International Cyber Terrorism
International Cyber Terrorism
International Cyber Terrorism
- No tags were found...
You also want an ePaper? Increase the reach of your titles
YUMPU automatically turns print PDFs into web optimized ePapers that Google loves.
V. <strong>Cyber</strong> Security Regulation<br />
A <strong>Cyber</strong>security Regulation comprises directives that safeguard information<br />
technology and computer systems with the purpose of forcing companies and<br />
organizations to protect their systems and information<br />
from cyberattacks like viruses, worms, Trojan horses, phishing, denial of service (DOS)<br />
attacks, unauthorized access (stealing intellectual property or confidential<br />
information) and control system attacks. There are numerous measures available to<br />
prevent cyberattacks.<br />
<strong>Cyber</strong>security measures include firewalls, antivirus<br />
software, intrusion<br />
detection and prevention systems, encryption,<br />
and login passwords. There have been<br />
attempts to improve cybersecurity through<br />
regulation and collaborative efforts between<br />
the government and the private sector to<br />
encourage voluntary improvements to<br />
cybersecurity. [1] Industry<br />
regulators,<br />
including banking regulators, have taken notice<br />
of the risk from cybersecurity and have either begun or planned to begin to include<br />
cybersecurity as an aspect of regulatory examinations.<br />
Background<br />
In 2011 the DoD released a guidance called the Department of Defense Strategy for<br />
Operating in <strong>Cyber</strong>space which articulated five goals: to treat cyberspace as an<br />
operational domain, to employ new defensive concepts to protect DoD networks and<br />
systems, to partner with other agencies and the private sector in pursuit of a "whole-ofgovernment<br />
cybersecurity Strategy", to work with international allies in support of<br />
collective cybersecurity and to support the development of a cyber workforce capable of<br />
rapid technological innovation. A March 2011 GAO report "identified protecting the<br />
federal government's information systems and the nation's cyber critical infrastructure<br />
as a governmentwide high-risk area" noting that federal information security had been<br />
designated a high-risk area since 1997. As of 2003 systems protecting critical<br />
infrastructure, called cyber critical infrastructure protection of cyber CIP have also been<br />
included.<br />
In November 2013, the DoD put forward the new cybersecurity rule (78 Fed. Reg.<br />
69373), which imposed certain requirements on contractors: compliance with<br />
certain NIST IT standards, mandatory reporting of cybersecurity incidents to the DoD,<br />
and a "flow-down" clause that applies the same requirements to subcontractors.<br />
Page 81 of 174