html
Fischer, E. A. (2014). Federal Laws Relating to Cybersecurity: Overview of Major Issues, Current Laws, and Proposed Legislation. Congressional Research Service, 1-61. Retrieved from https://fas.org/sgp/crs/natsec/R42114.pdf
Gressin. (2017, July 13). The Equifax Data Breach: What to Do. Retrieved from https://www.consumer.ftc.gov/blog/2017/09/equifax-data-breach-what-do
Kesari, A., Hoofnagle, C., & McCoy, D. (2017). Deterring cybercrime: Focus on intermediaries. Berkeley Tech. LJ, 32, 1093.
Kshetri, N. (2015). Recent us cybersecurity policy initiatives: challenges and implications. Computer, 48(7), 64-69.
O’Brien, S. A. (2017, September 7). Giant Equifax data breach: 143 million people could be affected. Retrieved from https://money.cnn.com/2017/09/07/technology/business/equifax-data-breach/index.html
Statista. (2018). Topic: U.S. Government and Cyber Crime. Retrieved from https://www.statista.com/topics/3387/us-government-and-cyber-crime/
Sullivan, C. (2016, July 21). The 2014 Sony Hack and the role of International Law. Retrieved November 3, 2018, from http://jnslp.com/2016/07/21/2014-sony-hack-role-international-law/
TSC Newsroom. (2018, May 31). What is the Private Sector’s Role in Cybersecurity?. Retrieved from https://tscadvantage.com/what-is-the-private-sectors-role-in-cybersecurity/
Zou, C. C., Gong, W., & Towsley, D. (2002). Code Red Worm Propagation Modeling and Analysis, ACM publishers, Washington DC. Retrieved from http://www.cs.ucf.edu/~czou/research/codered.pdf