Identifying Key Government Stakeholders in National Cybersecurity

Chris Orr
Categories : Enterprise security ,Computing
Tags : Computing enterprise security topics network

Page content

Introduction

War has been waged between nation-states for thousands of years. The only things that have changed besides motivations is the technology used. Besides the use of weapons and soldiers today’s warfare includes new methods including cyber attacks. Nation-states and even small groups and individuals with an axe to grind can use the internet and other electronic means to attack the infrastructure, both physical and virtual, of the United States or other countries.

Stuxnet, it is believed, was directed at the nuclear infrastructure of Iran. In 2008, there were 54,640 cyberattacks directed against the United States Department of Defense and 43,785 in the first half of 2009 alone. Researchers believe that China is a growing source of these cyberattacks. Nearly every government agency can be considered a stakeholder in national cybersecurity.

National Security Agency

By charter alone, the National Security Agency is a key government stakeholder in national cybersecurity. The NSA considers protecting the United State’s critical information in cyberspace one of its most serious challenges. The NSA partners with government and private groups to increase the level of awareness and preparedness of the government’s cybersecurity professionals.

The National Information Assurance Education and Training Program establishes training and education programs and contributes to National Security Systems (NSS) and the Centers of Academic Excellence in Information Assurance Program to help maintain the level of training seen by other countries like China and India.

Department of Energy

The Department of Energy (DOE) is not only concerned with protecting the nuclear assets of the United States but the non-proliferation of the same in other countries. The DOE also works with the North American Electric Reliability Corporation (NERC) and the US Federal Energy Regulartory Commission (FERC), which establishes cybersecurity standards for protecting the assets responsible for generating and distributing power in the United States.

Cyberattacks against the power grid have the potential to cripple the United States, so their determent is considered a top priority by these groups and agencies. Energy companies must be compliant with these standards to ensure that sufficient levels of cybersecurity are present to protect the energy infrastructure of the United States.

Department of Homeland Security

Like the NSA, the Department of Homeland Security (DHS) is tasked with keeping the federal civilian network secure. The DHS runs cybersecurity awareness programs and the United States Computer Emergency Readiness Team to work inside and outside of the Federal government infrastructure to maintain cybersecurity.

In 2004 the DHS began the National Cyber Security Division to secure the cyber assets of the United States. This division works with government and private groups to protect critical infrastructure and respond to cyber attacks.

Investigating Cyber Attacks

Investigating cyber attacks is part of the work done by the Federal Bureau of Investigations and the United States Secret Service. Attacks on government infrastructure or even cyber crimes against private individuals can fall under the jurisdiction of these two agencies. The United States Postal Service and the Federal Trade Commission also investigate cyber crimes and work to prevent them.

Both the FBI and the Secret Service have published cyber crime security reports detailing the numbers of crimes investigated and the sources of those crimes. According to the report published by the Verizon RISK Team and the Secret Service, over 900 million records were stolen in 257 cases, of which 70 percent were from external sources. Eighty-five percent of those external sources were linked to organized crime.

Ultimately, nearly every aspect of life in the United States is overseen by a local, state or federal agency. Each of those agencies has a vested interest in protecting the infrastructure of the United States and the population within.

References

Moscarito, Angela; “Report: Cyberattacks against the US ‘rising sharply’”; https://www.scmagazineus.com/report-cyberattacks-against-the-us-rising-sharply/article/158236/

McMillan, Robert; “Was Stuxnet Built to Attack Iran’s Nuclear Program?”; https://www.pcworld.com/businesscenter/article/205827/was_stuxnet_built_to_attack_irans_nuclear_program.html

National Security Agency; https://www.nsa.gov/ia/news/2010/cyber_security_education.shtml

Department of Energy; https://www.energy.gov/nationalsecurity/index.htm

North American Electric Reliability Corporation; https://www.nerc.com/page.php?cid=1

Department of Homeland Security; https://www.dhs.gov/files/programs/gc_1234200709381.shtm

DHS: National Security Division; https://www.dhs.gov/xabout/structure/editorial_0839.shtm

2010 Verizon Data Breach Investigations Report; https://www.verizonbusiness.com/resources/reports/rp_2010-data-breach-report_en_xg.pdf

Image Credit: jscreationzs / FreeDigitalPhotos.net