Policy for US Cybersecurity
AIR UNIV MAXWELL AFB AL AIR FORCE RESEARCH INST
Pagination or Media Count:
Since creation of the first interconnected computer network in 1969 as an Advanced Research Projects Agency endeavor, cyberspace has expanded to affect many, if not most, aspects of Americans lives. Unfortunately, accessibility to and expansion of the Internet often proceeded without proper consideration for the security of the information contained or transmitted therein. The lack of necessary security and the anonymity afforded by the Internet led to equally rapid growth if not more so of the nefarious exploitation of this man-made domain. Regrettably, it is unlikely that the United States can protect itself from the growing threat of cybercrime and state-sponsored intrusions and operations. 1 However, this prospect should not limit attempts by the United States to defend its cyberspace infrastructure, whether the threat comes from terrorists, cybercriminals, or states and their proxies. 2 Consequently, America must develop offensive and defensive cyber capabilities. Additionally, clearly defined policies require development and implementation to ensure cohesion across the whole of government. With respect to cyber domain attacks on US civilian systems attributable to a nation-state, the Department of Homeland Security DHS should have responsibility for responding in the form of consequence management US Northern Command USNORTHCOM, for domestic attack assessment and US Cyber Command USCYBERCOM, for defense and any counterstrike response in coordination with applicable combatant commands and US national agencies. This article describes the cyberspace environment and its threats explains the current authorities, roles, and responsibilities of these and other agencies and details how these authorities, roles, and responsibilities need modification to best protect US national security interests.
- Computer Systems Management and Standards
- Military Operations, Strategy and Tactics