Private and Public Sector Cybersecurity Needs
Table of Contents
Executive Summary 3
The Current State of Cybersecurity 4
The Evolution of Cybersecurity 7
Moving Towards a More Secure Tomorrow 9
Today’s world is quickly evolving into a world that relies solely on technology as a way to do business and communicate. With this move towards a technology-centered society, both public and private sectors have to keep up with and evolve just as quickly, while trying to be proactive when it comes to security. The world today is not as safe as it once was, and as it changes to a more paperless, ...view middle of the document...
The Current State of Cybersecurity
Research has shown that cybersecurity has increased greatly since 9/11 for both the government and private sectors. Cybersecurity has become a billion dollar industry, yet government and private sectors are still under constant threat from external and internal attacks (i.e. Target, NSA). Cybersecurity is not just a government issue and “the nation’s businesses manage a significant share of online activity related to national security;” therefore they “must play a larger role in ensuring the overall integrity of system” (Etzioni, 2011). Recognizing this shared responsibility is vitally important. In a recent report commissioned by Dell, “17% of the IT budget/revenue is allocated to IT security, which in the private sector equates to an average annual spend of $96M” (Bourne, 2014). In numerous occurrences basic precautionary measures, low budgets and lack of accountability are glaring holes in the armor of cybersecurity.
According to a recent Senate cybersecurity report, there are “repeated failures by federal officials” including “installing security patches, updating anti-virus software, communicating on secure networks and requiring strong passwords” (Timberg and Rein, 2014). The report also found that a frequently used password on many federal systems was “password” (2014). Many federal and private security issues are simply because basic security measures are not being taken. As noted by the Rachel King, the Department of Energy (DoE) has been breached at least 3 times over the past few years with systems being allowed to operate even though they were known to have critical and high vulnerabilities (King, 2013). If funding, or lack thereof, could be used as an excuse for any of the known breaches the DoE was never upfront about it or expressed any cause for concern.
Government agencies and organizations are more reliant than ever on computers and technology to improve efficiency and viability. On the other hand, the expansion of information technology produces open doors and holes to readily access government and corporate systems. Recent reports and news indicate that the amount of cybersecurity threats and occurrences have expanded significantly and have brought about significant economic loss and sensitive information leaks worldwide. Clearly, how to improve cybersecurity or, then again, how to keep frameworks from being broken are key inquiries for any agency or organization to think about. Attention to the criticalness of cybersecurity is evidenced by the exponential rise in information security investments.
For many years now representatives in Congress, business executives and the like have been proposing and debating proposed initiatives to combat rising cyber threats, but staunch opposition from other departments and groups with their own agendas have hindered those initiatives from moving forward. In 2012, the U.S. House passed the Cyber Intelligence Sharing and Protection Act (CISPA) in...