Category: Cybersecurity

The number of cyber-security threats and attacks in the United States (US) is rising rapidly. The problem has escalated into a matter of national security and significant danger to national survival. It has been fueled by technological developments globally, particularly creating readily available hacking tools and online messaging. Therefore, the US is in constant danger of relentless attacks from enemies both at home and from abroad.

Attackers take advantage of vulnerabilities to launch attacks on schools and institutions of higher learning, as well as local governments. They then demand colossal sums of money to get their targets out of the situation. If they fail to obey, they end up suffering the consequences, including having to reconstitute their computer networks. Cyber-security threats and attacks are like terminal health conditions. They can only be managed but cannot be eliminated (“FBI, CISA, MS-ISAC: Cybercriminals Increasingly Attacking K-12 Distance Learning,” 2020). It is for this reason that the US government, as well as local authorities, must be persistently alert. The attackers live within the larger global community, and some harbor serious ill-intentions.

The national government has put in place several measures to avoid such incidents. In 2003, the government introduced the Multi-State Information Sharing and Analysis (MS-ISAC) under the Center for Internet Security (CIS). The MS-ISAC is funded by the Department of Homeland Security (DHS) through grants. The organization seeks to tighten the all-inclusive cybersecurity position of the state, local, tribal, and territorial (SLTT) governments. It draws expertise from highly trained CIS staff who are ready to help members in any cybersecurity incident. The staff is trained sufficiently in reverse engineering, malware analysis, forensics analysis, log analysis, and susceptibility assessments (MS-ISAC Charter, 2018). Therefore, the MS-ISAC is fully supported to conduct its mandate of securing the public.

MS-ISAC Role in Reducing Risks of Data Breaches in Organizations

The MS-ISAC members join the organization at no cost and benefit from the multi-agency collaboration in defeating cyber-security threats and attacks. The organization seeks to enable the national government and local government managers to avoid cyber threats, and support response and recovery efforts should cyber-attacks occur. These objectives are to be realized through early warnings on cybersecurity threats, information sharing on cybersecurity attacks, stimulating vigilance among different stakeholders by promoting inter-dependence between cyber systems and critical physical infrastructure, and synchronizing training awareness (Department of Homeland Security [DHS], 2016). Therefore, the organization is crucial given the current threats.

The national government and local governments handle vast volumes of private information for the citizens. The information includes Student, Patient, and Birth / Death Certificates Records, License Applications (Marriage, Business, Driver’s Licenses), Building Permits (including architectural drawings and property information), and Online Reservation & Payment Systems for Parks & Recreation Facilities.

Given the sensitivity of this information, the MS-ISAC must provide sufficient protection against risks of data breaches (MS-ISAC Charter, 2018). This is realized by guaranteeing enough safeguards and providing adequate funding and intelligence through collaborating with the CIS. Through the Nationwide Cybersecurity Review (NCSR) and the DHS, the MS-ISAC scrutinizes connections, exchanges, and procedures governing information technology (IT) administration and the capacity to control operational risk meritoriously.

The information gathered from members helps the MS-ISAC develop standards necessary for the government agencies to protect their computer hardware and software. The MS-ISAC also advises the agencies on the best tools available in the market that provide the best protection of the government systems and data. The MS-ISAC gives the government agencies the right to use advanced security capabilities at low prices (CISA and MS-ISAC Release Joint Ransomware Guide, 2020). Moreover, the system offers 24-hr protection and warning through real-time watching and broadcasting of immediate potential threats. Once vulnerabilities are identified, sufficient mitigation measures are effected at the earliest stage.

To guarantee that the MS-ISAC is fulfilling its mandate, the NCSR developed metrics to assess the cybersecurity maturity of SLTTs. Indeed most SLTTs reported their ability to use the NCSR metrics and have a complete understanding of the cybersecurity framework through which they successfully express their cybersecurity standing and/or requirement to their top managers and/or board members. Consequently, the MS-ISAC should continue to enlighten and support the SLTTs to recognize cracks and capabilities contained in their cybersecurity agendas as well as improve their overall cybersecurity (DHS, 2016). In so doing, the MS-ISAC will have fulfilled its mandate of mitigating the risks of data breaches.

Partnerships with other Institutions in Reducing the Risks and Impacts of Data Breaches

To enhance the effectiveness of protection, the MS-ISAC collaborates with other national agencies that help in information sharing about emerging threats. They include the US Secret Service, the Federal Bureau of Investigation (FBI), the CIS Integrated Intelligence Center (CISIIC), the National Cybersecurity and Communication Integration Centers (NCCIC), the Department of Homeland Security, and; the National Association of Chief Information Officers (NASCIO) (DHS, 2016). In addition, the MS-ISAC has nurtured strong relations with the leading cybersecurity firms, internet service providers (ISPs), software developers, and researchers.

References

FBI, CISA, MS-ISAC: Cybercriminals Increasingly Attacking K-12 Distance Learning, (2020). Darkreading. Web.

MS-ISAC Charter, (2018). Center for Internet Security. Web.

CISA and MS-ISAC Release Joint Ransomware Guide. (2020). Cybersecurity and Infrastructure Security Agency. Web.

Department of Homeland Security. (2016). Critical Infrastructure Threat Information Sharing Framework: A Reference Guide for the Critical Infrastructure Community. Department of Homeland Security. Web.

Introduction

A supply chain is a sequence of complex processes that are prone to risks, which is why it is essential to identify and address them. According to Casado-Vara et al. (2018), it is a linear model that is ultimately focused on fulfilling supply needs. Since the 21^st century is highly dependent on technology, the cybersecurity industry needs to be addressed as one of the main risk prevention measures that may positively benefit the supply chain domain. All the processes, communication between suppliers and producers, and relations in the market depend on modern technology. All supply chain actors depend on each other and have the same ultimate goal (Büyüközkan & Göçer, 2018). If one of the branches of the whole process is compromised, the outcome will not be satisfactory. In terms of global supply chains, the issue is even more critical. It is vital to create an environment that is beneficial for every participant in the process (Fan & Stevenson, 2018). Cooperation is essential when it comes to addressing cybersecurity-related risks on an international model because it is the only way in which the supply chain community can communicate, have logistical relationships, and provide timely services and products for the customer.

Supply Chain Risks

The supply chain involves many different stages and processes, which is why risk management is a subject that is critical in addressing the issues that may occur. Supply chain risk management consists of multiple strategies that are designed to assess, investigate, mitigate, and control certain conditions or processes that are unexpected and may impact any aspect of the chain (Baryannis et al., 2018). Since there are so many parties involved, it is crucial to assess every part of the process, from obtaining the raw material to the delivery to the customer. This is why researchers highlight the importance of having a holistic approach (Fan & Stevenson, 2018). However, the risk of cyberattacks is becoming more significant each day due to the expansion of the field of technology.

Cybersecurity is the critical answer to most of the modern-day problems that may occur within the supply chain. It has been mentioned that every actor, including the suppliers, dealers, manufacturers, and customers, need to communicate along the way (Büyüközkan & Göçer, 2018). If the cybersecurity domain is compromised, communication can become inefficient or impossible. Moreover, as internet availability and widespread use increase, the issue becomes even more relevant. Xin et al. (2018) point out that as cyberattacks are becoming more complex and frequent, cybersecurity is not at the level it should be. There are several possible issues that may occur during the entire supply chain process.

One risk is the limited security that does not cover all the branches of the supply chain. If the supplier pays attention to having secure technological experiences within the process while the manufacturers do not, the whole chain is compromised. Another possible issue may be the employees’ lack of information regarding the subject. If employees are allowed to bring their personal devices and connect them to a corporate network, the whole system will be at risk for unauthorized data access. This is why it is essential to inform each person about the general rules and policies that would ensure a secure work environment. One more problem may be hiring third-party services that may subsequently gain access to private data within the corporate network. In case one of the actors within the supply chain hires a third-party software engineer, the risk for illegal intrusion and stealing of data will become significantly higher.

There is also the risk of storing data on third-party data storage systems. This makes it possible for unauthorized people to access and use private data, which can become a factor that disrupts the supply chain. Last but not least, it is risky to buy compromised hardware or software from unreliable and unknown suppliers. The purchase will not add any benefits to the supply chain processes. Instead, the low-tier suppliers may control, distort, or use the private data regardless of the possible harm to the supply chain.

Due Diligence

Due diligence is crucial in addressing supply chain risk management in regard to cybersecurity. According to Crumpler and Lewis, cyber threats are becoming more complex and sophisticated (2019). Sun et al. (2019) also highlight the increasing rate of high-profile cyber-attacks and threats. This is why it is crucial to minimize or mitigate the possible risks. Due diligence refers to the processes of assessing and addressing the risks related to the network. The results are usually focused on examining potential gaps and issues in the system, which will then be filled in and fixed before every process of the chain supply is compromised. It is essential to create specific due diligence norms that would help mitigate possible issues (Shackelford et al., 2016). One of the aspects of due diligence is investigating the suppliers before entering into direct contact with them. Several questions that have to be addressed to the suppliers can benefit the domain of cybersecurity:

• What measures do the suppliers have for securing and monitoring the technological implications during all processes?
• Are all employees aware of possible security issues and the risks of working while using personal devices?
• Are third parties involved in technological processes? If so, how is security maintained, and what are background checks used to examine the companies involved?
• Is data stored on a third-party system? If so, how is security measured, and how are the credentials of the third parties assessed?
• Are the suppliers of software and hardware examined before making purchases? If so, when are the security practices involved in choosing reliable suppliers?

These five questions are helpful when it comes to assessing the possible risks and issues that may occur regarding cybersecurity.

There are, however, many more aspects that may have a negative influence on supply chain management. In order for the possible problems to be investigated, the social, political, and economic factors have to be taken into consideration. The social risks are often linked to corruption or the comprehensive screening of suppliers. If one of the supply chain actors is involved in unethical practices or unfavorable business practices, the whole process will suffer from negative consequences. In terms of the political environment, global supply chain management is most favorable in areas where political regimes are stable and are eager to have a flourishing economic system that allows companies to develop and expand. A suppressive country that cannot create an open environment for fair trade is one of the most substantial risk factors that can negatively influence supply chain management. The economic factor also correlates with risk management. Poorly-managed economical systems may lead to demand shocks, unstable markets, sudden price changes, and other risks that impact global supply chain risk management.

Best Practices

As mentioned before, managing global supply chain risks in the cybersecurity industry is a critical aspect of maintaining a favorable work environment and having positive outcomes. According to Sarker et al. (2020), recent days are described as being revolutionary in terms of cyber strategies for mitigating threats and attacks. Since due diligence is a key part of effective cybersecurity practices, more norms have to be implemented (Shackelford et al., 2016). Researchers suggest that it is vital to pay attention to every process within the whole cyber domain (Fan & Stevenson, 2018). It is crucial to resort to certain promising practices that would lead to the improvement of all the processes included in the supply chain and the cybersecurity field in general.

Starting with employees is an acceptable way of addressing the security issue. Each employee that begins working for the company has to sign a contract that specifically mentions certain aspects of cybersecurity, such as not using personal devices while connecting to the company’s network, not sharing passwords and other private data, and not downloading unreliable files. This practice will potentially mitigate certain risk factors related to supply chain management in cybersecurity.

Another important policy is controlling every new component and device purchased from third-party suppliers. If the new components are intentionally compromised, the possibility for a leak of private data and information substantially increases. While making such purchases, it is essential to carefully select vendors and examine all the new parts that are purchased by inspecting them before installing them. This is another practice that can be used to minimize possible problems with cybersecurity.

Hiring a security team that will guide the whole staff in regard to cybersecurity is also a good solution. Specialists can assess possible gaps in the systems, teach other employees about securing their data, and provide a comprehensive report on potential changes that need to be done for a more clear cybersecurity strategy. Moreover, the security team will be in charge of every new device and part purchased, which will allow them to examine every detail before installing and connecting the new element to the corporate network.

Besides controlling new purchases, it is essential to assess the suppliers of the goods. Depending on how reliable and reputable they are, vendors can have a significant influence on the cybersecurity domain. An unreliable vendor will not only cause the company to spend money on goods that are not in working condition but also compromise the whole spectrum of supply chain risk management assessments. Implementing set policies when it comes to choosing vendors will result in having transparent transactions and devices that are not altered to store and share important information with third parties that should not have access to it.

Limiting the access to software imposed on vendors is one more security measure that can be applied. Allowing access to software is a risky procedure, which is why only a few trusted vendors can be granted the needed authorization to enter the system. The situation is different with hardware vendors since control systems have no involvement, and only the mechanical aspects are included. Being cautious about the limitation of access to the software will ensure low risks for outside attacks and threats regarding the cybersecurity system.

Conclusions

The supply chain is a complex scheme that consists of multiple interconnected processes and tasks performed by multiple actors. This is why the cybersecurity industry is a valuable tool that the global supply chain relies on when it comes to securing data and information. According to researchers, lack of cybersecurity leads to a higher risk of equipment malfunctions, data leakage, and unethical use of private corporate information (Corallo et al., 2020). The problems that may occur within the cybersecurity industry imply bad outcomes for all the actors within the supply chain. Compromised technology makes communication, logistics, and coordination impossible. This proves that assessing the risks and mitigating them is crucial. There are certain practices that can be used to minimize the risks related to the cybersecurity industry. This is why due diligence is used to examine possible problems and suggest favorable solutions. These include implementing specific regulations for all employees, reviewing all newly purchased devices and parts, having a reliable security team, choosing trustworthy suppliers, and limiting access to the software. Moreover, supply chain risk management has to be approached holistically since many aspects may impact the workflow in such complex processes.

Certain political, economic, and social factors may also increase or decrease the risks in the supply chain. However, such implications are often impossible to mitigate without making drastic changes. However, the stakes for cyberattacks are manageable through some of the practices mentioned above. Risks such as using personal computers and connecting them to the corporate network, purchasing compromised devices, lack of a professional security system, and hiring third parties while giving them access to the software can negatively affect the global supply chain. All these actions have the potential to cause the whole supply chain to have bad outcomes even if only one actor does not follow the cybersecurity guidelines highlighted earlier. Since technology is the most efficient way in which the global supply chain can maintain communication, cooperation, and timely services, addressing the cybersecurity industry is the critical minimizer of all the risks related to the subject.

References

Baryannis, G., Validi, S., Dani, S., & Antoniou, G. (2018). Supply chain risk management and artificial intelligence: State of the art and future research directions. International Journal of Production Research, 57(7), 2179–2202. Web.

Büyüközkan, G., & Göçer, F. (2018). Digital supply chain: Literature review and a proposed framework for future research. Computers in Industry, 97, 157–177. Web.

Casado-Vara, R., Prieto, J., la Prieta, F. D., & Corchado, J. M. (2018). How blockchain improves the supply chain: Case study alimentary supply chain. Procedia Computer Science, 134, 393–398. Web.

Corallo, A., Lazoi, M.,& Lezzi, M. (2020). Cybersecurity in the context of industry 4.0: A structured classification of critical assets and business impacts. Computers in Industry, 114, 103165. Web.

Crumpler, W., & Lewis, J. A. (2019). The cybersecurity workforce gap. Center for Strategic and International Studies.

Fan, Y., & Stevenson, M. (2018). A review of supply chain risk management: Definition, theory, and research agenda. International Journal of Physical Distribution & Logistics Management, 48(3), 205–230. Web.

Sarker, I., Kayes, A., Badsha, S., Alqahtani, H., Watters, P., & Ng, A. (2020). Cybersecurity data science: An overview from a machine learning perspective. Journal of Big Data, 7(1). Web.

Shackelford, S. J., Russell, S., & Kuehn, A. (2016). Defining cybersecurity due diligence under international law: Lessons from the private sector. Ethics and Policies for Cyber Operations, 115–137. Web.

Sun, N., Zhang, J., Rimba, P., Gao, S., Zhang, L. Y., & Xiang, Y. (2019). Data-driven cybersecurity incident prediction: A survey. IEEE Communications Surveys & Tutorials, 21(2), 1744–1772. Web.

Xin, Y., Kong, L., Liu, Z., Chen, Y., Li, Y., Zhu, H., Gao, M., & Hou, H. (2018). Machine Learning and deep learning methods for cybersecurity. IEEE Access, 6, 35365–35381. Web.

This source addresses the current advanced industries in terms of their vulnerability to cyberattacks. As the progress continues, humanity relies more on new technologies and the Internet. As a result, the necessity of protecting the critical infrastructure becomes more topical, calling for effective solutions in terms of protecting the data and functionality of the critical infrastructure.

The authors of this piece argue that security was never a central feature of the Internet. Today, as private and public organizations, including the entities of critical infrastructure, increase their reliance on worldwide web-based technologies, this aspect becomes more evident. As a result, major transformations are required to ensure the cybersecurity of society.

The rapid digitalization of the global community mostly has a positive impact, enhancing the potential of various industries, including the energy sector. However, new opportunities render the grids subject to damaging cyberattacks. The authors of this article argue in favor of new, coherent, and cohesive risk-centered policies that encompass both the cybersecurity and environmental domains of the energy sector.

For the global power systems, cybersecurity becomes the leading matter of concern. This piece of knowledge discusses the uncertainty of renewable energy systems, based on several Unit Commitments models. This way, the author analyzes the potential impact of various cybersecurity threats capable of interrupting the stability of the supply of energy to communities and industries.

This report prepared for the United States Department of Energy explains the theoretical foundations behind the increased demand for marine renewable energy. While this technology is advanced and safe for the environment, such systems face additional threats in terms of cybersecurity. Based on the analysis of the present risks, the authors provide an outline of a framework that addresses both internal and external threats in light of the system design and security architecture.

The central idea of the article revolves around the fact that modern energy grids do not exist in isolation. Web-based technology ensures their interconnection and links with the centers of decision-making, enhancing the efficiency and control potential. Considering the increased attention of cyber terrorists to such advanced energy systems, this paper proposes an effective approach to protecting this element of critical infrastructure against malicious attempts.

This article investigates the impact of damaging events on the functioning of the critical elements of the energy infrastructure. Cyberattacks remain one of the leading threats to stable operations within the sector. The author the writer argues in favor of a modernized approach to increase the resilience of the power systems that will ensure a full recovery within 15 calendar days and mitigate the overall risks for the population.

According to this article, the general trend in the energy sector aims at introducing smart grids to regulate the power supply with a better degree of efficiency. The present situation requires new, comprehensive cybersecurity standards that can be applied on nationwide and global levels to address the existing threats. The author provides the outline of such standards that can enhance the resilience of power systems in the face of new cyber threats.

This book is devoted entirely to the history and new avenues of cybersecurity in the energy sector. The author recognizes power systems as integral elements of the critical infrastructure of modern communities, thus implying a stronger need for effective cybersecurity frameworks. Comparing the current situation with emerging threats, this book provides an evidence-based outline of the potential developments within the industry.

This piece of writing emphasizes the importance of precise forecasting in establishing the cybersecurity of the energy sector. More specifically, instead of waiting for the attacks to occur to draw meaningful conclusions, policy-makers can rely on the construction of probabilistic scenarios to anticipate such situations. The proposed framework relies on the Bayesian networks to construct such scenarios and assess the threats at all stages.

This article discusses the use of renewable energy as the future of global power systems. As these methods are more technologically advanced, they become subject to increased cyber threats. Thus, the potential methods of mitigation should be equally advanced, which includes the important role of artificial intelligence and blockchain technology in cybersecurity architecture design.

This book represents the central pillar of knowledge in regards to the discussed issues. Radvanovsky and McDougall (2018) discuss the concept of the critical infrastructure at length, including the presenting risks and the importance of their mitigation. Based on these insights, the direction of subsequent research can be developed upon a solid theoretical foundation.

This report addresses the observed gap in the cybersecurity aspect of the energy sector. The combined knowledge of the Infrastructure Security Agency and private entities reveals that the scale and unpredictability of cyberattacks on power systems pose major reasons for concern. An effective protection model is proposed, the simulation tests of which have demonstrated sufficient results for the enhancement of the cybersecurity architecture in this critical industry.

As per this piece of knowledge, cyberspace becomes an area of warfare in the current environment. Advanced nations face increasing threats posed by both internal and external adversaries, targeting their critical infrastructure. In this regard, the article outlines the key avenues for building the preparedness and resilience of power grids under the circumstances of constant, unpredictable threats.

The current landscape possesses several prominent examples of intricate cyberattack plots against entire nations’ power systems. This article discusses the case of the Ukrainian capital to highlight the potential impact of such attacks on communities. The methodology and technical aspects of the attacks are discussed to provide the key avenues of prevention for the future.

This governmental report is the key to understanding the state’s position on cyberthreats to the critical infrastructure. An investigation has revealed that many entities of vital industries do not have effective contingency plans in case of a full-scale cyberattack. This information highlights the importance of addressing the matter on a nationwide level through practice-based techniques and interagency collaboration.

The authors of this paper discuss the critical role of the energy sector in today’s businesses and communities. Even the smallest interruptions of the power supply can undermine the normal functioning of society in the 21st century. Thus, the resilience of the sector is essential for the sustainable development of humanity. The Internet of Things is discussed as one of the technologies that becomes critical for all aspects of its cybersecurity.

References

Ani, U. P. D., He, H. M., & Tiwari, A. (2017). Review of cybersecurity issues in industrial critical infrastructure: Manufacturing in perspective. Journal of Cyber Security Technology, 1(1), 32-74.

Carter, W. A., & Sofio, D. G. (2017). Cybersecurity legislation and critical infrastructure vulnerabilities. In M. J. Alperen (Ed.), Foundations of homeland security: Law and policy (2nd ed.), John Wiley & Sons.

Cassotta, S., & Sidortsov, R. (2019). Cybersecurity in the energy sector: are we really prepared? Journal of Energy & Natural Resources Law, 39(3), 265-270.

Dagoumas, A. (2019). Assessing the impact of cybersecurity attacks on power systems. Energies, 12(4).

De Peralta, F. A., Gorton, A. M., Watson, M., Bays, R. M., Castleberry, J. E., Boles, J. E., Gorton, B. T., & Powers, F. E. (2020). Framework for identifying cybersecurity vulnerability and determining risk for marine renewable energy systems. Pacific Northwest National Laboratory.

Jarmakiewicz, J., Parobczak, K., & Maślanka, K. (2017). Cybersecurity protection for power grid control infrastructures. International Journal of Critical Infrastructure Protection, 18, 20-33.

Kline, C. (2021). COVID-19 Highlights Best Emergency Preparedness Approach: Lead by Example.Journal of Homeland Security and Emergency Management, 18(2), 215-218.

Leszczyna, R. (2018). A review of standards with cybersecurity requirements for smart grid.Computers & Security, 77, 262-276.

Leszczyna, R. (2019). Cybersecurity in the electricity sector: Managing critical infrastructure. Springer Nature.

Massel, A., & Gaskova, D. (2018). Scenario approach for analyzing extreme situations in energy from a cybersecurity perspective. Industry 4.0, 3(5), 266-269.

Mengidis, N., Tsikira, T., Vrochidis, S., & Kompatsiaris, I. (2019). Blockchain and AI for the next generation energy grids: Cybersecurity challenges and opportunities. Information & Security, 43(1), 21-33.

Radvanovsky, R. S., & McDougall, A. (2018). Critical infrastructure (4^th ed.). Taylor & Francis.

Rosson, J., Rice, M., Lopez, J., & Fass, D. (2019). Incentivizing cyber security investment in the power sector using an extended cyber insurance framework. Homeland Security Affairs, 15(2), 1-24.

Smith, D. C. (2021). Sustainable cybersecurity? Rethinking approaches to protecting energy infrastructure in the European High North. Energy Research & Social Science, 51, 129-133.

Sullivan, J. E., & Kamensky, D. (2017). How cyber-attacks in Ukraine show the vulnerability of the U.S. power grid.The Electricity Journal, 30(3), 30–35.

United States Government Accountability Office. (2021). Defense cybersecurity: Defense logistics agency needs to address risk management deficiencies in inventory systems.

Venkatachary, S. K., Prasad, J., Samikannu, R., Alagappan, A., & Andrews, L. J. B. (2020). Cybersecurity infrastructure challenges in IoT based virtual power plants. Journal of Statistics and Management Systems, 23(2), 263-276.

Introduction

• Cryptography in various forms is one of the most standard and relatively reliable tools utilized in contemporary cyber security.
• Cryptographic protection of a system depends on two factors, 1) the strength of the keys and effectiveness of associated protocols, and 2) protection of said keys via key management (generation, storage, and distribution).
• Therefore, it is important to consider that strong algorithms combined with poor key management is just likely to fail as if there was strong key management with a poor algorithm.
• Three general classes of cryptographic algorithms approved by NIST – hash function, symmetric-key algorithm, and asymmetric-key algorithm (Turner, 2019).
• Each has its trade offs and depends on the security goal being accomplished.

Symmetric Key Cryptography Strengths

• Algorithm transforms data to be virtually unlockable without a key.
• Designated standard by U.S. government, combined with 256-bit key length, impossible even for a supercomputer to guess the combinations.
• Offers benefit of data confidentiality by using the same key for encryption and decryption.
• Symmetric key encryption is fast and efficient for large data amounts (Shinder & Cross, 2008).
• Can be used in payment applications, such for card transaction, with the PII being protected to prevent identity theft.

Symmetric Key Cryptography Weaknesses

• The key has to be shared with the party to whom the data is being relayed, making it vulnerable to intercept by malicious parties.
• Since symmetric key is universal, if a malicious party is able to have access to the key, they can decrypt everything from both sides.
• Every use of the key can leak some information which presents potential opportunity for an attacker to reconstruct it.
• The larger the system gets, the greater the need for a computerized key management system, for example key cards being released in the workplace (Smirnoff & Turner, 2019).

Asymmetric Key Cryptography Strengths

• Also known as public key encryption, asymmetric encryption creates a key pair generated to be used together. A private key is never shared and only used by its owner, and the public key is available to everyone.
• Logically it is mathematically unfeasible to re-create the private key based on the public key.
• If they system is compromised, attackers will only have access to half the data or communications.
• No need for safety of key transmission as the public key cannot be used alone, only the private key associated with that public key can decrypt a received message (Shinder & Cross, 2008).

Asymmetric Key Cryptography Weaknesses

• Technology used in encryption systems that require key exchange over public network, such as email security or web security.
• Asymmetric cryptography is generally slower than other methods due to the complex mathematical process of using two keys.
• No built-in authentication for public key, still allowing for identity theft or interception of messages.
• Computationally costly compared to counterparts as the keys must be much longer to have same level of security.
• Vulnerable to brute-force attacks (Blumenthal, n.d.).

How Encryption is Used by Criminals

• Encryption offers security to malicious parties just as it does to organizations or individuals.
• Criminal can encrypt all their incoming and outgoing communications, to the point where they can chat on public forums without anyone being able to decode.
• Transmission of key data in criminal/terrorist attacks with little possibility of being intercepted by law enforcement.
• Hiding criminal identity in communications for ransoms and otherwise (Oksholen, n.d.).
• Countermeasures may include projects such as CT-SNAIR that model criminal networks, physical interception of decryption keys by law enforcement, and counterhacking by cybersecurity experts trying to find vulnerabilities in criminal networks.

Conclusion

• Encryption is a strong protection measure used by organizations.
• Symmetric and asymmetric key cryptography approach encryption differently but each carries certain risks.
• Along with encryption, it is necessary to practice other security measures such as key management.
• Important to realize criminals and attackers may exploit cryptology to provide protection for themselves or deceive themselves.

References

Blumenthal, M. (n.d.). Encryption: Strengths and weaknesses of public-key cryptography. Web.

Oksholen, T. (n.d.). Encrypted crimes. Sintef. Web.

Shinder, L., & Cross, M. (2008). Scene of the cybercrime (2nd ed.). Syngress.

Smirnoff, P., & Turner, D. M. (2019). Symmetric Key Encryption – why, where and how it’s used in banking. Cryptomathic. Web.

Turner, D. M. (2019). Summary of cryptographic algorithms – according to NIST. Cryptomathic. Web.

Introduction

Government agencies have significant difficulty in hiring cybersecurity staff in the US. Ward and Subramanian (2020) named inadequate staffing in public cyber security positions as a major threat to IT security in government agencies. Bergal (2015) stated that 86% of states had trouble filling the vacant positions in IT, and 46% stated that it took between three and five months to fill senior positions. The problem is rooted in several aspects of the changing internal and external environment. First, government agencies are not always able to offer competitive salaries for IT talents. Since cyber security specialists are highly demanded in the current market, the private sector has been offering increased compensation in comparison with the government sector, which has led to decreased interest in IT positions in the public sector (Bergal, 2015). Second, the number of people that have adequate education is lower than the number of people required in high-skills positions (National Governors Association, [NGA], n.d.). There are not enough educated people to meet the needs of the current reality that requires more IT specialists.

Third, it is crucial to notice that even though many potential employees have the education required to fill cyber security positions, their level of skill and knowledge is inadequate (Loeb, 2015). In other words, current training practices of security specialists are inadequate as graduates do not meet the needs of the industry (Loeb, 2015). Finally, an aging workforce is another growing concern for IT security in the public sector (NASCIO, 2015). The problem is that many baby boomers reached retirement age, which increased the need for qualified IT personnel in the government sector (NASCIO, 2015). Thus, the government needs to address these problems to minimize cyber security risks.

Reasons for Problems with Hiring Cyber Security Personnel

Even though there are numerous reasons for problems arising with hiring cyber security personnel in the public sector, all of them can be narrowed down to five major concerns. The list of these concerns with detailed explanations is provided below.

1. The overall shortage of IT specialists in the market. The demand for cyber security personnel in the market is growing fast, and there are currently not enough specialists (Ward & Subramanian, 2020). Thus, there are not enough candidates on the market.
2. Compensation. As has been mentioned in the introduction, the growing demand for cyber security specialists caused a significant boost in the expected salaries. Even though the government recognizes IT security as a source of saving taxpayers’ dollars, years of tight budgets limited the ability of government agencies to offer competitive salaries for IT personnel (Bergal, 2015).
3. Stringent educational and experience requirements. Bergal (2017) stated that the requirements for skills, experience, and education in government agencies are very high. According to Loeb (2015), the current cyber security training system cannot prepare enough professionals to meet the needs of the industry. Combined with the decreased level of compensation and the disappearance of generous government retirement plans makes a little number of candidates that fit the criteria almost impossible to attract (Bergal, 2017).
4. Unclear career path. While government jobs have a high level of security, the lack of a clearly defined career path makes the positions in the public sector unattractive to young specialists (Loeb, 2015). Since young professionals have high career expectations, government vacancies do not attract their attention due to the lack of long-term career opportunities.
5. Lack of interest from the youth. College and high school students demonstrate a decreased interest in public service.

Strategies to Address the Problems

The present section aims at outlining strategies that can help to address the five problems described above. The strategies aim at deemphasizing compensation, as increasing compensation is one of the most obvious approaches to increasing the attractiveness of jobs (Biggs& Richwine, 2014).

1. Engaging in workforce planning. As mentioned by Bergal (2015), finding and hiring security IT personnel may require a long time. Therefore, government agencies must engage in forecasting the need for a cyber security workforce and start hiring pro-actively to reduce threats to IT security (Department of Homeland Security, 2015).
2. Rethinking the requirements for hiring. The public sector may seek alternative candidates who have shown interest in public service or demonstrated expertise in similar disciplines, such as coding (Bergal, 2017). Veterans appear to be a promising source of potential cyber security employees (Bergal, 2017; NASCIO, 2015).
3. Putting increased emphasis on a career. Government agencies need to define clear career paths for IT employees (Bergal, 2015; Molis, 2019).
4. Involving employees in recruiting. Molis (2019) suggests that employees can have recruitment cards that can be given out to potential employees. These cards are expected to boost interest in working in the government agency (Molis, 2019).
5. Engaging in private-public partnerships. Government agencies can increase the number of partnerships with higher education institutions and schools to develop an interest in both public sector and cyber security jobs (National Governors Association, n.d.; NASCIO, 2015).

Recommendations

Below is a list of recommendations designed to attract cyber security talents and reduce cyber security shortage based on the analysis provided above and recommendations from authoritative sources.

1. Decrease the requirements for hiring. The overall shortage of specialists in the industry, inability to compete with private companies in terms of salary, and inadequate training practices will lead to the inability to fill the vacancies timely (Bergal, 2017). Thus, it is crucial to decrease the requirements for hiring.
2. Partner with schools and colleges. The popularization of the public sector and cyber security industry in schools and colleges, along with creating scholarships for cyber security specialists, can help to increase interest in working as government IT specialists (Molis, 2019).
3. Develop clear career paths. Employees need to understand the opportunities that come with working for the government. Career opportunities can be increased by partnering with the private sector (NASCIO, 2015).
4. Create a functional workplace culture. Developing an employee-focused corporate culture that emphasizes life-work balance and development can retain talent, which is crucial for addressing the cyber security employee shortage (Molis, 2019).
5. Plan workforce. Ensure that the demand for employees is forecasted to proactively fill all future vacancies.

Summary

The present paper revealed that several forces affect the shortage of employees in the cyber security sector in the US. This shortage, along with other industry-specific reasons, such as lack of interest in working in the public sector and stringent hiring requirements, limits the ability of government agencies to fill all cyber security vacancies. Thus, it is recommended to decrease these requirements, partner with colleges and schools, develop clear career paths, create employee-centered workplace culture, and plan the workforce to ensure adequate staffing in these agencies.

References

Bergal, J. (2015). Hiring cybersecurity staff is hard for states. Pew.

Bergal, J. (2017). Desperate for Cybersecurity Workers, States Help Build the Next Generation.Governing.com.

Biggs, A. & Richwine, J. (2014). Overpaid or Underpaid? A State-by-State Ranking of Public Employee Compensation.

Deloitte-NASCIO. (2018). 2018 Deloitte-NASCIO cybersecurity study.

Department of Homeland Security. (2015). Best Practices for Planning a Cybersecurity Workforce White Paper.

Loeb, M. (2015). Cybersecurity talent: Worse than a skills shortage, it’s a critical gap. The Hill.

Molis, J. (2019). Attracting and retaining top talent: 5 ways to make them come to you. Triangle Business Journal.

National Governors Association. (n.d.). Aligning State Systems for a Talent-Driven Economy.

NASCIO. (2015). State IT Workforce: Facing Reality with Innovation.

Ward, M., & Subramanian, S. (2020). States at risk: The cybersecurity imperative in uncertain times.Deloitte.

As digital technology advances, it permeates almost all spheres of human activity and life in general. Digital devices play key roles in a wide variety of environments ranging from interpersonal communication to financial operations and even home security. Such technological development is highly beneficial as it provides humankind with numerous opportunities. However, the interconnectedness of diverse devices and machines leads to the occurrence of cybersecurity threats. Vital information may be stored in digital forms, and hence cybercriminals may try to steal or use such data for their benefit.

Cybersecurity issues were considered long before the rapid spread of the internet and web technologies. Nevertheless, with the ability to access remote devices and data storage from all over the globe, cybersecurity concerns have become more relevant than ever. Therefore, it may be essential to address cybersecurity not only in the private sector but also on a national level. The threats may come from different sources, and the criminals may focus on distinct vulnerabilities in the security of the system (Wall, 2017). It is vitally important to introduce a comprehensive approach to the development of cybersecurity frameworks to prevent all varieties of potential threats. Such a goal may be achieved by thoroughly analyzing the threat landscape and implementing tools, tactics, and procedures following the analysis results.

As already mentioned, digital technology develops rapidly as new methods are implemented, new hardware is designed, and advanced software is utilized. As various advancements emerge, the cybersecurity field undergoes significant changes. For instance, the occurrence of mobile devices and the development of cloud services introduced several security-related challenges. The field is constantly changing, and it may not be possible to introduce a comprehensive cybersecurity framework for a brand new technology. Cybercriminals may find weaknesses and vulnerabilities as the product is not tested on the market. Moreover, it may not be possible to assess every possible threat and prevent cybercrime completely. Therefore, it may be critical to constantly reevaluate cybersecurity frameworks and provide timely responses to emerging threats.

Even though it may be highly beneficial to expect the unexpected and consider all potential threats, the most relevant studies can be used to identify recent trends in the cyber threat landscape. Cybersecurity threats are frequently closely linked with the technologies that entered the market recently or have a rapidly growing audience. As more and more people use a particular technology, cybercriminals are more interested in it. Furthermore, relatively new technologies tend to be vulnerable and provide insufficient cybersecurity. Therefore, such technologies as cloud services and 5G connected IOT devices may represent the most vulnerable field in 2021.

Cloud services may not represent new technology, yet the number of cloud users increased rapidly during the past few years. The field was gradually growing since it was established and made a huge jump due to the current Covid-19 pandemic (Tiberiu, 2021). The quarantine-related restrictions forced millions of people to work remotely from their homes. Consequently, the cloud became one of the most demanded technologies. The rapid growth of demand made cloud providers realign their resources to achieve sufficient supply (Tiberiu, 2021). However, such an approach relegated cybersecurity concerns to second place. In most cases, security measures were implemented as an afterthought. At the same time, the number of cyber threats increased as the field became more profitable and hence more attractive to cybercriminals. Constantly emerging threats combined with insufficient and underdeveloped security may explain the cloud’s exposure to cybercrime.

Another significant element of the modern threat landscape is pandemic-related cybersecurity attacks. As the pandemic continues to exist, and in some cases, it even manages to spread further, the covid-related restrictions remain the same. These restrictions lead to people working from home and using digital devices more than ever before. Moreover, people are frequently deceived by malicious links provided by cyber-criminals. Therefore, social engineering attacks represent one of the most noticeable threats to modern cybersecurity. Some sources state that the number of cyber-attacks increased by approximately three times since the beginning of the pandemic (Rials, 2021). It may be essential to address the issues related to social engineering attacks and provide the frameworks to mitigate the adverse effects. It may also be rational to educate populations to avoid such cybercrime.

Even though new technologies and circumstances lead to the occurrence of new types of cybersecurity threats, some of them remain. Ransomware has represented a predominant threat for several years and may remain one of the most significant problems that require a response. It may cause considerable damage and lead to financial losses for both organizations and individuals. In addition, ransomware attacks increased rapidly during the recent pandemic due to insufficient knowledge related to cybersecurity among people and higher rates of internet use. Ransomware may become one of the most significant threats in 2021 and cause leaks or destruction of valuable data. It may become particularly dangerous for cloud data storage, and hence it is critical to take preventive measures.

Threat actors may differ significantly depending on their goals, targets, main representatives, and even level of organization. There may also be a distinct difference in the tactics, techniques, and procedures utilized by a particular threat actor. Tactics, techniques, and procedures or TTP refer to concrete behaviors and methodology that a cybercriminal uses to achieve the desired goal. In some cases, the same cases these actor types may overlap or mix. Nonetheless, there are six most common types of threat actors, including cyber terrorists, government-sponsored actors, organized crime, hacktivists, insiders, and internal user errors (Sailio et al., 2020). Some of the above-mentioned threat actors may introduce an Advanced Persistent Threat (APT). APTs are usually represented by actors sponsored by the government or the state, which aim to steal valuable data. However, such actors as cyber terrorists or organized crime may also represent an APT. It may be essential to identify the potential threat actor to develop cybersecurity protocols properly.

Cyber terrorists represent a modern digital manifestation of terrorism as a whole. Their aims are frequently linked with their primary activity and are frequently destructive. The main dimension in which cyberterrorists act is destroying valuable data and causing harm. In some cases, they may try to obtain sensitive information needed for their illegal activities. They normally target governmental organizations or businesses and rely on a wide variety of possible exploit vectors. However, social engineering represents the most common method that is used by the above-mentioned threat actor.

Government-sponsored or state-sponsored actors are directly funded or supported by the authorities. In most cases, such actors act in the interests of a particular country to obtain valuable intelligence and strengthen their positions in the international arena. They may also steal intellectual property and any information regarding technological advancements. These actors usually target authorities of foreign countries and organizations. Government-sponsored actors are usually represented by professionals who aim to cover any track of their activity. Therefore, they may have sufficient knowledge and resources to utilize a wide variety of vulnerabilities and implement such methods as host-based evasion, passive web-based recon tools, and rogue software (Cho et al., 2018). Zero-day exploitation is an essential technique that involves focusing on software flaws that are unknown to the cybersecurity department, and hence the fact of exploitation remains undetected.

Organized cybercriminals are threat actors that aim to gain profit from their activity. They may steal personal information or business data and use it to blackmail their victims or sell to other interested parties. As their primary objective is financial gain, they usually target individuals or businesses. They frequently rely on social engineering attacks, phishing links, and ransomware (Graham & Smith, 2020). Unlike organized cyber criminals, hacktivists’ objective is to expose the truth to the public regarding controversial issues. Nonetheless, they may target organizations or influential people using similar methods.

Insiders and internal user errors represent a similar problem that can be prevented by proper supervision and technology-related education in the organization. Both of these two threat actors are not limited to any particular goal and may target any organization or system regardless of its field. Internal user errors are not provided by malicious intent yet may cause extensive damage. Therefore, it is crucial to develop user-oriented frameworks to mitigate the risks related to both of these internal threats.

References

Cho, S., Han, I., Jeong, H., Kim, J., Koo, S., Oh, H., & Park, M. (2018). Cyber kill chain based threat taxonomy and its application on Cyber Common Operational Picture. 2018 International Conference On Cyber Situational Awareness, Data Analytics And Assessment (Cyber SA).

Graham, R., & Smith, K. (2020). Cybercrime and digital deviance. Routledge.

Rials, W. (2021). Top cybersecurity trends for 2021 and Beyond. Homeland Security Affairs: Pracademic Affairs.

Sailio, M., Latvala, O.-M., & Szanto, A. (2020). Cyber threat actors for the factory of the future. Applied Sciences, 10(12), 4334.

Tiberiu, G. M. (2021). A study on how the pandemic changed the Cybersecurity Landscape.Informatica Economica, 25(1/2021), 42–60.

Wall, D. S. (2017). Crime, security and information Communication Technologies: The changing cybersecurity threat landscape and its implications for regulation and policing. SSRN Electronic Journal.

Digital technologies develop rapidly and are implemented in a wide variety of fields constantly. As almost every aspect of everyday activities is related to modern technologies, controversial problems may occur. Individuals rely on digital devices to make purchases, store personal data, communicate, or find information. Businesses and organizations utilize modern technology to make financial transactions, maintain commercial activities, optimize operations, and work with big data. Governments and authorities also rely on digital technology as it is broadly utilized in such vital fields as the national economy, healthcare, and even defense. Therefore, the provision of cybersecurity became essential not only in the private sector but also on a national level. It may be critical to prevent cybersecurity breaches or data leaks to maintain the effective functioning of the government and ensure the sovereignty of the country.

As a response to rising security threats National Security Strategy (NSS) has been developed. It plays a considerable role in outlining the core principles and dimensions in which security and cybersecurity initiatives are implemented on a national level (Deitchman, 2019). The NSS is periodically developed by the government to address existing threats. Even though it may be an essential part of the basic activity functioning of any country, NSS frameworks may differ significantly as the global threat and cyber threat environment is not uniform. Some regions may suffer most from ransomware, whereas others view social engineering attacks as the primary threat. Therefore, the U.S. government periodically updates the NSS to address the relevant needs of the United States.

Nonetheless, it may not be possible to comprehensively address cybersecurity issues in a multi-level NSS that focuses on a wide variety of fields that are not related to cyberspace. Some other documents and protocols consider cybersecurity as an independent issue. For instance, according to the National Strategy to Secure Cyberspace (2003), the core strategic objectives are to “prevent cyberattacks against America’s critical infrastructures, reduce national vulnerability to cyberattacks, and minimize damage and recovery time from cyberattacks that do occur.” Even though these objectives may remain relevant, the concrete frameworks that are used to prevent cybercrime may become outdated. Technology develops rapidly, and hence, new, unprecedented cyber threats emerge. It may be necessary to develop a relevant national cybersecurity strategy annually to address existing threats. However, the National Strategy to Secure Cyberspace has introduced almost two decades ago and did not receive the necessary updates.

The role of the National Strategy to Secure Cyberspace is partially adopted by the NSS. The NSS is developed periodically, with the latest issue introduced in 2017. Therefore, it contains more relevant approaches to current threats in different fields, including cybersecurity. According to the U.S. National Security Strategy (2017), it is critical to improve cyber tools and expertise, as well as achieve higher integration and agility. However, even though the most recent NSS acknowledges cyberspace as an essential element of national security, the document does not provide sufficient and concrete frameworks that could be implemented to prevent cyber threats and mitigate related risks. At the same time, cyberspace becomes more and more important in terms of national security as it penetrates various vital fields, influencing political, economic, and social aspects of human life. Moreover, as new threats emerge, it may be critical to introduce response mechanisms that are adequate and effective.

Therefore, the NSS may not provide sufficient strategic guidance in terms of national cybersecurity. Even though it is the most recent document that considers various aspects of cyberspace through the prism of national security, its frameworks may not be relevant to the cyber threat environment in 2021. Covid-19 caused a dramatic change in the use of digital technology worldwide. As a consequence, cybercrime evolved alongside new technologies, introducing new challenges to security on both individual and national levels. Furthermore, new cyber threat actors will continue to appear, and the cybersecurity threat landscape will continue to change. It may not be possible to develop a comprehensive cybersecurity strategy that can remain relevant for several years (Tikk, 2018). Moreover, in the light of recent covid-related events, it may be challenging to sufficiently address cybersecurity issues within a unified NSS. Hence, it may be highly beneficial to introduce a separate cybersecurity strategy that should be published alongside the NSS. In addition to that, it may be critical to constantly analyze the cybersecurity threat landscape and update existing frameworks regularly to address the most relevant issues.

Public/Private Partnerships

As already mentioned, the cybersecurity threat landscape transforms as new actors emerge and new vulnerabilities are found. Therefore, introducing a timely response is a critical element of effective cybersecurity. To achieve that goal, sufficient information regarding the latest threats may be required. Vulnerabilities and particularly zero-day vulnerabilities may be discovered by organizations in the private or the public sector. However, the same exploit may result in a cybersecurity breach in other organizations if the information is not shared. Frameworks and regulations that maintain the interchange of cybersecurity information between organizations in both public and private sectors may contribute to significant improvements in national security (Kosseff, 2019). The Cybersecurity Act of 2015 aims at resolving communication-related issues as well as providing legal frameworks. However, diverse barriers still complicate data interchange and mitigate the potential benefits of a partnership between public and private organizations. Moreover, several ethical issues and privacy concerns may require further consideration. It may be rational to improve existing regulations to encourage public and private partnerships adequately.

Nonetheless, the Cybersecurity Act of 2015 contains valuable information regarding possible ways of maintaining such a partnership. According to Reffkin (2016), federal entities should regularly provide reports to inform the private sector about potential cyber threat indicators and related defensive mechanisms. In addition, diverse frameworks were introduced to provide the private sector with relevant data about the cyber threat landscape and recently developed cybersecurity measures. One of these frameworks can be represented by the National Cybersecurity and Communications Integration Center (NCCIC), which serves as a hub that promotes communication between cybersecurity stakeholders. Even though timely sharing of information is the key to improving cybersecurity, there are some legal limitations. First, shared data should not violate relevant legislation and regulations. Second, it is prohibited to share any information that contains the personal data of citizens and hence, violates privacy laws. Finally, the data should be masked to reduce the risks related to human error or insider attacks.

The Cybersecurity Act of 2015 also offers opportunities for the private sector to share relevant data for the common benefit. However, provided data should not violate any of the above-mentioned limitations and should not contain the personal information of users. It is critical only to collect information that can be used to build knowledge regarding potential cyber threats and improve cybersecurity in general. Therefore, several primary purposes of data sharing can be outlined. One of the main goals of data sharing is the prevention of threats and the reduction of related risks. Hence, it is essential to identify emerging threats and develop an appropriate response timely. Defensive mechanisms should rely on the latest technological advances and introduce a comprehensive approach to cybersecurity regardless of the origin of the targeted threat or threat actor. Another objective is conducting cybersecurity-related activities without violation of any existing laws. Several ethical issues and privacy concerns may make data sharing a challenging process, yet it is critical to address these issues and not violate citizen privacy.

Therefore, the private sector is not obliged to share any data with NCCIC, and cooperation is not mandatory. Furthermore, authorities should not limit an organization in any way if it refuses to provide such information. Such limitations are essential in terms of protecting personal data, securing classified information, and maintaining a free market. Mandatory data sharing could compromise the principles of fair competition and force private entities to leak valuable information related to their core business activities. Even though the Cybersecurity Act of 2015 explores the themes of privacy and personal data sharing, provided frameworks and limitations may not be sufficient. It may be vital to update the act to prohibit withholding any data that contains the private information of citizens (Deitchman, 2019). It may also be highly beneficial to refocus on identifying cybersecurity threats and mitigating consequential harm. Further development of frameworks should be conducted to encourage fruitful cooperation of private and public sectors without violation of privacy.

References

Deitchman, S. J. (2019). National security strategy for the future. Beyond the Thaw, 92–129.

Kosseff, J. (2019). Cybersecurity law (2nd ed.). John Wiley & Sons.

Reffkin, C. (2016). The Cybersecurity Act of 2015: Can we legislate effective data security? Overview of Cybersecurity Act of 2015 | Crowe LLP.

Tikk, E. (2018). National Cybersecurity legislation: Is there a magic formula?Cybersecurity Best Practices, 615–633.

White House. (2003). The National Strategy to Secure Cyberspace. White House communications agency Washington DC.

White House. (2017). National security strategy of the United States of America. Web.

Introduction

Public-private partnerships (PPPs) in the US have a long history of success. The first PPPs in the US were the power purchase agreements signed in the 1980s (Mirchandani & Jacobo, 2021). According to World Bank (2020a), a PPP can be defined as “a long-term contract between a private party and a government entity, for providing a public asset or service, in which the private party bears significant risk and management responsibility, and remuneration is linked to performance” (para. 1). PPPs should be distinguished from public contracts, such as concessions. In public contracts, the private sector provides the service directly to the public and bears all the associated end-user risks (World Bank, 2020a). In PPPs, unlike in public contracts, government agencies take full responsibility for the end product before the general public (World Bank, 2020a). The private party is responsible only for the portion of work it has completed for the public.

PPPs can be guided either by special laws or by general laws. According to World Bank (2021), there are several reasons a government may decide to enact a PPP law. They include giving priority to the process of procuring and developing PPP projects and establishing a clear institutional framework for managing PPPs (World Bank, 2021). The government can create a PPP law based on its judgment or utilize a set of recommendations provided by the World Bank (2021). In the US, there is no federal law that instructs the states on how to address PPPs (Mirchandani & Jacobo, 2021). Currently, almost every state has enacted a law that permits PPPs in social or transportation projects. However, some states still rely on common law to guide PPPs. The most common PPP projects in the US are the development of roads and related infrastructure, as well as building prisons, university housing, and school (Mirchandani & Jacobo, 2021). The changes in the election protocols due to the COVID-19 pandemic demonstrated that improvement is needed in government cybersecurity. The present paper aims at discussing PPPs in the sphere of election security.

Roles of the Private Actors in Election Cybersecurity

The use of PPP for cybersecurity has become imperative to address cybersecurity issues and prevent attacks that can lead to leakage or disruption of sensitive and valuable data. The private sector controls many critical systems that need to be protected and usually has more resources than the government (Germano, 2014). Private actors also have valuable expertise that can help to understand the peculiarities of malicious users and software critical to protecting government assets (Germano, 2014). At the same time, the government holds very specific information that can be used to fend off cyberattacks and mitigate their consequences. Moreover, government agencies, such as the National Security Agency (NSA), Defense Advanced Research Projects Agency (DARPA), Department of Defense (DoD), and Department of Homeland Security (DHS), have valuable knowledge about cybersecurity; however, since the agencies are responsible for very specific focus and do not address cybersecurity at large (Potter, 2019). PPPs can help to collaborate and line up against cybersecurity threats.

The role of the private actors in PPPs concerning election cybersecurity includes four critical aspects described below. These four roles are based on information and knowledge sharing with an emphasis on confidentiality and competitive concerns (Germano, 2014).

1. Sharing insights about peculiarities of threats. Private actors, such as cybersecurity companies, have information about details of the attacks on companies and specific knowledge about how to mitigate and prevent these attacks (Germano, 2014). This knowledge is usually a part trade secret, which is a source of competitive advantage (Potter, 2019). Sharing this information with the public parties can help them to understand how to better protect the election process without the risk of disclosing the information to other companies. However, this can be achieved only when a highly effective collaboration framework is enforced.
2. Analyzing information from the public sector. The private actors have developed a set of useful processes helpful for analyzing information about possible threats and using it to protect against cyber threats (Potter, 2019). Applying this expertise to the information gained from government agencies can help to extract valuable knowledge about the best strategies for protecting elections from attacks from malicious users. Additionally, private companies can help to stimulate coordination of all the acquired information.
3. Developing threat intelligence. The private sector developed several strategies of threat intelligence that may involve hacking into the offender’s system to understand how it works (Germano, 2014). Such an approach can help develop proactive strategies that prevent the loss, theft, or disruption of data; however, such strategies are illegal in the US (Germano, 2014). When guided by the US government, the private sector can create effective methods of threat intelligence without fear of breaking the law.
4. Conducting security assessment. Private parties can use all the gained knowledge and expertise to conduct security assessments of election networks (Erbach, 2020). Such expertise may lead to early detection of threats and vulnerabilities, which can compromise the security of elections. Mitigation of these threats and vulnerabilities is expected to improve election cybersecurity.

Benefits and Risks

The present section provides an overview of the possible benefits and risks of PPPs for both private and public parties. The risks of PPPs include:

1. Disclosure and Exposure. Without an established protocol that ensures the confidentiality of PPPs in cybersecurity, the private sector needs to tolerate the risk of disclosure of sensitive data about the vulnerabilities to third parties. Disclosure of such information may lead to negative press, regulatory scrutiny, and public relations (Germano, 2014). This risk is currently a significant barrier to the establishment of PPPs.
2. Loss of control. Private actors often prefer to retain control over the investigation of breaches to avoid unnecessary disclosure (Germano, 2014). Additionally, PPPs may mean granting absolute control over private computer systems and information within these systems. Companies need to feel secure to partner with the government effectively.
3. Increased cost. PPPs may be associated with increased costs for the government in comparison with traditional procurement projects (Rybnicek et al., 2020). Therefore, the government needs to establish control over costs and ensure that the increased use of funds is justified.
4. Limited scope. The private actors do only what they were paid to do, which implies that any work outside the signed contract will not be completed. Therefore, government agencies bear the risk of describing the incomplete scope of the partnership, which will lead to decreased effectiveness (World Bank, 2020b).

While the risks for both parties are considerable, numerous benefits of PPPs should be mentioned. Several benefits of PPPs are listed below:

1. Innovation. The introduction of private-sector technology into the public sector can spur innovation (World Bank, 2020b). As a result, the quality and effectiveness of cybersecurity of all government agencies may be improved.
2. Development of private sector capabilities. Exposure to knowledge and competencies of the public sector may help to improve the practices of private companies. Additionally, PPPs in the sphere of election cybersecurity can establish long-term relationships between the two sectors, which may mean stable money inflow from future PPPs (World Bank, 2020b).
3. Risk transfer. The government may transfer the risk of owning and managing assets that help to develop cybersecurity software and protocols to the private parties (World Bank, 2020b). As a result, the high cost of such partnerships may be offset by the decrease in risks.

Recommendations

The present section provides recommendations for private parties for companies to engage in before committing to participation in a PPP for cybersecurity.

1. Assess all the risks and benefits. Private actors need to understand all the risks and benefits of engaging in PPPs. As mentioned by Germano (2014), PPPs may be associated with significant risks of loss of control, disclosure of sensitive information, and exposure to unwanted legislative scrutiny, negative press, and public relations. Additionally, the companies may need to share strategically valuable information with a third party. Even though the third party is the government, private firms may still feel uncomfortable sharing information about the source of competitive advantage due to the lack of trust. Thus, the company needs to ensure that benefits surpass the risks to sustain a PPP contract regardless of the risks.
2. Learn the legal framework that regulates PPPs. Mirchandani and Jacobo (2021) state that regulatory frameworks differ from state to state, which implies that practices appropriate in one state may be inappropriate outside of it. Therefore, it is crucial to understand if the relationships between the private and public actors will be managed by a specific law or common law and how the law modifies the partnership between the two parties (World Bank, 2020a).
3. Assess the level of the company’s cybersecurity. Before uniting the networks with the government, the private companies need to assess their level of cybersecurity. National Institute of Standards and Technology (NIST, 2018) developed a comprehensive framework for network security. This network consists of five basic functions, including identifying, protecting, detecting, responding, and recovering (NIST, 2018). The framework includes a set of recommendations that can help to streamline the cybersecurity processes.
4. Review best practices in cybersecurity. Cybersecurity and Infrastructure Security Agency (CISA, 2019) developed a list of tips for election cybersecurity. These best practices should also be utilized by the companies attempting to partner with the public parties based on election cybersecurity. Recommendations include having a unified software and patch management system, network segmentation, log management, blocking suspicious activity, and employing effective credential management practices (CISA, 2019).

Summary

The present paper overview PPPs as a source of improving election cybersecurity. The research revealed that, in the US, states might have their own PPP laws or avoid having any specific regulations that guide PPPs. Regardless of the regulatory framework, private and public actors are exposed to significant risks. Private actors can face the risk of losing control and faces unwanted exposures and disclosures. The government may face the risk of increased cost and limited scope of the partnership. However, the risks are usually offset by the benefits of PPPs for both parties. Before engaging in a partnership with a public party, a private actor needs to ensure that it understands all the risks, benefits, and regulatory frameworks. Additionally, the company needs to assess the company’s cybersecurity practices and implement best practices applicable to cybersecurity.

References

Cybersecurity and Infrastructure Security Agency. (2019). Security Tip (ST19-002). Web.

Erbach, M. (2020). The role DHS can play in election security.FedTech. Web.

Germano, J. (2014). Cybersecurity partnerships: A new era of public-private collaboration. The Center on Law and Security. Web.

Mirchandani, D., & Jacobo, A. (2021). The public-private partnership law review: USA. The Law Reviews. Web.

National Institute of Standards and Technology. (2018). Framework for Improving Critical Infrastructure Cybersecurity. Web.

Potter, B. (2019). How public-private partnerships can support election security. Web.

Rybnicek, R., Plakolm, J., & Baumgartner, L. (2020). Risks in Public-Private Partnerships: A Systematic Literature Review of Risk Factors, Their Impact and Risk Mitigation Strategies.Public Performance & Management Review, 43(5), 1174-1208. Web.

World Bank. (2020a). What are Public-Private Partnerships? Web.

World Bank. (2020b). Government objectives: Benefits and risks of PPPs. Web.

World Bank. (2021). Public-Private Partnerships Laws / Concession Laws. Web.

Cybersecurity became more valuable over the years, affecting almost all spheres of human activity due to the increased importance of data and its protection against the undesirable accessibility to specific information. Referring to Seemms et al. (2018), cybersecurity is defined as a state of defense against cyberattacks with the help of internet-connected tools such as IT systems. Cybersecurity impacts the safety of a company’s valuable data, which should be stored with limited access without any external involvement due to confidentiality, privacy, or other reason. This system is essential primarily for governmental or military units and big enterprises due to the necessity for these parties to keep their data secret in private information, innovations, or knowledge (Seemms et al., 2018). Therefore, the company’s top management should pay increased attention to the cybersecurity issues and policies operated within the company.

How Cybersecurity Affects Modern Management and Leadership Strategies

Each failure of protecting private organizational information may provoke a scandal in public and decrease shareholders’ value due to the increased risk of the company’s failure in the market. Therefore, the company’s strategy should be modified according to cybersecurity importance and actual changes in the emerging virtual market. Leadership strategy may include educating and training employees to correctly deal with the risks of scams, such as the most common email frauds. In addition, the resource allocation within the company should include investments in cybersecurity development to protect the company’s property against attacks. The company may use online tools that may decrease the risk of data loss; for instance, ensuring the third parties’ credibility may prevent the problem.

Significant Risks Which Organizational Leadership Must Confront

Organizational management can face several risks that arise based on the lack of cybersecurity applied in the company’s system. Buchanan and Prasad (2019) outlined the main threats that the top management may face in cybersecurity issues. Firstly, organizational leadership should not undervalue the importance of cybersecurity since the risk of losing the data stored in the company’s database may harm the corporate reputation and trustworthiness.

Secondly, the cybersecurity system applied in the organization must meet the rapidly emerging IT industry, which means that the dynamic risk of new cyber-attacks should be expected to develop technologies further. Therefore, the company’s leadership should constantly evaluate the actual situation in the market and update their virtual security system according to those changes. Thirdly, the IT department or specialists responsible for the company’s protection in the cyber environment must be reliable and keep confidential and private corporate information regarding cybersecurity.

Yahoo Example of Cybersecurity Failure

In 2016 Yahoo company announced that in 2014 almost 500 million user accounts’ information was stolen due to the cyber attack, which was not prevented by the company’s cybersecurity system. This case provoked a big scandal because Yahoo knew about the possibility of the breach in advance of the actual attack. According to Whittler and Farris (2017), the company’s value was decreased by $1,5 million right after the announcement was publicly reported.

The failure of cybersecurity by the company’s leadership may result in “unauthorized access to sensitive, protected, or confidential data resulting in the compromise or potential compromise of confidentiality, integrity, and availability of the affected data” (Whittler & Farris, 2017, p.2). This case outlines the importance of the company’s cybersecurity awareness and its potential impact on further organizational performance. The company’s leadership must react immediately to the risks arising from the cyber environment, which threaten the security of the stored data, either corporate or customer’s private information.

References

Buchanan, W. J. & Prasad, A. R. (Eds.). (2019). Challenges in cybersecurity and privacy – the European research landscape. River Publisher. Web.

Seemms, P. S., Nandhini, S. & Sowmiya, M. (2018). Overview of cyber security. International Journal of Advanced Research in Computer and Communication Engineering, 7(11). Web.

Whittler, K. A. & Farris, P. W. (2017). The impact of cyber attacks on a brand’s image: Why proactive marketing expertise is needed for managing data breaches. Journal of Advertising Research, 57(1), 3-9. Web.

Information technology today plays a crucial role in everyday life. They occupy a unique position in our society and not only influence its economic and social institutions but are also the engine of global economic growth, penetrating into all areas of production activity and making it possible to build effective management systems. Therefore, there will be an increase in the volume of work performed, a reduction in design time and an increase in the quality of work through the use of technology in the next five years.

New technologies are the main driving force in addition to the existing world market forces. A few key components, including microprocessors, local networks, robotics, specialized workstations, sensors, programmable controllers, turned the concept of an automated enterprise into reality. However, at present, technology can also be a constraint: the lack of interoperability of automation tools makes its implementation irrational. This is due to the explosive expansion of IT, whereby product standardization has not kept pace with technical standards (Sagic et al., 2019). On the other hand, as a result of more active marketing activities and success in the dissemination of IT, the capture of a large market share by any company, its use becomes the standard for everyone else.

The Internet is an ideal source for information, as well as a great tool for communication and building your own business. In other words, the Internet provides great opportunities for a person, which, if used correctly, can benefit him. The main idea of ​​the Internet is the open dissemination of information, as well as the establishment of links between individuals. In the previous years, social networks have gained immense popularity allowing communication. Currently, voice assistants have emerged as alternative ways to communicate. In the next five years, this will turn the attention of companies to the use of new technologies in broader business areas in order to attract and retain customers as well as to enhance the operational processes.

At the moment, information technologies are widely used to improve the quality of education and medical care, as well as to develop the information and telecommunications structure. Even now, companies are able to combine all industries into one system and manage it with the help of modern information technologies. An important role is occupied by artificial intelligence and the Internet of things. The Internet of Things requires the processing of a large amount of information in real time. Devices connected to the network generate huge amounts of data that will need to be processed, analyzed, and stored (Kumar et al., 2020). Artificial intelligence and its subsection machine learning as a direction in science solve the problem of learning and thinking of a computer.

At the moment, there are several trends that characterize the state of information technology. The first of these is the presence of a large number of databases containing information on almost all types of activities of the company. Additionally, the creation of technologies that provide interactive access of an ordinary user to these information resources is highlighted. Thirdly, there is an increase in functionality and the creation of local, multifunctional problem-oriented information systems (Sagic et al., 2019). Moreover, there is an inclusion in information systems of various technological tools and specialized user interfaces for interacting with expert systems.

As the number of technologies increases, so does the volume of threats. Information security, in the broadest sense, is a set of means of protecting information from accidental or intentional exposure. Regardless of what underlies the impact, natural factors, or artificial causes, the owner of the information bears losses. An information threat is a potential impact or impact on an automated system with the subsequent infliction of loss on someone’s needs. The person who has committed an offense (gained unauthorized access to information, or security systems have been hacked) has the possibility of causing damage (Voropai et al., 2020). Internal threats can also be represented by incorrect work with hardware and software. Additionally, damage can be caused regardless of the subject possessing the information, but as a result of external factors and influences (man-made disasters, natural disasters).

Impacts of the data loss include loss of intellectual or proprietary information, costs, and many others. In order to mitigate the external risks, it is required to build and maintain a secure network and systems (installing firewalls to protect data). Additionally, to combat both external and internal risks, it is important to ​​regularly monitor and test networks (security audits, scans, alternate vendors). In order to mitigate the internal risks, it is important to ensure the network’s physical security and alarmed access.

In conclusion, in the context of the development of modern society, information technology deeply penetrates people’s lives. They very quickly turned into a vital stimulus for the development of not only the world economy but also other spheres of human activity. Now it is difficult to find an area in which information technology is not used. The speed of information exchange increases, and it becomes possible to carry out complex mathematical calculations in a few seconds and much more. Information technology is one of the modern ways of communication, the main advantages of which are public accessibility.

References

Kumar, A., Gupta, P. K., & Srivastava, A. (2020). A review of modern technologies for tackling COVID-19 pandemic.Diabetes & Metabolic Syndrome: Clinical Research & Reviews, 14(4), 569-573.

Sagic, Z., Dikovic, L., Trumbulovic, L., & Vujovic, S. (2019). Intellectual capital and leading information technology trends as components of a modern company development.Ekonomika Preduzeca, 67(3-4), 288-296.

Voropai, N. I., Kolosok, I. N., Korkina, E. S., & Osak, A. B. (2020). Issues of cybersecurity in electric power systems. Energy Systems Research, 3(10), 19-28.