critique discussion below

Sung

“It takes 20 years to build a reputation and a few minutes of cyber-incident to ruin it.” senior IT consultant of CISO, Stephan Nappo (n.d.) explains why cybersecurity is important. When we think of a word cybersecurity, most of us will think of the identity theft, hacking email, or the bank information, and password to steal money or information. However, it is more than that. What about the cyberterrorism? Just imagaine the critical infrastructures, such as power plant, hospitals, and communications, in the city or county all stop at once. There will be panic among the citizens and society, and it can cause even greater dangers.

In 2015, there were a massive cyberattack hit in Ukraine (Ball, 2017). A group of a hacker took control of the supervisory control and data acquisition (SCADA), and it resulted the black out in Kiev area (Ball, 2017). Similar incident happen in U.S. too. According to U.S. Department of Homeland Security (2018), “Russian government was recently targeted energy, nuclear, commercial facilities, water, aviation, and critical manufacturing sectors for cyberattack.” According to the same source (U.S. Department of Homeland Security, 2018), the Russian government was using spear-phishing emails, watering-hole domains, credential gathering, and other method to penetrate and attack the critical infrastructure. As you can see from these examples, a cyberattack and cybersecurity is more than what it looks. Then who would do such a thing? And what would be their motive?

The threat can be anywhere. It can be the individual hacker, hacktivist, individual cybercriminal or groups, and even the advanced threats such as hostile nation or government (Global Knowledge, 2019). Individual hacker or so call “script kiddies” are the attacker normally uses normal hacking tools to attack the target (Global Knowledge, 2019). Normally, their motive is to impress their friends or family, and they do not have much resources or knowledge to form a bigger attack (Global Knowledge, 2019). Hacktivist are normally more or highly skilled hacker group, whom has social or political motive (Global Knowledge, 2019). According to the authors of “Hacktivism, Cyber-Terrorism, And Cyberwar (Baldi, Gelbstein, & Kurbalija, 2003), Hacktivist do not normally cause the seriously harmful attack (pp.23-24). Their target would be normally the government website or large organizations, which would catch the eyes of the public (Global Knowledge, 2019). Their motive is to publically embarrass or disturb the target to gather public attention on them.

Individual cybercriminals and criminal organizations in other hand can be a bigger threat. They have money and resource to organize larger crime with bigger impact to the target and government (Global Knowledge, 2019). They are normally highly skilled professional, whom normally targets large amount of money or critical data (Global Knowledge, 2019). Advanced persistent threats can be the group of trained government professional to sabotage other nations’ critical infrastructures and resources (Global Knowledge, 2019). They can be very dangerous. Like the Russian Government attack on Ukraine and United States was good examples of Advanced persistent threats. Then as a Governor, what would you do to prevent the cybersecurity attacks?

Ferro, Henry, and MacLellan (2010) from the Homeland Security & Public Safety Division suggest, the four paces of the security, which are prepare, prevent, respond, and recover (p.1). A governor can prepare the cybersecurity attack by appoint State Homeland Security Adviser, appoint Chief Information Security Officer form a Homeland Security Counsel, and appoint State’s Homeland Security Organization (Ferro, Henry, & MacLellan, 2010, p.6). Homeland Security Adviser, Chief Information Security Officer (CISO), and Homeland Security Council can implement and carry out the homeland security missions such as a cyber security, and Homeland Security Organization can gather the necessary funding for the cybersecurity (Ferro, Henry, & MacLellan, 2010, pp.7-8). Planning, developing, and executing of the cybersecurity mission need to have funding and analysis. Just like our potential threats use funding and knowledge to attack our infrastructures, we need the knowledge and money to depend. Also, governor should be familiar with Homeland security and cybersecurity related polices too (Ferro, Henry, & MacLellan, 2010, pp.7-8).

Having the knowledge of the required policies, cybersecurity, and potential vulnerability in state for cyberattacks as governor could help prevent the cyberattacks (Ferro, Henry, & MacLellan, 2010, p.36). In addition, developing cyber security policy with CISO and coordinate with private sector for cybersecurity would help prevent the cyberattack as well (Ferro, Henry, & MacLellan, 2010, pp.36-38). To prevent attacks from the professional criminals such as cyber criminal organization and advanced persistent threat, we need to have professionals in defense too. CISO and experts in public sector can bring this to the table.

For respond and recover, governor should form an emergency respond team, emergency funding, and recovery plan. Proper staffing, procedure, tools and resource would be helpful for quick respond and recovery (Burke, 2018). First form an incident response team to detect the attack, send out warning when attack happens, investigate the incident, perform remediation, recovery, and follow-up with the cyber incident would help reduce the respond time when cyberattack occurs (Burke, 2018). To do that, enough funding and resources should be provided, and well-planned recovery plan should be developed and implemented.

13 hours ago

school lk school MK