Assignment
1. How should government justify telling private industry how to set up or improve their cybersecurity?
• Keeping the focus on national security concerns, clearly discuss the compelling sociopolitical reasons, motivations, or arguments for or against government intervention into private sector cybersecurity.
• Clearly discuss the methods of government intervention. That is, what authorities (such as laws, regulations and rules) give the executive or legislative representatives the right to regulate private industry?
• Describe real-world examples that help support your discussion.
2. Clearly discuss the impacts/effects, if any, on national security due to government regulation required to be implemented by private industry.
• Clearly discuss effects on national security that might result from (a) failure to comply with related cyber regulations or requirements, (b) meeting only the minimum requirements, and (c) exceeding the minimum requirements.
• Clearly discuss whether private industry now has a responsibility to protect national security through implementing good cybersecurity controls imposed by government regulation.
• Describe real-world examples that help support your discussion.
Course Objective: Research cybersecurity laws, regulations and legal concepts, and relate them to managerial decisions needed to protect national security.
Each student explores cybersecurity as a public good.
Answer these questions:
1. How should government justify telling private industry how to set up or improve their cybersecurity?
• Keeping the focus on national security concerns, clearly discuss the compelling sociopolitical reasons, motivations, or arguments for or against government intervention into private sector cybersecurity.
• Clearly discuss the methods of government intervention. That is, what authorities (such as laws, regulations and rules) give the executive or legislative representatives the right to regulate private industry?
• Describe real-world examples that help support your discussion.
2. Clearly discuss the impacts/effects, if any, on national security due to government regulation required to be implemented by private industry.
• Clearly discuss effects on national security that might result from (a) failure to comply with related cyber regulations or requirements, (b) meeting only the minimum requirements, and (c) exceeding the minimum requirements.
• Clearly discuss whether private industry now has a responsibility to protect national security through implementing good cybersecurity controls imposed by government regulation.
• Describe real-world examples that help support your discussion.
Paper Length 5-7 pages Readings
1. Shipley, T., and Bowker, A. (2013). Investigating Internet crimes: An introduction to solving crimes in cyberspace, Ch. 16, pp. 375 - 95. Waltham, MA: Syngress. (available on eReserves)
2. Gragido, W., Molina, D., Pirc, J., and Selby, N. (2012). Blackhatonomics: An inside look at the economics of cybercrime, Ch. 4 & 5, pp. 45 - 68. Waltham, MA: Syngress. (available on eReserves)
3. Poore, R. S. (2007). Information security governance. In Tipton, H., and Krause, M. (Eds.), Information security management handbook, Ch. 8, pp. 89 - 94. Boca Raton, FL: Auerbach Publications. (available on eReserves)
4. Warfield, D. Critical infrastructures: IT Security and Threats from Private Sector Ownership (2012), Information Security Journal: A Global Perspective, 21, 3, 2012, pp. 127-136. doi10.1080/19393555.2011.652289.(available on eReserves)
5. The Cybersecurity Partnership Between the Private Sector and Our Government: Protecting Our National and Economic Security, retrieved from https://www.hsgac.senate.gov/hearings/the-cybersecuritypartnership-between-the-private-sector-and-our-government-protecting-our-national-and-economicsecurity.
6. Bound to Fail: Why Cyber Security Risk Cannot Simply Be "Managed" Away -
https://www.brookings.edu/~/media/research/files/papers/2013/02/cyber%20security%20langner%20pederson/cybersecurity_langner_pederson_0225.pdf (Brookings 2013 Report critical of Presidential