Examine the Role of Cyber-Security Within the Homeland Security Enterprise
On November 16, 2018, President Trump signed into law the Cybersecurity and Infrastructure Security Agency Act of 2018. This landmark legislation elevates the mission of the former National Protection and Programs Directorate (NPPD) within DHS and establishes the Cybersecurity and Infrastructure Security Agency (CISA). CISA builds the national capacity to defend against cyber attacks and works with the federal government to provide cybersecurity tools, incident response services and assessment capabilities to safeguard the ‘.gov’ networks that support the essential operations of partner departments and agencies.
DHS can and should make choices regarding the role it plays relative to the market and relative to other government stakeholders, the private sector and the public. The roles that DHS selects for itself, and the interaction of those roles on a program-by-program basis, will determine the cost and resource intensiveness of its cyber efforts. By building capabilities and focusing efforts in areas unique to DHS, DHS can improve the efficacy and cost-effectiveness of the programs it pursues. DHS should establish training programs for federal Chief Information Officers (CIOs) and certification programs for executives at Critical Infrastructure Protection (CIP) operators. Such programs would be supported significantly by providing mechanisms for those individuals to receive classified information so that trainees can have unimpeded insight into classified threat information. This would enhance their ability to protect their networks and to understand the functions, roles, and capabilities of the various government agencies that can assist them in real-world conditions.
It shows that irregularities in the patching of computers affected users adversely without any fault of their own (Daily Tech, 2012). In addition to that, the operating system of Apple is now considered as one of the most favored platform for hackers due to loopholes in the framework. Similarly, social networks such as Facebook have also been guilty of retaining an obsolete database, which led to one of the biggest security breaches in the recent era of internet (Chabrow, 2013). Thus, it can be said that personal computers are affected due to the negligence of the software vendors but its impact cannot be ignored. Across the board -- in business, society, and government -- the promise of cyber capabilities are matched by potential peril. The cyber environment is never static, but it is perhaps most agile in response to the continual stream of emerging cyber threats and realized cyber attacks. Cybersecurity must be agile. The challenges that must be met in order to secure the cyber realm for all of its legitimate constituents are enormous. Cybersecurity issues are organic, adapting to an evolving environment with the sensitivity and responsiveness of an invading microorganism. Though not to abuse the parallel to medical science, the best defenses against invading cyber threats are information and preparation. As such, cybersecurity can be characterized as technology plus network security plus information assurance.
Malicious cyber tools sold on the Internet can be adapted to intrude into systems and otherwise commit criminal acts related to financial fraud, money laundering, intellectual property theft, or other illicit activities. The growing popularity of cryptocurrencies also presents challenges to countering money laundering and the work of law enforcement.
BITS. (2011). Malware Risks and Mitigation Reports. Retrieved March 11, 2013 from http://www.nist.gov/itl/upload/BITS-Malware-Report-Jun2011.pdf
Daily Tech. (2012). Apple Admits its Macs Have a Malware Problem. Retrieved March 11, 2013 from http://www.dailytech.com/Apple+Admits+Its+Macs+Have+a+Malware+Problem/article24451.htm
Chadrow, E. (2013). Examining How Facebook Got Hacked. Retrieved March 11, 2013 from http://www.bankinfosecurity.com/examining-how-facebook-got-hacked-a-5518
Cole, E. (2012). Advanced Persistent Threat: Understanding the Danger and How to Protect Your Organization. Rockland, MA: Elsevier Science.