Image showing silhouettes of business people holding different devices against a digital screen comprising cybersecurity related icons
Image Source: www.istockphoto.com
This activity will address module outcomes 1, 2, 3, 4, and 5. Upon completion of this activity, you will be able to:
Discuss cyber policies that are tailored for specific environments, such as small business, health care (larger organizations), and at a national level. (CO 4, 5)
Communicate challenges regarding the implementation of cyber policy. (CO 4, 5)
Examine US policy development and recommend areas for improvement. (CO 4, 5)
Discuss regulations like HIPAA and SOX as well as some challenges related to implementation. (CO 4, 5)
Discuss why some agencies and legislators seek additional cybersecurity regulation and guidance. (CO 5, 6)
In May 2009, President Obama accepted the recommendations of the Cyberspace Policy Review. Some of the recommendations included selection of an Executive Branch Cybersecurity Coordinator, closer coordination between the White House and the public and private sectors, greater investment in security-related technology and practice, facilitation of cybersecurity awareness in the classroom and the boardroom, and the promotion of a unified national effort against cyber incidents.
In order to assess how successful the implementation of these recommendations were, this assignment will require you to examine the Cyberspace Policy Review as well as a 2016 fact sheet and some GAO documents and determine what the US has done well. You should also look for and discuss areas of improvement.
Visit the following links to review the 2009 Cyber Policy Review document and the 2015 White House fact sheet.
The White House. (2009). Cyberspace policy review [PDF file size 690 KB]. Retrieved from https://www.whitehouse.gov/assets/documents/Cyberspace_Policy_Review_final.pdf
The White House. (2015, July 9). Fact sheet: Administration cybersecurity efforts 2015. Retrieved from https://www.whitehouse.gov/the-press-office/2015/07/09/fact-sheet-administration-cybersecurity-efforts-2015
Now respond to the following:
What recommendations did President Obama accept from the CPR?
What do you think has been accomplished since that time? According to the CSIS paper and reports from the GAO, what are some gaps and areas for improvement?
Analyze the role of cybersecurity with respect to culture, diversity and interpersonal relationship.
Please use these documents to examine the gaps and challenges related to the implementation of US Cyber Policy. You may also use other resources to support your work.
U. S. Government Accountability Office. (Publicly released 2016, June 21). Information security: Agencies need to improve controls over selected high-impact systems. GAO report 16-501. Retrieved from http://www.gao.gov/products/GAO-16-501
Reeder, F. S., Chenok, D., Evans, K. S., Lewis, J., A., Paller, A. (2012, October). Updating U.S. federal cybersecurity policy and guidance – Spending scarce taxpayer dollars on security programs that work [PDF file size 908 KB]. Center for Strategic and International Studies. Retrieved from https://csis-prod.s3.amazonaws.com/s3fs-public/legacy_files/files/publication/121019_Reeder_A130_Web.pdf