Cyberspace Policy Review

"The architecture of the Nation's digital infrastructure, based largely upon the Internet, is not secure or resilient." It's a horrifying wakeup call that bluntly opens this report on one of the most serious national security and economic threats the United States-and, indeed, the world-faces in the 21st century. And it sets the stage for the national dialogue on cybersecurity it hopes to launch. Prepared by the U.S. National Security Council-which was founded by President Harry S. Truman to advise the Oval Office on national security and foreign policy-this official government account explores: the vulnerabilities of the digital infrastructure of the United States what we can do to protect it against cybercrime and cyberterrorism how to protect civil liberties and personal privacy in cyberspace why a citizenry educated about and aware of cybersecurity risks is vital the shape of the public-private partnership all these efforts will require Just as the United States took the lead in creating the open, flexible structures of the early Internet, it must now take the initiative in ensuring that our digital networks are as secure as they can be, without stifling the unprecedented freedom of opportunity and access the information revolution has afforded us all. This report is the roadmap for making that happen, and it is required reading for anyone who works or plays in the 21st-century digital world: that is, all of us.

The President directed a 60-day, comprehensive, "clean-slate" review to assess U.S. policies and structures for cybersecurity. Cybersecurity policy includes strategy, policy, and standards regarding the security of and operations in cyberspace, and encompasses the full range of threat reduction, vulnerability reduction, deterrence, international engagement, incident response, resiliency, and recovery policies and activities, including computer network operations, information assurance, law enforcement, diplomacy, military, and intelligence missions as they relate to the security and stability of the global information and communications infrastructure. The scope does not include other information and communications policy unrelated to national security or securing the infrastructure. The review team of government cybersecurity experts engaged and received input from a broad cross-section of industry, academia, the civil liberties and privacy communities, State governments, international partners, and the Legislative and Executive Branches. This paper summarizes the review team's conclusions and outlines the beginning of the way forward towards a reliable, resilient, trustworthy digital infrastructure for the future.

An essential, eye-opening book about cyberterrorism, cyber war, and the next great threat to our national security. “Cyber War may be the most important book about national security policy in the last several years.” –Slate Former presidential advisor and counter-terrorism expert Richard A. Clarke sounds a timely and chilling warning about America’s vulnerability in a terrifying new international conflict. Cyber War is a powerful book about technology, government, and military strategy; about criminals, spies, soldiers, and hackers. It explains clearly and convincingly what cyber war is, and how vulnerable we are as a nation and as individuals to the vast and looming web of cyber criminals. Every concerned American should read this startling and explosive book that offers an insider’s view of White House ‘Situation Room’ operations and carries the reader to the frontlines of our cyber defense. Cyber War exposes a virulent threat to our nation’s security.

This is a print on demand edition of a hard to find publication. To address pervasive computer-based (cyber) attacks against the U.S. that posed potentially devastating impacts to systems and operations, the fed. gov¿t. has developed policies and strategies intended to combat these threats. A key development was in Feb. 2009, when Pres. Obama initiated a review of the government's overall strategy and supporting activities with the aim of assessing U.S. policies and structures for cybersecurity. The resulting policy review report issued in May 2009 provided 24 near- and mid-term recommendations to address these threats. This report assessed the implementation status of the 24 recommendations. This report analyzed the policy review report and assessed agency documentation. Charts and tables.

We depend on information and information technology (IT) to make many of our day-to-day tasks easier and more convenient. Computers play key roles in transportation, health care, banking, and energy. Businesses use IT for payroll and accounting, inventory and sales, and research and development. Modern military forces use weapons that are increasingly coordinated through computer-based networks. Cybersecurity is vital to protecting all of these functions. Cyberspace is vulnerable to a broad spectrum of hackers, criminals, terrorists, and state actors. Working in cyberspace, these malevolent actors can steal money, intellectual property, or classified information; impersonate law-abiding parties for their own purposes; damage important data; or deny the availability of normally accessible services. Cybersecurity issues arise because of three factors taken together - the presence of malevolent actors in cyberspace, societal reliance on IT for many important functions, and the presence of vulnerabilities in IT systems. What steps can policy makers take to protect our government, businesses, and the public from those would take advantage of system vulnerabilities? At the Nexus of Cybersecurity and Public Policy offers a wealth of information on practical measures, technical and nontechnical challenges, and potential policy responses. According to this report, cybersecurity is a never-ending battle; threats will evolve as adversaries adopt new tools and techniques to compromise security. Cybersecurity is therefore an ongoing process that needs to evolve as new threats are identified. At the Nexus of Cybersecurity and Public Policy is a call for action to make cybersecurity a public safety priority. For a number of years, the cybersecurity issue has received increasing public attention; however, most policy focus has been on the short-term costs of improving systems. In its explanation of the fundamentals of cybersecurity and the discussion of potential policy responses, this book will be a resource for policy makers, cybersecurity and IT professionals, and anyone who wants to understand threats to cyberspace.

"To address pervasive computer-based (cyber) attacks against the United States that posed potentially devastating impacts to systems and operations, the federal government has developed policies and strategies intended to combat these threats. A recent key development was in February 2009, when President Obama initiated a review of the government's overall strategy and supporting activities with the aim of assessing U.S. policies and structures for cybersecurity. The resulting policy review report-issued by the President in May 2009-provided 24 near- and mid-term recommendations to address these threats.GAO was asked to assess the implementation status of the 24 recommendations. In doing so, GAO, among other things, analyzed the policy review report and assessed agency documentation and interviewed agency officials. "

Drawing upon a wealth of experience from academia, industry, and government service, Cyber Security Policy Guidebook details and dissects, in simple language, current organizational cyber security policy issues on a global scale—taking great care to educate readers on the history and current approaches to the security of cyberspace. It includes thorough descriptions—as well as the pros and cons—of a plethora of issues, and documents policy alternatives for the sake of clarity with respect to policy alone. The Guidebook also delves into organizational implementation issues, and equips readers with descriptions of the positive and negative impact of specific policy choices. Inside are detailed chapters that: Explain what is meant by cyber security and cyber security policy Discuss the process by which cyber security policy goals are set Educate the reader on decision-making processes related to cyber security Describe a new framework and taxonomy for explaining cyber security policy issues Show how the U.S. government is dealing with cyber security policy issues With a glossary that puts cyber security language in layman's terms—and diagrams that help explain complex topics—Cyber Security Policy Guidebook gives students, scholars, and technical decision-makers the necessary knowledge to make informed decisions on cyber security policy.